Update RtspServer cmake_minimum_required from 3.5 to 3.10 and set
CMP0077 policy to NEW before adding CxxUrl subdirectory to suppress
developer warnings.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
While we were waiting for Media Stream activity, the video stream may have already stopped. In this case, we should not assign the mediaStream to the video stream, as this may lead to subsequent analysis issues.
Browsers throttle setInterval timers for hidden/background tabs, so the
periodic getNavBar() calls that update auth_hash may not run while the
tab is hidden. When the tab becomes visible again and monitors restart,
the stale auth hash causes all zms streams to fail authentication.
Fetch a fresh auth hash from the server before starting any monitors
on visibility change and after dismissing the idle timeout modal.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add a 'Default Sort' button to the console table toolbar that resets
sorting to Sequence/asc and clears sort cookies. Also add
data-show-advanced-search="false" to prevent the toolbar extension
from rendering an unwanted advanced search button.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
When two packets have the same DTS (common with B-frames near
keyframes), bumping by last_duration overshoots and causes a cascading
misalignment where every subsequent packet triggers a "non increasing
dts" warning with a growing gap. The comment already said "add 1" but
the code used last_duration.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
ready_count only considered warmup_count and pre_event_count, but
openEvent walks back max(pre_event_count, alarm_frame_count) frames.
When pre_event_count=0 and alarm_frame_count=2, analysis started before
the queue had enough packets, causing spurious "Hit end of packetqueue
before satisfying pre_event_count" warnings.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
When ControlAddress does not contain authentication info, fall back
to Monitor->ONVIF_Username/ONVIF_Password, then Monitor->User/Pass.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
When accessing ZoneMinder through port forwarding, API requests were
made without the forwarded port, causing NS_ERROR_NET_TIMEOUT. The
url(), urlToZMS(), urlToJanus(), and urlToApi() methods now fall back
to this.Port then location.port when no explicit port is passed.
fixes#4675
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The table used justify-content:center on a flex container, which caused
the wide table to overflow equally left and right. The left overflow was
inaccessible since scroll positions can't be negative. Changed to
display:block and set bootstrap-table's fixed-table-body and
fixed-table-container to overflow:visible so horizontal scrolling is
handled by #inner-content, placing the scrollbar at the bottom of the
visible viewport.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add ZM_OPT_USE_REMEMBER_ME config option (auth section, requires
ZM_OPT_USE_AUTH) that controls whether a Remember Me checkbox appears
on the login form. When enabled and unchecked, the session cookie
lifetime is set to 0 so the browser discards it on close, logging the
user out. When checked, the session persists for ZM_COOKIE_LIFETIME.
When the option is disabled, behavior is unchanged.
- ConfigData.pm.in: new ZM_OPT_USE_REMEMBER_ME boolean option
- login.php: checkbox between password field and reCAPTCHA/submit
- session.php: use lifetime=0 when remember me is off
- actions/login.php: set/clear ZM_REMEMBER_ME cookie on login, also
update $_COOKIE so zm_session_start sees it in the same request
- auth.php: clear ZM_REMEMBER_ME cookie on logout
- en_gb.php: add RememberMe translation string
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Revert accidental Users.RoleId FK change from CASCADE back to SET NULL
- Remove System != 'None' gate in beforeFilter; any authenticated user
can manage their own notifications, per-row ownership checks suffice
- Add allowMethod('post', 'put') guard to edit() for consistent REST behavior
- Change PushState validation from allowEmpty to required=false
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- UserId is now DEFAULT NULL instead of NOT NULL
- FK changed to ON DELETE SET NULL (keep token if user deleted)
- Removed auth guard from add() — no-auth mode stores NULL UserId
- No-auth mode already treated as admin by _isAdmin(), so scoping
works correctly (sees all tokens)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add FOREIGN KEY on UserId -> Users.Id with ON DELETE CASCADE
(both in fresh schema and migration)
- Reject push token registration when auth is disabled
(UserId would be null, violating NOT NULL constraint)
- Add $belongsTo association to User in Notification model
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add Notifications table to fresh-install schema (zm_create.sql.in) and
create idempotent migration (zm_update-1.39.2.sql) for existing installs.
The table stores FCM push notification tokens so zm_detect can send
push notifications directly.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
11-task plan covering DB schema, CakePHP API, pyzm model, and
zm_detect push sender across three repos.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
When using Janus live streaming, MonitorStream.js assigns to undeclared variables (stream, audioElement) inside onremotetrack(). In strict mode this causes "ReferenceError: stream is not defined" and breaks playback. This change declares stream/audioElement with let, fixing Janus live video/audio playback.
Isaac Connor
Isaac Connor
IgorA100
Simpler1
Anatoliy Korovkin
Pliable Pixels