Isaac Connor
3d6cab8360
Must force hash regeneration on login. Old hash may be from different user
2019-09-28 17:57:45 -04:00
Isaac Connor
0c1635b3b8
Merge branch 'master' of github.com:ZoneMinder/zoneminder
2019-09-28 14:23:33 -04:00
Isaac Connor
393f0a369c
Revamp timeline. Make it handle being full browser width. remove onclicks.
2019-09-28 14:23:23 -04:00
Isaac Connor
c24fc6c21f
Set Delta to 0 to avoid errors
2019-09-28 14:10:11 -04:00
Isaac Connor
7a3134ae5e
Fix restart login in functions. Only start zmc if function is not None and start zma if it isn't None or NoDect. Even if disabled, we still run zma so that we can send it a signal to enable motion detection.
2019-09-28 10:26:50 -04:00
externo6
7479d3f1f1
Add LIKE and NOT LIKE to filter options
...
This is useful for filtering notes.
EG filtering detected objects from zmeventnofification;
WHERE notes LIKE %detect%
WHERE notes NOT LIKE %car%
2019-09-28 13:03:16 +01:00
Isaac Connor
b1bcfe8a9b
fix backtrace
2019-09-26 16:26:28 -04:00
Isaac Connor
555f3e9c0d
Fix missing semi colon in Content-Security-Policy-Report-Only
2019-09-26 13:52:27 -04:00
Isaac Connor
4deea4c6ab
code doc
2019-09-25 10:35:57 -04:00
Isaac Connor
fe893a4a01
Add report-uri to out Content-Security-Policy-Report-Only header
2019-09-25 10:16:02 -04:00
Isaac Connor
5c80e098c5
Only save Group changes if there were changes
2019-09-25 10:14:12 -04:00
Isaac Connor
475432449f
Add default values for Status record
2019-09-25 10:13:56 -04:00
Isaac Connor
d16d77d6b3
quotes and spacing
2019-09-23 12:39:24 -04:00
Isaac Connor
a05c513643
Revert change breaking multiport when servers not defined.
2019-09-23 12:03:19 -04:00
Isaac Connor
538478ff1c
Need to -1 on the dimensions when comparing to points as they are 0-based
2019-09-23 11:48:58 -04:00
Isaac Connor
1dd09923eb
Add special case for just rotating the monitor dimensions and add out of bounds check for zone points
2019-09-23 11:42:49 -04:00
Isaac Connor
23b3ae5783
Remove debug
2019-09-22 21:06:54 -04:00
Isaac Connor
4c3ea7125d
Add defaults to Frame
2019-09-22 14:21:59 -04:00
Isaac Connor
6d16363f07
Restore monitor defaults
2019-09-21 10:40:24 -04:00
Isaac Connor
308236b4ad
Fix sending ptz controls
2019-09-20 10:35:39 -04:00
Isaac Connor
0a0bb1b326
Update Frame and Server Objects to use common methods
2019-09-19 16:24:05 -04:00
Isaac Connor
1539e34204
spacing
2019-09-19 14:57:28 -04:00
Isaac Connor
daa9f646fb
fix error printing
2019-09-19 14:56:34 -04:00
Isaac Connor
b9b52c964e
Upgrade monitor saving and viewing
2019-09-19 14:56:16 -04:00
Isaac Connor
73a5a8c8c5
Improve changes/set/etc to handle more complex defaults
2019-09-19 14:55:45 -04:00
Isaac Connor
b41e998a3a
Remove Control stuff from Monitor
2019-09-19 14:55:27 -04:00
Isaac Connor
4c206c2e9a
Upgrade Control Object to extend ZM\Object. Add commands function from skin specific control functions
2019-09-19 14:55:17 -04:00
Isaac Connor
458268d866
Merge branch 'master' into update_monitor_saving
2019-09-18 11:40:09 -04:00
Isaac Connor
1407d849e8
deprecate getStreamSrc in functions.php.
