ZoneMinder
/
zoneminder
mirror of https://github.com/ZoneMinder/zoneminder.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
19,782 Commits
32 Branches
93 Tags
157 MiB
Commit Graph

8342 Commits (5b29e018d0166c9fc46fd729b18a80b1c2016eff)

Author SHA1 Message Date
Isaac Connor 5b29e018d0 IN () being false could still result in a true result of used in an OR, so instead of just returning, use an always false sql equivalent 2022-10-18 15:45:44 -04:00
Isaac Connor 0e88c58e0c return empty array when passing empty as SQLvalue 2022-10-18 15:45:34 -04:00
Isaac Connor feec790d45 Turn off deprecation notices so that we work with php8.2 2022-10-17 17:43:09 -04:00
Isaac Connor 2fda0af85a Merge branch 'release-1.36' of github.com:ZoneMinder/zoneminder into release-1.36 2022-10-17 17:38:39 -04:00
Isaac Connor 38cbaff409 Use REQUEST instead of SESSION to store the post login redirect because we clear the session on login. Fixes #3517 2022-10-17 16:40:34 -04:00
Isaac Connor dda4b53347 quotes and spacing 2022-10-17 15:14:10 -04:00
Isaac Connor 0c8e419d42 Add setting remoteAddr in session after regenerating 2022-10-17 15:12:07 -04:00
Isaac Connor 5498c60391 Remove debug 2022-10-17 12:39:50 -04:00
Isaac Connor ef119e3ed4 Minor cleanup, remove dead code 2022-10-17 12:35:00 -04:00
Isaac Connor 96a2e6f6fb Put view in the form get part for visibility 2022-10-17 12:31:26 -04:00
Isaac Connor 4a98138ec4 Revert "add remoteaddr to session when regenerating" 
This reverts commit d97f94573c.
 2022-10-17 12:28:03 -04:00
Isaac Connor d97f94573c add remoteaddr to session when regenerating 2022-10-17 12:23:47 -04:00
Isaac Connor ca58b8fd60 Add debug, add validateId function to session handler. Change it to be a a subclass of SessionHandlerInterface so that we don't have to provide createId. Fixes session breakage in php8.2 2022-10-17 12:17:22 -04:00
Isaac Connor c21eb94fad remoteAddr is set when session is opened. So no need to do it in auth. session_clear closes the session so no need to close it first 2022-10-17 12:14:16 -04:00
Isaac Connor 8e29c5cd8b Move relevant code out of includes/actions/auth.php into includs/auth.php. Note that Google recaptcha is now incompatible with api. Fixes inability to login using GET method. 2022-10-13 16:31:23 -04:00
Isaac Connor 1264908aa3 when a config value is overridden via *.conf files, put up a warning/explanation. 2022-10-13 09:57:08 -04:00
Isaac Connor 1b311b4102 left align option value column 2022-10-13 09:56:30 -04:00
Isaac Connor c7eac3383a Fix form structure, use of get instead of post and duplicated action input 2022-10-13 09:08:41 -04:00
Isaac Connor 0071d3da40 Fix saving from the function modal. Put action in the post variables and change the action to save instead of function. 2022-10-12 21:23:58 -04:00
Isaac Connor 36ed68590d Test for definition of ZM_LOG_INJECT. We don't include the config when not logged in. So it won't be defined 2022-10-12 19:36:57 -04:00
Isaac Connor 600894682e Test for matches[operator]. Fixes #3607 2022-10-11 15:50:41 -04:00
megasaturnv c78edb387a Case insensitive login - Fix spacing ZoneMinder/zoneminder#3516 2022-10-11 10:56:10 -04:00
megasaturnv f9ecb5b1e2 Moved case-insensitive username checks to SQL 2022-10-11 10:51:58 -04:00
