Hi Issac,
That is definitely the change that is causing the problem with remembering the column settings.
After removing that change it is back to working properly.
It appears as if the new cookie property is not being utilized.
Should I file an issue in github to address the regression introduced by this change?
I think the fix is more complicated... I need user preferences, which I've started to rough in. So basically preferences that aren't in the session or global, but per-user, forever. So I can set the defaults appropriately.
So in short, I'm wokring towards it, I think the big break was the cookie lifetime being too short...
Hi everybody,
There were no errors during the 1.36.33 installation but trying to get into localhost/zm gives the following:
---------------
debugOn() ) { ob_start(); phpinfo(INFO_VARIABLES); ZM\Debug(ob_get_contents()); ob_end_clean(); } global $Servers; $Servers = ZM\Server::find(); if ( (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') or (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) and ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')) ) { $protocol = 'https'; } else { $protocol = 'http'; } define('ZM_BASE_PROTOCOL', $protocol); // Absolute URL's are unnecessary and break compatibility with reverse proxies // define( "ZM_BASE_URL", $protocol.'://'.$_SERVER['HTTP_HOST'] ); // Use relative URL's instead define('ZM_BASE_URL', ''); require_once('includes/functions.php'); if ( $_SERVER['REQUEST_METHOD'] == 'OPTIONS' ) { ZM\Debug('OPTIONS Method, only doing CORS'); # Add Cross domain access headers CORSHeaders(); return; } if ( isset($_GET['skin']) ) { $skin = $_GET['skin']; } else if ( isset($_COOKIE['zmSkin']) ) { $skin = $_COOKIE['zmSkin']; } else if ( defined('ZM_SKIN_DEFAULT') ) { $skin = ZM_SKIN_DEFAULT; } else { $skin = 'classic'; } if (!is_dir('skins/'.$skin) ) { $skins = array_map('basename', glob('skins/*', GLOB_ONLYDIR)); if ( !in_array($skin, $skins) ) { ZM\Error("Invalid skin '$skin' setting to ".$skins[0]); $skin = $skins[0]; } } global $css; if ( isset($_GET['css']) ) { $css = $_GET['css']; } else if ( isset($_COOKIE['zmCSS']) ) { $css = $_COOKIE['zmCSS']; } else if ( defined('ZM_CSS_DEFAULT') ) { $css = ZM_CSS_DEFAULT; } else { $css = 'classic'; } if (!is_dir("skins/$skin/css/$css")) { $css_skins = array_map('basename', glob('skins/'.$skin.'/css/*', GLOB_ONLYDIR)); if (count($css_skins)) { if (!in_array($css, $css_skins)) { ZM\Error("Invalid skin css '$css' setting to " . $css_skins[0]); $css = $css_skins[0]; } else { $css = ''; } } else { ZM\Error("No css options found at skins/$skin/css"); $css = ''; } } define('ZM_BASE_PATH', dirname($_SERVER['REQUEST_URI'])); define('ZM_SKIN_PATH', "skins/$skin"); define('ZM_SKIN_NAME', $skin); $skinBase = array(); // To allow for inheritance of skins if (!file_exists(ZM_SKIN_PATH)) ZM\Fatal("Invalid skin '$skin'"); $skinBase[] = $skin; zm_session_start(); if ( !isset($_SESSION['skin']) || isset($_REQUEST['skin']) || !isset($_COOKIE['zmSkin']) || ($_COOKIE['zmSkin'] != $skin) ) { $_SESSION['skin'] = $skin; zm_setcookie('zmSkin', $skin); } if ( !isset($_SESSION['css']) || isset($_REQUEST['css']) || !isset($_COOKIE['zmCSS']) || ($_COOKIE['zmCSS'] != $css) ) { $_SESSION['css'] = $css; zm_setcookie('zmCSS', $css); } # Add Cross domain access headers CORSHeaders(); // Check for valid content dirs if ( !is_writable(ZM_DIR_EVENTS) ) { ZM\Warning("Cannot write to event folder ".ZM_DIR_EVENTS.". Check that it exists and is owned by the web account user."); } # Globals # Running is global but only do the daemonCheck if it is actually needed $running = null; $action = null; $error_message = null; $redirect = null; $view = isset($_REQUEST['view']) ? detaintPath($_REQUEST['view']) : null; $user = null; $request = isset($_REQUEST['request']) ? detaintPath($_REQUEST['request']) : null; require_once('includes/auth.php'); # Only one request can open the session file at a time, so let's close the session here to improve concurrency. # Any