2019-09-18 11:10:25 -04:00
Isaac Connor
e0074692d1
Remove debug
2019-09-17 12:07:30 -04:00
Isaac Connor
ad84736cb4
spacing
2019-09-17 12:07:24 -04:00
Isaac Connor
deefa0754d
Backtick the fields when updating Monitors
2019-09-16 10:53:06 -04:00
Isaac Connor
63db128edf
Merge branch 'master' of github.com:ZoneMinder/zoneminder
2019-09-15 17:54:29 -04:00
Isaac Connor
60cf4586da
Don't return a hostname when not in multi-server. Should prevent problems with reverse proxies
2019-09-15 17:54:23 -04:00
Isaac Connor
32a1ab58b5
remove use of userLogin which was removed recently
2019-09-15 12:19:35 -04:00
Isaac Connor
d5aa95e45f
cpplint fixes
2019-09-09 16:13:32 -04:00
Isaac Connor
8103156436
when deleting multiple events, each event has to be it's own transaction due to locking
2019-09-09 09:16:52 -04:00
Isaac Connor
056449590a
Update Monitor object, using Object methods for saving monitors
2019-09-08 12:26:11 -04:00
Isaac Connor
2993e52652
Fix auth timing out due to cookie timing out and getting deleted.
2019-09-04 12:14:32 -04:00
Isaac Connor
dde655950f
Use locking when deleting an event
2019-09-04 10:07:17 -04:00
Isaac Connor
26670c2df2
Add lock function to write lock an object
2019-09-04 10:07:08 -04:00
Isaac Connor
92bc1791f5
fix accidentally removed code
2019-09-03 11:33:13 -04:00
Isaac Connor
a384e978c8
don't load user from session if we have already gotten it from elsewhere
2019-09-03 11:19:42 -04:00
Isaac Connor
b84d005d8f
Load use from session when it exists
2019-09-03 10:54:34 -04:00
Isaac Connor
6b9e8bec69
Add logging of delete events
2019-08-29 11:26:32 -04:00
Isaac Connor
a4b057fa2b
Upgrade Event object to use the common Object methods. Add deleting files from Secondary storage
2019-08-29 11:25:37 -04:00
Isaac Connor
c80ef0e0ab
spacing
2019-08-28 12:20:03 -04:00
Isaac Connor
320bf823c5
Don't report errors when creating monitor symlink when it already exists
2019-08-28 09:18:33 -04:00
Isaac Connor
c482fa7d5d
Fix executing filter
2019-08-26 20:45:38 -04:00
Isaac Connor
f01bedb33e
Merge branch 'master' of github.com:ZoneMinder/zoneminder
2019-08-26 18:49:12 -04:00
Isaac Connor
231c9c3902
move executeFilter to Filter->execute. If no changes have been made, don't make a tempfilter.
2019-08-26 18:48:34 -04:00
Isaac Connor
82e8bde406
Fix SaveAs
2019-08-26 16:19:19 -04:00
Isaac Connor
7ef26275bc
use isset to get rid of warnings when eid is not in REQUEST
2019-08-20 10:28:19 -04:00
Isaac Connor
84492f29b1
Fix token auth sessions ( #2676 )
...
* If token is present do token based auth and do not do anything with session
* update HostController. Use config constants, don't use sessions
* Remove Session from the components list
* spacing
* Remove Session from App Components list.
* Move APIEnabled check to the api from auth.php
* Rework auth. login using username and password only occurs on login action now. Including auth.php should not touch the session. auth_hash logins no longer touch the session. replace userLogin with a function called validateUser which matches the semantics of validateToken.
* remove debugging
* Add session storage if stateful query param is on, but only for LEGACY_API_AUTH
* fix mUser to username, etc.
* shuffle lines
* use instead of session when generating auth hash.
* Add docs regarding the use of cookies and stateful query param
* Only open/close session if we are clearing a session var
* Use zm_session_start instead of session_start
* Should use zm_session_start instead of session_start
* document that zm_session_start should be called previously to session_regenerate_id
* Don't actually write out the session when generating auth hashes. Means they should never actually persist.
* More backticking of SQL
* add .. to fix #2686
* Use material icons for sort because they look nicer
* fix typo
* have to add authhash to session on login
* restore username&password login for all urls
* fix
* fixes
2019-08-20 09:46:53 -04:00
Isaac Connor
b344701dea
fixes
2019-08-19 12:15:58 -04:00
Isaac Connor
3b58da860f
fix
2019-08-19 12:08:41 -04:00
Isaac Connor
b1132087b8
restore username&password login for all urls
2019-08-19 12:07:38 -04:00
Isaac Connor
87e7ba0e50
have to add authhash to session on login
2019-08-19 11:38:56 -04:00
Isaac Connor
d39da61b66
Don't actually write out the session when generating auth hashes. Means they should never actually persist.
