ZaneYork
/
zoneminder
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
12,425 Commits 20 Branches 69 Tags 131 MiB
Commit Graph

12425 Commits

Author SHA1 Message Date
Isaac Connor b04b67c39d Fix CSP violation in the onclick of the monitor view in montagereview 2019-02-06 12:17:10 -05:00
Isaac Connor 6744a9a116 Make montagereview more robust when the storage area of an event has been deleted. Add the onmouse events using javascript instead of in the html canvas element so that our CSP policy works. 2019-02-06 11:46:55 -05:00
Isaac Connor edaf582eb4 Make montagereview more robust when the storage area of an event has been deleted. Add the onmouse events using javascript instead of in the html canvas element so that our CSP policy works. 2019-02-06 11:46:48 -05:00
Isaac Connor 8e62c93f5f add to_json function to Storage. 2019-02-06 11:44:36 -05:00
Isaac Connor dca9a81cfd implement data-on-click-true 2019-02-05 16:45:05 -05:00
Isaac Connor a40cd144fa Merge branch 'master' of github.com:ZoneMinder/ZoneMinder 2019-02-05 12:35:15 -05:00
Isaac Connor c54fe7e89a fix state actions 2019-02-05 12:35:06 -05:00
Steve Gilvarry cab77d7c17
Merge pull request #2488 from connortechnology/update_version_view 
Update version view
 2019-02-02 15:46:59 +11:00
Isaac Connor a2e04c307d update buttons. reduce duplicated code. Make it so that users with System=View can at least see if there is an update. 2019-01-31 09:40:19 -05:00
Isaac Connor 604dbf8776 fix state changing/etc 2019-01-30 14:36:46 -05:00
Isaac Connor d310fd0d88 Merge branch 'master' of github.com:ZoneMinder/ZoneMinder 2019-01-25 09:22:14 -05:00
Isaac Connor 7ea8be3fa8 spacing, remove non html5 elements 2019-01-25 09:22:08 -05:00
Steve Gilvarry 9956eae70a
Merge pull request #2483 from connortechnology/fix_user_auth_memleak 
Now that we are dynamically allocating safer_username and safer_passw…
 2019-01-26 01:14:18 +11:00
Isaac Connor 6d7660cdbd Now that we are dynamically allocating safer_username and safer_password, need to free them. Also, don't strlen them multiple times for efficiency 2019-01-25 08:46:40 -05:00
Matt N 8c5687ca30 Fix name/protocol XSS in controlcaps.php. Fixes #2445 (#2479) 2019-01-25 08:35:07 -05:00
Matt N fd6179d7c8 Enforce CSP on many more views (#2480) 2019-01-25 08:34:29 -05:00
Steve Gilvarry a81e7c5221 Safer_username and safer_login should be based on the username and login (#2482) 
(lengths * 2)+1. Control input lengths at user input
 2019-01-25 08:33:30 -05:00
Andrew Bauer 99a6db3994
Merge pull request #2481 from mnoorenberghe/2444 
Fix zones.php self-xss. Fixes #2444
 2019-01-25 07:15:08 -06:00
Matthew Noorenberghe a3e8fd4fd5 Fix zones.php self-xss. Fixes #2444 2019-01-24 23:40:41 -08:00
Andrew Bauer 03590226ac
Merge pull request #2439 from mnoorenberghe/plugin_xss 
Plugin.php: XSS and directory traversal fixes; Enable CSP script-src
 2019-01-24 07:32:57 -06:00
Matthew Noorenberghe 47d8c9b066 plugin.php: Remove undefined onclick function reference and enforce CSP 
Also fix tag closing.
 2019-01-23 19:47:58 -08:00
Matthew Noorenberghe 59cc65411f plugin.php: Fix XSS and directory traversal bugs. Fixes #2436 
This view seems like dead code so maybe it should be removed instead.
 2019-01-23 19:41:38 -08:00
Isaac Connor e53678f869 Can't use a normal subsitution on the Order by field. So parse the sort param instead 2019-01-23 12:22:00 -05:00
Isaac Connor 8d92375d41 Merge branch 'master' of github.com:ZoneMinder/ZoneMinder 2019-01-23 11:31:10 -05:00
Isaac Connor 6eb4d7ae27
Filter improvements (#2438) 
* Put back code to close the popup when view is none

* clean up and reduce depth of some logic

* Increase width of user popup

* fix code style

* Make execute_filter work on a filter Id instead of name

* rework logic to reduce code depth. Change view to events to display the results of execute.