megasaturnv ac5be4ed35 Fix typo 2022-10-11 10:51:58 -04:00
megasaturnv 97a731f8b7 Renamed ZM_AUTH_CASE_INSENSITIVE_USERNAMES to ZM_CASE_INSENSITIVE_USERNAMES as name was too long ZoneMinder/zoneminder#3516 2022-10-11 10:51:58 -04:00
megasaturnv c9c692bac4 Added option ZM_AUTH_CASE_INSENSITIVE_USERNAMES to match mixed case usernames to lower case usernames in database ZoneMinder/zoneminder#3516 2022-10-11 10:51:58 -04:00
Isaac Connor 1569816f5e Check for definition of CAMBOZOLA defines. The purpose is just to easy running the 1.36 UI against a 1.37 database. 2022-10-11 10:23:10 -04:00
Isaac Connor 7c3daf9723 Fix eslint 2022-10-11 10:09:08 -04:00
Isaac Connor 4e5278882d use ajax() instead of getJSON so that we can specify no timeout. This prevents log queries from stacking up overloading the db 2022-10-11 10:04:55 -04:00
Isaac Connor 00f2b325b0 Just use the master version of ajax/log.php 2022-10-07 23:53:50 -04:00
Isaac Connor 25d85bddf0 Don't attach onclick to save button on stoage modal as it is a submit button 2022-10-07 15:57:34 -04:00
Isaac Connor 3f8352c256 update storage modal to fix buttons not being in form. Also remove duplicate view field and make button action be save instead of Save. Fixes #3605 2022-10-07 15:48:40 -04:00
Isaac Connor 7e78dadb91 Use canEdit['System'] and value of new ZM_LOG_INJECT to disable attempting to inject javascript errors into zm logs 2022-10-07 11:10:14 -04:00
Isaac Connor ef91e20532 Check value of System:Edit permission and ZM_LOG_INJECT to disable ajax log injection. 2022-10-07 11:09:59 -04:00
Pliable Pixels 5f8ca42d96 whoops fixed errant enum values I forgot to delete 2022-10-07 10:12:01 -04:00
Isaac Connor 38e45c6c3b Add permissions checking to API/Logs. Fixes unprivileged user being to add/edit/delete/view logs. 2022-10-06 16:56:24 -04:00
Isaac Connor 031fc072fb remove jquery-3.5.1 2022-10-04 11:41:10 -04:00
Isaac Connor 6895d4f952 Update jquery-ui to 1.13.2 2022-10-04 11:40:53 -04:00
Isaac Connor 71bcbbd121 Update jquery-ui to 1.13.2 2022-10-04 11:40:27 -04:00
Isaac Connor 0db076ac55 Upgrade jquery to 3.6.1 2022-10-04 11:38:55 -04:00
Isaac Connor 358467f426 Make form on console use post 2022-10-04 11:38:43 -04:00
Isaac Connor f8102b3cf0 save buttion is a submit button now, so doesn't need an onclick. Fix code setting action on delete. 2022-10-04 11:38:31 -04:00
Isaac Connor f704b2ec47 Switch to post instead of get in the groups form because we only do actions on post now. 2022-10-04 11:38:17 -04:00
Isaac Connor 3aa4310200 Only perform actions on post. Doing them on GET allows doing actions from things like img tags which is not good. 2022-10-04 11:38:03 -04:00
Isaac Connor e4a0d758d6 Fix group modal. Use post instead of get, properly populate the save submit button 2022-10-04 11:37:50 -04:00
Isaac Connor dbcfc8cb18 File must be escaped as well to prevent XSS 2022-09-30 09:59:09 -04:00
Isaac Connor 3bf1a1300e Only look for action if there is a view 2022-09-29 16:17:10 -04:00
Isaac Connor f2143dfbba Fix export not working for filter due to limit set to 0. 2022-09-29 16:15:20 -04:00
Isaac Connor d44a1ad175 Handle filter[query] not being defined 2022-09-29 16:15:11 -04:00
Pliable Pixels 121fab2f6a make OutputCodec work in API 2022-09-25 13:29:36 -04:00