2019-08-16 15:27:24 -04:00
Isaac Connor
070b8066f2
document that zm_session_start should be called previously to session_regenerate_id
2019-08-16 15:08:35 -04:00
Isaac Connor
28155ebd90
Should use zm_session_start instead of session_start
2019-08-16 15:08:10 -04:00
Isaac Connor
660eddc69d
Only open/close session if we are clearing a session var
2019-08-16 15:06:56 -04:00
Isaac Connor
3475a11e15
use instead of session when generating auth hash.
2019-08-16 14:13:13 -04:00
Isaac Connor
51c7f0b73f
shuffle lines
2019-08-16 14:12:52 -04:00
Isaac Connor
fdb66aaa72
Merge branch 'master' into fix_token_auth_sessions
2019-08-15 16:22:09 -04:00
Isaac Connor
336f45219b
fix object caching
2019-08-15 16:04:56 -04:00
Isaac Connor
68052368f7
use backticks on table and column names. Use data-on-change-this in group dropdown
2019-08-15 16:04:37 -04:00
Isaac Connor
f09941ed48
timezone errors shouldn't be fatal
2019-08-15 15:16:02 -04:00
Isaac Connor
618e6816ef
Rework auth. login using username and password only occurs on login action now. Including auth.php should not touch the session. auth_hash logins no longer touch the session. replace userLogin with a function called validateUser which matches the semantics of validateToken.
2019-08-15 14:59:15 -04:00
Isaac Connor
0ec6e8d635
Merge branch 'master' into fix_token_auth_sessions
2019-08-15 12:05:07 -04:00
Isaac Connor
4140d51e9f
database.php cleanup. remove dbFetchMonitor and dbFetchGroup. Their usage has been replaced with the Object::find_one usage. Also more quoting of table and colume names to fix #2659
2019-08-13 11:45:50 -04:00
Isaac Connor
4922861d1d
Merge branch 'master' into fix_token_auth_sessions
2019-08-12 13:59:11 -04:00
Isaac Connor
5f77634aca
Update Group object to use shared code in Object.php. Should fix #2659
2019-08-08 13:51:56 -04:00
Isaac Connor
702cb65d2a
Merge branch 'storageareas'
2019-08-08 13:38:36 -04:00
Isaac Connor
df285006d2
change sortHeader to include eid if it is in the request
2019-08-08 13:34:10 -04:00
Isaac Connor
a9de537e01
Merge branch 'master' into storageareas
2019-08-08 09:27:27 -04:00
Isaac Connor
1892528679
quotes
2019-08-08 09:26:15 -04:00
Isaac Connor
5b0509e000
When invalid operator terms, use print_r on the term instead of just the operator
2019-08-08 09:26:00 -04:00
Isaac Connor
3a142df14f
Only send zmdc.pl commands for filters to running servers
2019-08-07 15:51:01 -04:00
Isaac Connor
fb7ab993b5
Have to include the --daemon param when telling zmdc.pl what to do with zmfilter.pl
2019-08-07 15:34:30 -04:00
Isaac Connor
d4b59211cd
Merge branch 'master' into storageareas
2019-08-07 11:21:19 -04:00
Isaac Connor
962049fa31
Merge branch 'master' into filter_add_copy
2019-08-06 20:17:21 -04:00
Isaac Connor
7e6b0058d2
Update Zone buttons. Fix double submit. Fixes #2671
2019-08-02 08:04:38 -04:00
Isaac Connor
6a425b6988
If token is present do token based auth and do not do anything with session
2019-08-01 10:02:31 -04:00
Isaac Connor
7f19831e0c
Use isset when testing for existence of authash in session
2019-07-29 14:54:55 -04:00
Isaac Connor
45afc2a534
introduce array_recursive_diff which we use to compare two arrays in Object::changes
2019-07-24 11:24:37 -04:00
Isaac Connor
e3a9d5d488
