mirror/zoneminder
1
0
Fork 0
mirror of https://github.com/ZoneMinder/zoneminder.git synced 2026-03-30 11:42:22 -04:00
Code Issues Packages Projects Releases Wiki Activity
23,200 Commits 80 Branches 104 Tags
39b2014c2dfff956382d931663fcd9dbe34582ba
Commit Graph

10027 Commits

Author SHA1 Message Date
Isaac Connor
39b2014c2d Prevent XSS from COOKIE poisoning 2024-01-25 19:31:28 -05:00
Isaac Connor
b1aeb319f7 Prevent XSS from COOKIE poisoning 2024-01-25 19:27:18 -05:00
Isaac Connor
35396aad55 Prevent XSS from COOKIE poisoning 2024-01-25 19:25:15 -05:00
Isaac Connor
d8f36e4ef9 Prevent XSS from COOKIE poisoning 2024-01-25 19:23:28 -05:00
Isaac Connor
bf32bd6926 Prevent XSS throu mids 2024-01-25 19:12:37 -05:00
Isaac Connor
f1a26b90b6 Prevent against CSS in dupId 2024-01-25 19:05:59 -05:00
Isaac Connor
bc1fb8eef2 Protect against XSS from User field 2024-01-25 19:04:15 -05:00
Isaac Connor
9505910847 Prevent XSS via uid and prev 2024-01-25 19:01:44 -05:00
Isaac Connor
59b77df7f1 Prevent XSS through scale parameter 2024-01-25 18:57:01 -05:00
Isaac Connor
6f595385d7 Protect filter loading from injection 2024-01-25 18:56:42 -05:00
Isaac Connor
d45b05ec8a XSS protect from server id and storage id 2024-01-25 18:50:35 -05:00
Isaac Connor
bac2705051 XSS protect from monitor id and name 2024-01-25 18:49:22 -05:00
Isaac Connor
c138984fc9 XSS prevent on sort_asc and eid. Still need to protect filter 2024-01-25 18:48:39 -05:00
Isaac Connor
b5757a2d05 Use validCardinal on Id's cuz we don't trust the db or Object 2024-01-25 18:38:44 -05:00
Isaac Connor
559d6edc70 Don't apply timezone when formatting datetimes 2024-01-25 11:57:29 -05:00
Isaac Connor
cfd8e3418e Don't apply timezone when formatting datetimes 2024-01-25 11:57:19 -05:00
Isaac Connor
ee13034384 Use validInt on DefaultScale coming from Monitor object. Database shouldn't be trusted either. 2024-01-25 11:24:13 -05:00
Isaac Connor
5a498878b8 Protect mid with validCardinal. Return early if it is invalid or monitor is not found 2024-01-24 19:28:59 -05:00
Isaac Connor
914f7e0ae2 APply validCardinal to sid so that arrays don't get passed to new Server() which then prevents XSS 2024-01-24 19:25:15 -05:00
Isaac Connor
9669f1e3ef Sanitize entity before outputting it preventing XSS 2024-01-24 19:22:47 -05:00
Isaac Connor
f62f1529f5 Try to prevent XSS by verifying valid image data 2024-01-24 19:18:22 -05:00
Isaac Connor
0fb71e35f2 Add luxor.js and use it to format datetimes 2024-01-24 16:10:20 -05:00
Isaac Connor
fb8b4af3f8 Revert "Remove unneeded bootstrap classes" 
This reverts commit 00f52704a5.
 2024-01-24 13:17:52 -05:00
Isaac Connor
00f52704a5 Remove unneeded bootstrap classes 2024-01-24 13:00:31 -05:00
Isaac Connor
1255ae4bc7 Change Tags to be concated and add GROUP BY to fix SQL. Populate event object with db row instead of reloading by Id. Remove datetime formatting as it is screwing up and formatting should happen in js 2024-01-24 13:00:31 -05:00
Isaac Connor
8ca1436224 If img has a fix width set, clear it when we change scale 2024-01-24 12:54:13 -05:00
Isaac Connor
6ba09c6f0d Finish switch to using Intervals instead of Timeouts 2024-01-24 09:28:12 -05:00
Isaac Connor
ceb81e13d6 Quiet warning about MonitorIds not exisitng in newGroup array when no MonitorIds are selected for that group 2024-01-23 16:14:21 -05:00
Isaac Connor
1ffc10ca83 Add recursive adding of monitors from children groups 2024-01-23 16:13:33 -05:00
Isaac Connor
3d2fa3172f Fix im => i. Typo in variable name. 2024-01-22 15:41:00 -05:00
Isaac Connor
bd90711aa6 Use an interval instead of calling Timeout from callback 2024-01-22 14:25:57 -05:00
Isaac Connor
ad168ca23a Allow monitor creation if Monitors()==Create 2024-01-22 14:25:57 -05:00
Isaac Connor
552069cd64 Makes zones view use getBodyTopHTML so that it display error messages. Rename deleteBtn to action. 2024-01-21 11:31:44 -05:00
Isaac Connor
4df4f5146a Log error_message if set 2024-01-21 11:31:06 -05:00
Isaac Connor
580aefdfee Handle the deleteBtn having an id instead of name == deleteBtn 2024-01-21 11:30:49 -05:00
Isaac Connor
da700a621a Make EventStartCommand and EventEndCOmmand wider 2024-01-21 11:30:25 -05:00
Isaac Connor
e47fd8f661 Recamp zones actions, adding a redirect after finishing deletion and fixing CanEdit=>canEdit 2024-01-21 11:30:01 -05:00
Isaac Connor
0d6e7bc082 Add debugging to editableMonitor and handle when permission is set to Create. 2024-01-21 11:28:34 -05:00
Isaac Connor
4d1ffb258a Merge branch 'master' of github.com:ZoneMinder/zoneminder 2024-01-18 14:17:02 -05:00
Isaac Connor
69383316aa If the video file doesn't exist, don't try ffmpeg etc and log all those errors. 2024-01-18 13:16:22 -05:00
Isaac Connor
c26548d182 Alert any returned error messages when deleting events 2024-01-18 13:15:59 -05:00
Isaac Connor
ef926f4437 Return an array of string error messages instead of an array of arrays of arrays in deleting events. 2024-01-18 13:15:25 -05:00
Isaac Connor
04239c128c Fix regular expression search of Source 2024-01-18 12:44:55 -05:00
Isaac Connor
adc784e767 Move maxfit2 to montage_common.js. Clean it up and apply strict 2024-01-17 17:04:49 -05:00
Isaac Connor
ceb60dd606 Remove unused compSize 2024-01-17 16:54:49 -05:00
Isaac Connor
422dda62dc Remove important from navbar colour so that it is easier to override 2024-01-17 10:23:17 -05:00
Isaac Connor
839ef9ce67 Add a Component filter to logs 2024-01-16 16:35:52 -05:00
Isaac Connor
6812f2efe7 Fix eslint 2024-01-16 09:56:28 -05:00
Isaac Connor
1ab66b10b1 Don't assume findByEventidAndType actually returns a frame. If we are only recoridng, then there will be no alarm frames in the db 2024-01-16 09:50:19 -05:00
Isaac Connor
ebadc7a07b GIve default user the create permission 2024-01-14 08:41:12 -05:00