Commit Graph

108 Commits

Author SHA1 Message Date
Andrew Bauer d38bae72ae integrate csrf-magic library 2017-03-18 20:12:06 -05:00
Andrew Bauer 7e0ac4b239 Merge pull request #1780 from connortechnology/fix_1775
use escapeshellarg on inputs to daemonControl and other functions
2017-03-16 09:27:04 -05:00
Andy Bauer 8759e2bdb4 prevent divide by zero, make error messages more descriptive 2017-02-21 13:10:41 -06:00
Andy Bauer 27ca8d8674 use === operator in getDiskPercent function 2017-02-21 12:33:05 -06:00
Isaac Connor 2bf4b5ad1a use escapeshellarg on inputs to daemonControl and other functions where exec is called 2017-02-15 09:45:25 -05:00
Kyle Johnson 746a096483 Merge branch 'master' of github.com:ZoneMinder/ZoneMinder 2017-01-27 15:16:33 -07:00
klemens 0d549f1db3 spelling fixes 2016-12-29 10:31:05 +01:00
Andy Bauer 254fcbcef7 update gpl 2 mailing address in source files 2016-12-26 09:23:16 -06:00
Isaac Connor 794043cbe9 On successful login, tell php to regenerate the session id 2016-12-14 15:06:18 -05:00
Isaac Connor 9312eed17f Merge branch 'master' into disk_space_in_events 2016-11-22 10:58:24 -05:00
Isaac Connor 8f71971209 Show error message upon unsuccessful login. Fixes #1648 (#1680)
* Add additional post-cmake files to .gitignore

* Add bootstrap 3.3.7

* Load bootstrap css

* Restyle login page, move recaptcha js to <head>

The way it was handled previously resulted in
invalid html, with an extra <head> tag being
inserteed inside the <body>.

* Update doctype to HTML5, add meta tags for mobile browsers

* Move inline Login css to css file

* Remove extra php tag in functions.php

* Show error message upon unsuccessful login.  Fixes #1648

 * Includes bootstrap glyphicons as they're used in the error message.
 * Failure check is done via a simple test in login.js.php and login.js.
   The 'view' param will only be set (to 'postlogin') if the login page
   has refreshed due to a failed login.  Otherwise you're directed to
   the console view.

* Only load bootstrap css in specific views.

Bootstrap was causing some styling conflicts with the legacy css.
As such only load bootstrap.css on pages which we have specifically
allowed, which would be pages that have been restyled and verified.

* Test for invalid login via session variable.

The previous method had cases where the error messsage was displayed
when it shouldn't have been, such as when specifying ?view=login

* Fix a few typos in login inputs

* Add new fonts directory to web CMakeLists
2016-11-14 21:24:43 -05:00
Andrew Bauer 49d8e35e56 Show available PATH_MAP percent on console (#1675)
* Add PATH_SWAP percent to console