Rewrite changes to run through the keys of the passed in new values array, and handle object methods as well as basic values
2019-07-24 11:24:14 -04:00
Isaac Connor
341f4adbdf
Functions that change the Query must reset Query_json as well
2019-07-24 11:23:38 -04:00
Isaac Connor
58851d23d2
Add Secondary Storage support to the Event object
2019-07-24 11:22:55 -04:00
Isaac Connor
9b6dedb35d
Update Filter saving action to use object set/save etc
2019-07-23 09:58:28 -04:00
Isaac Connor
35ec60ca03
Change Storage object to extend ZM_Object
2019-07-23 09:58:05 -04:00
Isaac Connor
7c52f8a4ae
Fixes and add Objects_Indexed_By_Id
2019-07-23 09:57:44 -04:00
Isaac Connor
b05aff1d5d
Update Filter Object to extend ZM_Object. Rename Query to Query_json and implement a Query function to parse Query_json
2019-07-23 09:57:16 -04:00
Isaac Connor
fe71a9abaa
php_errormsg is deprecated
2019-07-19 16:32:40 -04:00
Isaac Connor
d244aadee6
Fix #2655
2019-07-08 14:27:49 -04:00
Isaac Connor
b84e3499f4
Implement code to auto-load monitor status info if not already loaded. Check for Connected instead of Capturing in watch to display warning message
2019-07-07 17:25:49 -04:00
Isaac Connor
a28f17653f
Add DecoderHWAccel fields to Monitor
2019-06-25 15:34:45 -04:00
Isaac Connor
6ed0074077
End continuous events on alarm ( #2644 )
...
* Reference /run/zm instead of /var/run/zm because systemd-tmpfiles complains about it
* Spacing, google code style and tabs to spaces
* add update script to add MinSectionLength
* Add min_section_length to enforce a minimum event length when closing continuous events on alarm
2019-06-24 11:29:00 -04:00
Isaac Connor
38bcdbbffe
ONly close session if we opened it in generateAuthHash, only try to validate auth hash if it is set in the session
2019-06-21 18:04:39 -04:00
Isaac Connor
60618d5998
Fix hour subtraction in getAuthUser to actually subtract an hour
2019-06-21 11:45:33 -04:00
Isaac Connor
3bae7a5432
spaces and parenthesis
2019-06-20 13:28:12 -04:00
Tom Hodder
1336c03f97
WIP: Add pagination to frames.php in classic ( #2618 )
...
* add pagination to the frames.php results
* remove commented code, fix view all paging
* removing debugging logging statements
* default frames paging to on
2019-06-16 12:02:00 -04:00
Pliable Pixels
98bf7800b0
remove a password log, corrected PHP version in log ( #2627 )
...
* remove a password log, corrected PHP version in log
* PHP version correction
2019-06-16 11:59:48 -04:00
Isaac Connor
08cc4e0383
add null value to set() function
2019-06-05 10:22:20 -04:00
Isaac Connor
5346f82de9
Fix unable to login when ZM_AUTH_RELAY != hashed and fix setting the password in session when ZM_AUTH_RELAY==plain
2019-06-05 09:23:34 -04:00
Isaac Connor
4b9b2015cb
write a note why regnerateAuthHash doesn't work when saving config
2019-06-04 16:30:57 -04:00
Isaac Connor
cc269378cf
regenerate auth_hash in session because we might have changed an auth hash setting
2019-06-04 16:27:25 -04:00
Isaac Connor
168aa35461
force regeneration of auth_hash on login. Fix failed auth_hash verification not logging you out by returning null instead of false. Update session with new auth_hash when forcing regeneration
2019-06-04 16:26:29 -04:00
Isaac Connor
eaa1939f6b
comment out debug lines
2019-05-31 10:35:54 -04:00
Isaac Connor
274737d1b1
Fix moocord to mocord.