* Change the redirect to stay on the new view.  When redirecting from executing a filter, it was redirecting to filter.

* Set a form action for correctness. Change execute button to a button instead of a submit. Stay on the filter view when executing
 2019-01-23 11:30:51 -05:00
Isaac Connor b1cc7bf837 fix code style 2019-01-23 11:20:31 -05:00
Isaac Connor b9584bb5d2 Increase width of user popup 2019-01-23 11:18:46 -05:00
Isaac Connor 58d3583722 clean up and reduce depth of some logic 2019-01-23 11:18:30 -05:00
montagdude 4da95369f9 Fix zone area calculation (#2437) 
Previous method resulted in bogus zone areas (in the range of
1000s of % of frame area) when entering points with the keyboard, even
after applying commit 4937a68650. This
change implements the method here:

http://mathworld.wolfram.com/PolygonArea.html

It has been tested on ZoneMinder 1.32.3 and works correctly when
either entering coordinates with the keyboard or dragging points with
the mouse.
 2019-01-23 10:35:18 -05:00
Isaac Connor 124be4eee6 Put back code to close the popup when view is none 2019-01-23 10:18:57 -05:00
Isaac Connor e60e3666d5 Fix comment 2019-01-22 10:53:53 -05:00
Isaac Connor 2914fb1d58 Update to html5, remove code to close popup (as it is taken care of in skin.js now. Use cache_bust on skin.js 2019-01-22 09:15:25 -05:00
Isaac Connor e712cedbde spacing and quotes 2019-01-22 09:14:44 -05:00
Isaac Connor ae703c45ee Set closePopup=true so that we don't need code in the none view to close the popup. The common code in skin.js will take care of it. 2019-01-22 09:14:33 -05:00
Matt N 0619a4a161 Validate cnj, obr, and cbr arguments in parseFilter (#2434) 2019-01-22 08:03:25 -05:00
Matt N e7e45b2d95 Remove jQuery use from top-level event listeners in skin.js since view=none doesn't have $j (#2433) 2019-01-22 08:00:39 -05:00
Isaac Connor a81428f701 add a test for a 0 fps passed in to updateFrameRate which would cause an infinite loop. Fixes #2427 2019-01-21 13:30:00 -05:00
Isaac Connor 189e78b42d add comments and a test for zm_terminate in the checkCommandQueue while loop 2019-01-21 13:29:20 -05:00
Isaac Connor 83a652aade add comments and a test for zm_terminate in the checkCommandQueue while loop 2019-01-21 13:29:14 -05:00
Isaac Connor 9f588d5758 prevent returning infinity from GetFPS 2019-01-21 13:00:10 -05:00
Isaac Connor 785c208ecf Fixes #2426. Ca should have been endTime 2019-01-21 12:01:46 -05:00
Isaac Connor 326ac60ae4 add missing braces to fix logic 2019-01-21 11:20:56 -05:00
Isaac Connor a2d4dc974b Merge branch 'master' of github.com:ZoneMinder/ZoneMinder 2019-01-21 11:19:07 -05:00
Isaac Connor e663397816 spacing 2019-01-21 11:17:21 -05:00
Isaac Connor c6311b7079 When logging in, stay on the login view 2019-01-21 11:17:09 -05:00
Isaac Connor fbc236128e add a function to format a time into a duration. Can't use date() because 0 doesn't give us 00:00:00 it gives 19:00:00 2019-01-21 11:16:14 -05:00
Isaac Connor b24b930f65 After login go to postlogin, not console. the login view is in a popup so we want to close 2019-01-21 11:15:36 -05:00
Matt N 19c272061a Replace MooTools usage for adding window event listeners (#2429) 2019-01-21 11:14:32 -05:00
Matt N 27bcf3f994 Upgrade jQuery version (#2430) 
* Upgrade jQuery to 1.12.4

* Upgrade jQuery to 2.2.4; Stop support for IE8

* 2.2.4 is compatible with 1.12.4
* This fixes a CSP violation on every page load due to jQuery testing of focusin support with a hidden element.
 2019-01-21 11:13:40 -05:00
Matt N f0b33145f5 Log CSP violations in ZM logs in supported browsers (#2431) 2019-01-21 11:12:17 -05:00