ZoneMinder
/
zoneminder
mirror of https://github.com/ZoneMinder/zoneminder.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
23,250 Commits
33 Branches
94 Tags
171 MiB
Commit Graph

23250 Commits (revert-3817-database-certificate-verification)

Author SHA1 Message Date
Isaac Connor 39b2014c2d Prevent XSS from COOKIE poisoning 2024-01-25 19:31:28 -05:00
Isaac Connor b1aeb319f7 Prevent XSS from COOKIE poisoning 2024-01-25 19:27:18 -05:00
Isaac Connor 35396aad55 Prevent XSS from COOKIE poisoning 2024-01-25 19:25:15 -05:00
Isaac Connor d8f36e4ef9 Prevent XSS from COOKIE poisoning 2024-01-25 19:23:28 -05:00
Isaac Connor bf32bd6926 Prevent XSS throu mids 2024-01-25 19:12:37 -05:00
Isaac Connor f1a26b90b6 Prevent against CSS in dupId 2024-01-25 19:05:59 -05:00
Isaac Connor bc1fb8eef2 Protect against XSS from User field 2024-01-25 19:04:15 -05:00
Isaac Connor 9505910847 Prevent XSS via uid and prev 2024-01-25 19:01:44 -05:00
Isaac Connor 59b77df7f1 Prevent XSS through scale parameter 2024-01-25 18:57:01 -05:00
Isaac Connor 6f595385d7 Protect filter loading from injection 2024-01-25 18:56:42 -05:00
Isaac Connor d45b05ec8a XSS protect from server id and storage id 2024-01-25 18:50:35 -05:00
Isaac Connor bac2705051 XSS protect from monitor id and name 2024-01-25 18:49:22 -05:00
Isaac Connor c138984fc9 XSS prevent on sort_asc and eid. Still need to protect filter 2024-01-25 18:48:39 -05:00
Isaac Connor b5757a2d05 Use validCardinal on Id's cuz we don't trust the db or Object 2024-01-25 18:38:44 -05:00
Isaac Connor 559d6edc70 Don't apply timezone when formatting datetimes 2024-01-25 11:57:29 -05:00
Isaac Connor cfd8e3418e Don't apply timezone when formatting datetimes 2024-01-25 11:57:19 -05:00
Isaac Connor ee13034384 Use validInt on DefaultScale coming from Monitor object. Database shouldn't be trusted either. 2024-01-25 11:24:13 -05:00
Isaac Connor 5a498878b8 Protect mid with validCardinal. Return early if it is invalid or monitor is not found 2024-01-24 19:28:59 -05:00
Isaac Connor 914f7e0ae2 APply validCardinal to sid so that arrays don't get passed to new Server() which then prevents XSS 2024-01-24 19:25:15 -05:00
Isaac Connor 9669f1e3ef Sanitize entity before outputting it preventing XSS 2024-01-24 19:22:47 -05:00
Isaac Connor f62f1529f5 Try to prevent XSS by verifying valid image data 2024-01-24 19:18:22 -05:00
Charlie Root dbb8a942d9 Only require URI::Encode if having attachments 2024-01-24 14:27:38 -08:00
Charlie Root bb8fccea26 Only require Date::Manip if using strtotime 2024-01-24 14:22:27 -08:00
Charlie Root cfb3bfbfee Add ICRealTime camera 2024-01-24 14:22:27 -08:00
Isaac Connor 0fb71e35f2 Add luxor.js and use it to format datetimes 2024-01-24 16:10:20 -05:00
Isaac Connor fb8b4af3f8 Revert "Remove unneeded bootstrap classes" 
This reverts commit 00f52704a5.
 2024-01-24 13:17:52 -05:00
Isaac Connor 219d0b6eba When recording = onmotion, end event after post alarm count instead of section_length. 2024-01-24 13:00:31 -05:00
Isaac Connor 00f52704a5 Remove unneeded bootstrap classes 2024-01-24 13:00:31 -05:00
Isaac Connor 1255ae4bc7 Change Tags to be concated and add GROUP BY to fix SQL. Populate event object with db row instead of reloading by Id. Remove datetime formatting as it is screwing up and formatting should happen in js 2024-01-24 13:00:31 -05:00
Isaac Connor 8ca1436224 If img has a fix width set, clear it when we change scale 2024-01-24 12:54:13 -05:00
Isaac Connor 6ba09c6f0d Finish switch to using Intervals instead of Timeouts 2024-01-24 09:28:12 -05:00
Isaac Connor 75f71e1a7e Fix memory leak in Config when reloading it after HUP 2024-01-23 16:56:51 -05:00
Isaac Connor 403c63af9b Use Duration instead of timestamp % section_length. Shorter code and actually works. Fixes #3806 2024-01-23 16:39:43 -05:00
Isaac Connor ceb81e13d6 Quiet warning about MonitorIds not exisitng in newGroup array when no MonitorIds are selected for that group 2024-01-23 16:14:21 -05:00
Isaac Connor 1ffc10ca83 Add recursive adding of monitors from children groups 2024-01-23 16:13:33 -05:00
Isaac Connor f1aa08971f group->Name needs a c_str 2024-01-23 16:12:56 -05:00
Isaac Connor 6c4569924c include zm_group.h for group_permission 2024-01-23 16:12:36 -05:00
Isaac Connor c59bd43460 Use new Group.MonitorIds() function to do the heavy lifting in LoadMonitorIds 2024-01-23 16:12:05 -05:00
Isaac Connor aaa55b9776 Improve debug logging when failed to connect to db, and provide reason when fail to run query 2024-01-23 16:11:44 -05:00
Isaac Connor 8b0d77c41f Fix complains by cpplint. Switch to std::string for name. Add MonitorIds function which will recursively load monitors Ids from children groups. 2024-01-23 16:11:15 -05:00
Isaac Connor 01a49657c9 Merge branch 'master' of github.com:ZoneMinder/zoneminder 2024-01-23 09:55:39 -05:00
Isaac Connor 819225bfe8 Prevent command injection in zmupdate.pl through use of --dir 2024-01-23 09:55:32 -05:00
Isaac Connor 5cc7ca28e5 Log a failure to init curl 2024-01-22 18:59:02 -05:00
Isaac Connor 3d2fa3172f Fix im => i. Typo in variable name. 2024-01-22 15:41:00 -05:00
Isaac Connor bd90711aa6 Use an interval instead of calling Timeout from callback 2024-01-22 14:25:57 -05:00
Isaac Connor ad168ca23a Allow monitor creation if Monitors()==Create 2024-01-22 14:25:57 -05:00
Isaac Connor d81b98da25 Set cause = LINKED_CAUSE regardless of whether we are in an event, as we may be ending an idle event to start a new one. Use MonitorLinkExpression.result to get score from the expression instead of just using 20. Imrpove logic around close events to prevent them from lasting too long 2024-01-22 14:25:57 -05:00
Isaac Connor 44862adb8a Implement MonitorLinkExpression::result so that we can return the score as well as simply a boolean value. 2024-01-22 14:25:57 -05:00
Isaac Connor 8c33c8ca2a Restore initial sleep, make Infos into Debugs. Add debugging for sleep behaviour and honour zm_terminate when trying to reconnect to db. 2024-01-22 14:25:57 -05:00
Isaac Connor 13e00e8152
Merge pull request #3804 from schabau/revert-1-schabau-patch-1 
Debian error message
 2024-01-22 14:14:00 -05:00