2019-05-31 10:35:18 -04:00
Isaac Connor
b0869a0b13
spaces and quotes
2019-05-31 10:34:53 -04:00
Isaac Connor
75ec4818a6
WHen saving a monitor, only start zmc and zma if appropriate
2019-05-31 10:15:02 -04:00
Isaac Connor
ba96f0709c
fix saving user using password_hash
2019-05-30 09:58:54 -04:00
Isaac Connor
628760d5b9
Spacing and braces cleanup from asker's code
2019-05-29 10:29:03 -04:00
Isaac Connor
c4d76f03c9
Introduce ZM_PATH_SHUTDOWN to cmake config
2019-05-27 12:09:32 -04:00
Isaac Connor
4765b9d936
Don't generate php errors when returned row doesn't have the specified column
2019-05-24 14:52:04 -04:00
Isaac Connor
1ddd5b1f74
Merge branch 'master' of github.com:ZoneMinder/zoneminder
2019-05-24 13:56:30 -04:00
Isaac Connor
34400419e8
Add shutdown capability ( #2575 )
...
* Add Config for showing a system shutdown/restart option
* Add a translation for Shutdown
* add a shutdown power button to the navbar
* but the shutdown icon in a navbar-txt
* set width and height of shutdown window
* Add instructions for enabling the web user to run shutdown
* add the shutdown view and actions
2019-05-24 13:53:24 -04:00
Pliable Pixels
fc27393a96
Replace MySQL Password() with bcrypt, allow for alternate JWT tokens ( #2598 )
...
* added sha1 and bcrypt submodules
* added bcrypt and sha to src build process
* added test sha1 and bcrypt code to validate working
* bcrypt auth migration in PHP land
* added include path
* add sha source
* added bcrypt to others
* put link_dir ahead of add_executable
* fixed typo
* try add_library instead
* absolute path
* absolute path
* build bcrypt as static
* move to wrapper
* move to fork
* logs tweak
* added lib-ssl/dev for JWT signing
* Moved to openSSL SHA1, initial JWT plugin
* removed vog
* fixed SHA1 algo
* typo
* use php-jwt, use proper way to add PHP modules, via composer
* fixed module path
* first attempt to fix cast error
* own fork
* own fork
* add composer vendor directory
* go back to jwt-cpp as PR merged
* moved to jwt-cpp after PR merge
* New token= query for JWT
* Add JWT token creation, move old code to a different function for future deprecation, simplified code for ZM_XX parameter reading
* JWT integration, validate JWT token via validateToken
* added token validation to zms/zmu/zmuser
* add token to command line for zmu
* move decode inside try/catch
* exception handling for try/catch
* fix db read, forgot to exec query
* remove allowing auth_hash_ip for token
* support refresh tokens as well for increased security
* remove auth_hash_ip
* Error out if used did not create an AUTH_HASH_SECRET
* fixed type conversion
* make sure refresh token login doesn't generate another refresh token
* fix absolute path
* move JWT/Bcrypt inside zm_crypt
* move sha headers out
* move out sha header
* handle case when supplied password is hashed, fix wrong params in AppController
* initial baby step for api tab
* initial plumbing to introduce token expiry and API bans per user
* remove M typo
* display user table in api
* added revoke all tokens code, removed test code
* use strtoul for conversion
* use strtoul for conversion
* use strtoul for conversion
* more fixes
* more fixes
* add mintokenexpiry to DB seek
* typo
* add ability to revoke tokens and enable/disable APIs per user
* moved API enable back to system
* comma
* enable API options only if API enabled
* move user creation to bcrypt
* added password_compat for PHP >=5.3 <5.5
* add Password back so User object indexes don't change
* move token index after adding password
* demote logs
* make old API auth optional, on by default
* make old API auth mechanism optional
* removed stale code
* forgot to checkin update file
* bulk overlay hash mysql encoded passwords
* add back ssl_dev, got deleted
* fix update script
* added token support to index.php
* reworked API document for new changes in 2.0
* Migrate from libdigest to crypt-eks-blowfish due to notice
* merge typo