* add changes to console.php

* use ZM_PATH_MAP instead of ZM_PATH_SWAP

* show the folder name PATH_MAP points to

* use a dash as the delimiter instead of fwd slash
2016-11-11 08:47:08 -05:00
Kyle Johnson 95d00f70a3 Test for invalid login via session variable.
The previous method had cases where the error messsage was displayed
when it shouldn't have been, such as when specifying ?view=login
2016-11-10 23:29:12 -07:00
Steve Gilvarry c78a543e8e Merge pull request #1475 from connortechnology/htmlselect
introduce htmlselect as an alternative to buildselect
2016-10-20 05:05:59 +11:00
Isaac Connor db8cada380 fix merge 2016-09-13 15:01:02 -04:00
Isaac Connor aa78b403a1 zmaControl can take an id #, so need to move the check for local server test down. 2016-08-02 12:33:41 -04:00
Isaac Connor cd43d1fa7a Rough in Event disk space reporting 2016-07-19 17:34:01 -04:00
Isaac Connor a8e407172a split out versus get functionality in includes/functions. Fix positioning of svg over image stream 2016-05-24 15:50:22 -04:00
Isaac Connor 89f58daf89 Merge branch 'master' into fix_zone_edit 2016-05-24 15:30:56 -04:00
Isaac Connor 1530096560 whitespace/google code style 2016-05-12 10:17:41 -04:00
Isaac Connor aba80f0935 introduce htmlselect as an alternative to buildselect 2016-05-12 09:43:37 -04:00
Isaac Connor be5f0cd4a9 replace OutputVideoStream and OutputImageStream with versions that return a string. Call getStreamHTML before we output the headers because we use streamMode and streamSrc in the header .js.php 2016-04-29 10:44:46 -04:00
Isaac Connor 5e20831030 Don't return of disk_free_space returns false, just log it. 2016-04-28 09:29:40 -04:00
Isaac Connor d847d66e99 handle disk_free_space error 2016-04-26 14:40:40 -04:00
Isaac Connor 851a81eff7 Merge pull request #1406 from ZoneMinder/svg_zones
replace the static zone image with a stream, and use SVG to draw the zones
2016-04-11 11:14:11 -04:00
Isaac Connor feb7b36f11 use a local variable to prevent modifying the arguments 2016-04-09 11:23:52 -04:00
Isaac Connor e90024c0d0 Better Error logging on disk_total_space failure 2016-04-09 09:27:12 -04:00
Isaac Connor 3056069f3f introduce getStreamHTML which returns the required HTML to give you a live image 2016-04-08 11:06:34 -04:00
Isaac Connor 711343a5cc fix ZM_SERVER_ID instead of ZM_SERVER 2016-04-04 16:34:21 -04:00
Isaac Connor 02eb36040a fix bad code 2016-04-04 12:01:37 -04:00
Laercio Motta ad912a6c6b Improve test multiserver restart camera. (FIX)
Check if the server is correctly before restart cam and multiserver is activate.
2016-03-31 09:45:13 -03:00
Laercio Motta 2f27818e5b Improve test multiserver restart cam.
Test if correct server from camera edit settings.
2016-03-31 09:23:01 -03:00
Isaac Connor 4520902dd2 use trim on values when saving. 2016-01-14 09:37:41 -05:00
Isaac Connor f72260733c Only do CORSHeaders if there is more than 1 server 2016-01-04 09:38:24 -05:00
Isaac Connor d256530896 return early if no servers are defined instead of logging a warning 2016-01-04 09:36:45 -05:00
Isaac Connor b8fb711593 only do CORS if Origin is set 2015-12-02 11:02:47 -05:00
Isaac Connor 62adb756a9 put back CORS validity checking code 2015-12-02 10:12:20 -05:00
Isaac Connor 3f8a45bbbb Add a function to setup CORS access headers 2015-12-02 10:05:03 -05:00
Andy Bauer 64299082ad Send login activity to the zoneminder event log 2015-08-17 17:54:17 -05:00
Isaac Connor fed6748c6d fixes to format date into zero padding and year as 2 digit 2015-02-06 13:00:55 -05:00
Isaac Connor dbac099223 we don't use EndTime so don't load it 2015-02-06 11:50:23 -05:00
Isaac Connor 9a1e210849 add comment 2015-02-06 11:46:35 -05:00
Isaac Connor 02a6c78182 make deleteEvent take either an event object or an eid.
load the relevant event data if passed an eid.
Use the StartTime to get to the event files instead of globbing the entire events path under the monitor.
2015-02-06 11:41:37 -05:00
Günter Grodotzki 8350ddac7c replace getLoad() / getDiskPercent() with PHP native functions 2015-01-03 19:22:19 +01:00
SteveGilvarry e87e69fa57 Ran script to replace all Short open tags 2014-12-05 10:44:23 +11:00
Isaac Connor bec58a6011 fixes WRT to db logging. I believe fixes issue #504 2014-09-26 14:43:58 -04:00
Andrew Bauer aa3803cb0b Update functions.php
A more efficient check for IE >= 11 than the previous commit
2014-09-13 09:47:22 -05:00
Andrew Bauer 91b99b97a5 Update functions.php
Add logic to detect the User Agent string from IE11 (and potentially newer).
2014-09-13 08:19:08 -05:00
Isaac Connor 5ae3cb8907 merge some security fixes from rogerroger288 2014-06-05 15:14:12 -04:00
Maciej Czerniak 50a9055601 fix sql error which prevents remote login from working 2014-04-13 09:54:11 +02:00