Commit Graph

6541 Commits

Author SHA1 Message Date
Manojav Sridhar 11b90e6011 fix usage of wrong key 2017-02-17 12:37:58 -05:00
Andrew Bauer dc76a876a1 packpack rpm specfile - ensure Crud submodule folder is empty 2017-02-17 07:07:17 -06:00
Andrew Bauer 4809a5d7de patch packpack to remove "bebian" from the tarball filename 2017-02-16 15:59:43 -06:00
Isaac Connor 4792d21a68 use source format 1.0 2017-02-15 10:56:38 -05:00
Isaac Connor 2bf4b5ad1a use escapeshellarg on inputs to daemonControl and other functions where exec is called 2017-02-15 09:45:25 -05:00
Isaac Connor 1c5f5e9109 Merge pull request #1777 from vajonam/1776-fix-typo
fix typo for correct checking if a command has excuted for an event, …
2017-02-15 09:07:02 -05:00
Manojav Sridhar f0b2910647 fix typo for correct checking if a command has excuted for an event, prevents execution on every filter run 2017-02-15 08:10:50 -05:00
Steve Gilvarry 9dcbb8cf4d Merge pull request #1774 from michaelarnauts/docker-no-ssh
Remove SSH server from docker image
2017-02-14 21:40:45 +11:00
Michaël Arnauts c3da373b1b Disable SSH 2017-02-14 10:52:00 +01:00
Kyle Johnson bf94980516 Merge pull request #1773 from ZoneMinder/SteveGilvarry-patch-1
Add the missing F back in.
2017-02-13 08:15:16 -07:00
Steve Gilvarry bf99d132c7 Add the missing F back in. 2017-02-13 22:15:10 +11:00
Andrew Bauer 5201abd77d Merge pull request #1770 from ZoneMinder/undo_1590
remove line that causes endless reading when doing single image mode
2017-02-11 09:14:07 -06:00
Isaac Connor d5bb6f3210 remove line that causes endless reading when doing single image mode 2017-02-11 09:57:36 -05:00
Isaac Connor 9b7465b328 Merge pull request #1767 from knnniggett/preset_docs
add motion zone preset disclaimer
2017-02-10 09:43:11 -05:00
Andrew Bauer e680941568 add motion zone preset disclaimer 2017-02-10 08:30:13 -06:00
Andrew Bauer 91dd2105d2 rpmspecfile - use %{_sysconfdir} macro 2017-02-08 20:44:00 -06:00
Andrew Bauer bd4aea0385 rpm specfile - php requires was listed twice 2017-02-08 20:21:23 -06:00
Andrew Bauer 9c8c87f591 rpm specfile - require php-mysqli, bump to 1.30.2 2017-02-08 20:12:54 -06:00
SteveGilvarry b791504598 Wording of help text fixes 2017-02-06 08:01:04 +11:00
SteveGilvarry 9716c4ef89 Add Option help 2017-02-05 18:43:47 +11:00
SteveGilvarry c72704bf0b Change descriptions for ffmpeg methods and put TCP first. 2017-02-05 15:34:06 +11:00
Andrew Bauer 8feac1747d Merge pull request #1764 from ZoneMinder/vulerability-fixes
sql injection and session fixation vulerability fixes
2017-02-04 16:23:51 -06:00
Kyle Johnson 5804cd2462 Merge pull request #2 from connortechnology/fix_sql_injection
Sanitize input parameters
2017-02-04 15:05:54 -07:00
Andrew Bauer c5906a5d4f Merge pull request #6 from connortechnology/log_xss_fixes2
Log xss fixes2
2017-02-04 16:05:43 -06:00
Kyle Johnson 024dd54716 Merge pull request #7 from ZoneMinder/pdo-emulated-prepares
Tell PDO to use real prepared statements.
2017-02-04 15:05:25 -07:00
Kyle Johnson 6b3a53ec0f Tell PDO to use real prepared statements.
This makes sure the statement and the values aren't
parsed by PHP before sending it to the MySQL server.

See https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php
and https://secure.php.net/manual/en/pdo.setattribute.php
2017-02-04 14:59:33 -07:00
Isaac Connor 9135da92ed fix typo fileFields => filterFields 2017-01-31 21:33:43 -05:00
Isaac Connor 3437f23e8a Merge branch 'master' into fix_sql_injection 2017-01-28 14:33:49 -05:00
Isaac Connor 41dab0750e turn whatever gets output into html escaped html so that nothing gets revealed 2017-01-27 21:30:22 -05:00
Isaac Connor b5e995712e Merge branch 'master' of github.com:ConnorTechnology/ZoneMinder-Pro 2017-01-27 17:43:58 -05:00
Isaac Connor a8d1450adf Merge branch 'master' into fix_sql_injection 2017-01-27 17:18:34 -05:00
Kyle Johnson 746a096483 Merge branch 'master' of github.com:ZoneMinder/ZoneMinder 2017-01-27 15:16:33 -07:00
Isaac Connor c1e05753d6 Merge branch 'master' of github.com:ZoneMinder/ZoneMinder-Pro 2017-01-27 17:12:46 -05:00
Isaac Connor 9e9b1a3a35 Merge pull request #1758 from knnniggett/sanitize_image_path
sanitize the image path before processing
2017-01-27 09:41:54 -05:00
Isaac Connor 20f31ce804 Merge pull request #1759 from knnniggett/packpack_crud
check if crud plugin exists before unpacking
2017-01-27 09:37:05 -05:00
Andrew Bauer fbb8375a1a check if crud plugin exists before unpacking 2017-01-25 10:49:58 -06:00
Andrew Bauer dbd73690b2 use !== false rather than === true 2017-01-25 09:26:07 -06:00
Andrew Bauer 6189d2670c ZM_DIR_EVENTS can be, and often is, a symlink 2017-01-25 09:05:34 -06:00
Andrew Bauer 8b19fca992 sanitize the image path before processing 2017-01-25 08:30:19 -06:00
Andrew Bauer 13dc11bdf5 Merge pull request #1717 from connortechnology/fix_mmap_leak
must call zmMemInvalidate before next
2017-01-24 19:39:51 -06:00
Andrew Bauer af728388d0 Merge pull request #1734 from connortechnology/fix_1720
Fix 1720
2017-01-23 20:35:10 -06:00
Isaac Connor ab34127d62 bump version too 2017-01-16 21:31:45 -05:00
Isaac Connor 0e64ff9b24 Merge pull request #1754 from pliablepixels/1716-doc-img-typo
1716 doc img typo
2017-01-16 21:30:37 -05:00
Andrew Bauer 9fd52c231a remove packpack build files 2017-01-16 08:39:54 -06:00
Andrew Bauer 5833196a84 packpack - change error code handling 2017-01-16 08:36:46 -06:00
Andrew Bauer 000ba2300a packpack - initial support for debian distros 2017-01-15 20:43:03 -06:00
Pliable Pixels 0f3642adf4 added uncompressed xml 2017-01-15 21:40:25 -05:00
Andy Bauer 3882b74766 rpm specfile - el6 buildrequires epel-rpm-macros 2017-01-15 16:39:38 -06:00
Pliable Pixels d5d9a3a8e9 reminder message for website used to draw XML source images 2017-01-15 17:35:34 -05:00
Pliable Pixels 9bf83a409b fixed image type 2017-01-15 17:35:12 -05:00