* css classess for text that disappear
* fixed html typo
* added deps to ubuntu control files
* spaces
* removed extra line
* when regenerating using refresh tokens, username needs to be derived from the refresh token, as no session would exist
* add libssl1.0.0 for ubuntu 16/12
* small API fixes
* clean up of API, remove redundant sections
* moved to ZM fork for bcrypt
* whitespace and google code style
* regenerate auth hash if doing password migration
* dont need AUTH HASH LOGIN to be on
* Add auth hash verification to the user logged in already case
* fix missing ]
* reject requests if per user API disabled
2019-05-24 13:48:40 -04:00
Isaac Connor
729dee5dda
Merge branch 'master' into storageareas
2019-05-24 10:06:14 -04:00
Isaac Connor
db9ba7eeab
Add StartDateTime and EndDateTime as Sort options. Fixes #2614
2019-05-24 10:02:15 -04:00
Isaac Connor
f9004443cf
Merge branch 'master' into storageareas
2019-05-24 09:37:03 -04:00
Isaac Connor
843a9a6630
Merge branch 'pliablepixels-crypt-replacement3' into storageareas
2019-05-24 09:36:54 -04:00
Isaac Connor
2fc7b3cf4d
Don't allow deleting of in-progress recording
2019-05-24 09:31:48 -04:00
Isaac Connor
aa1264f4d2
fix missing ]
2019-05-23 16:26:40 -04:00
Isaac Connor
4466ef13fd
Merge branch 'pliablepixels-crypt-replacement3' into storageareas
2019-05-23 15:21:58 -04:00
Isaac Connor
7559c975e3
Merge branch 'crypt-replacement' of https://github.com/pliablepixels/ZoneMinder into pliablepixels-crypt-replacement3
2019-05-23 15:15:52 -04:00
Isaac Connor
883688a72d
Add auth hash verification to the user logged in already case
2019-05-23 15:15:37 -04:00
Pliable Pixels
57708c016c
dont need AUTH HASH LOGIN to be on
2019-05-23 14:59:21 -04:00
Isaac Connor
d5120f7506
regenerate auth hash if doing password migration
2019-05-23 14:30:45 -04:00
Isaac Connor
bc9116dd94
whitespace and google code style
2019-05-23 14:27:17 -04:00
Isaac Connor
2ce2381269
Merge branch 'crypt-replacement' of https://github.com/pliablepixels/ZoneMinder into pliablepixels-crypt-replacement
2019-05-19 08:45:42 -04:00
Pliable Pixels
8e1037458a
when regenerating using refresh tokens, username needs to be derived from the refresh token, as no session would exist
2019-05-18 11:23:16 -04:00
Isaac Connor
93aeceecfc
Merge branch 'crypt-replacement' of https://github.com/pliablepixels/ZoneMinder into pliablepixels-crypt-replacement
2019-05-17 10:18:15 -04:00
Pliable Pixels
95460a945a
added token support to index.php
2019-05-14 19:22:49 -04:00
Pliable Pixels
e9f843f297
bulk overlay hash mysql encoded passwords
2019-05-13 14:29:24 -04:00
Pliable Pixels
adb01c4d0e
added password_compat for PHP >=5.3 <5.5
2019-05-12 13:57:25 -04:00
Pliable Pixels
d7dbaf52d4
move user creation to bcrypt
2019-05-12 13:01:29 -04:00
Pliable Pixels
a9d601e5ae
add ability to revoke tokens and enable/disable APIs per user
2019-05-12 10:56:17 -04:00
Pliable Pixels
ae14be916c
initial plumbing to introduce token expiry and API bans per user
2019-05-11 13:39:40 -04:00
Pliable Pixels
95b448abdd
handle case when supplied password is hashed, fix wrong params in AppController
2019-05-10 11:25:55 -04:00
Pliable Pixels
f9730bb46b
remove auth_hash_ip
2019-05-08 14:07:48 -04:00
Pliable Pixels
bc050fe330
support refresh tokens as well for increased security
2019-05-08 13:38:42 -04:00
Pliable Pixels
b293592e4c
added token validation to zms/zmu/zmuser
2019-05-08 10:55:32 -04:00
Pliable Pixels
e8f79f3254
JWT integration, validate JWT token via validateToken
2019-05-07 15:04:51 -04:00
Isaac Connor
5fe565b99d
spacing
2019-05-06 10:49:18 -04:00
Pliable Pixels
ca3f65deef
go back to jwt-cpp as PR merged
2019-05-05 14:32:09 -04:00
Pliable Pixels
a55a11dad1
first attempt to fix cast error
2019-05-05 11:24:55 -04:00
Pliable Pixels
8d62c61b7a
fixed module path
2019-05-05 07:50:52 -04:00
Pliable Pixels
725c3c50ed
use php-jwt, use proper way to add PHP modules, via composer
2019-05-05 07:08:25 -04:00