file/page that sets session variables must re-open it. session_write_close(); require_once('includes/Storage.php'); require_once('includes/Event.php'); require_once('includes/Group.php'); require_once('includes/Monitor.php'); // lang references $user[Language] so must come after auth require_once('includes/lang.php'); foreach ( getSkinIncludes('skin.php') as $includeFile ) { require_once $includeFile; } if (isset($_POST['action'])) { # Actions can only be performed on POST because we don't check csrf on GETs. $action = detaintPath($_POST['action']); } else if (isset($_REQUEST['action']) and $_REQUEST['action']) { ZM\Error('actions can no longer be performed without POST. Requested: '.$_REQUEST['action']. ' for ' .$view); } # The only variable we really need to set is action. The others are informal. isset($view) || $view = NULL; isset($request) || $request = NULL; isset($action) || $action = NULL; if ( (!$view and !$request) or ($view == 'console') ) { check_timezone(); } ZM\Debug("View: $view Request: $request Action: $action User: " . ( isset($user) ? $user['Username'] : 'none' )); if ( ZM_ENABLE_CSRF_MAGIC && ( $action != 'login' ) && ( $view != 'view_video' ) && // only video no html ( $view != 'image' ) && // view=image doesn't return html, just image data. ( $request != 'control' ) && //( $view != 'frames' ) && // big html can overflow ob ( $view != 'archive' ) // returns data && ( (!isset($_SERVER['CONTENT_TYPE']) or ($_SERVER['CONTENT_TYPE'] != 'application/csp-report')) ) ) { require_once('includes/csrf/csrf-magic.php'); #ZM\Debug("Calling csrf_check with the following values: \$request = \"$request\", \$view = \"$view\", \$action = \"$action\""); csrf_check(); } # If I put this here, it protects all views and popups, but it has to go after actions.php because actions.php does the actual logging in. if ( ZM_OPT_USE_AUTH and (!isset($user)) and ($view != 'login') and ($view != 'none') ) { if ($request) { # requests only return json header('HTTP/1.1 401 Unauthorized'); exit; } $view = 'none'; $redirect = ZM_BASE_URL.$_SERVER['PHP_SELF'].'?view=login'; zm_session_start(); $_SESSION['postLoginQuery'] = $_SERVER['QUERY_STRING']; session_write_close(); } else if ( ZM_SHOW_PRIVACY && ($view != 'privacy') && ($view != 'options') && (!$request) && canEdit('System') ) { $view = 'none'; $redirect = ZM_BASE_URL.$_SERVER['PHP_SELF'].'?view=privacy'; $request = null; } # Need to include actions because it does auth if ( $action and $view and !$request ) { if ( file_exists('includes/actions/'.$view.'.php') ) { require_once('includes/actions/'.$view.'.php'); } else { ZM\Debug("No includes/actions/$view.php for action $action"); } } if ( isset($_REQUEST['redirect']) ) { $redirect = '?view='.detaintPath($_REQUEST['redirect']); } if ($redirect) { ZM\Debug("Redirecting to $redirect"); header('Location: '.$redirect); return; } if ( $request ) { foreach ( getSkinIncludes('ajax/'.$request.'.php', true, true) as $includeFile ) { if ( !file_exists($includeFile) ) ZM\Fatal("Request '$request' does not exist"); require_once $includeFile; } return; } # Add CSP Headers $cspNonce = bin2hex(zm_random_bytes(16)); if ( $includeFiles = getSkinIncludes('views/'.$view.'.php', true, true) ) { ob_start(); CSPHeaders($view, $cspNonce); foreach ( $includeFiles as $includeFile ) { if (!file_exists($includeFile)) ZM\Fatal("View '$view' does not exist"); require_once $includeFile; } // If the view overrides $view to 'error', and the user is not logged in, then the // issue is probably resolvable by logging in, so provide the opportunity to do so. // The login view should handle redirecting to the correct location afterward. if ( $view == 'error' && !isset($user) ) { $view = 'login'; foreach ( getSkinIncludes('views/login.php', true, true) as $includeFile ) require_once $includeFile; } while (ob_get_level() > 0) ob_end_flush(); } # end if include files for view // If the view is missing or the view still returned error with the user logged in, // then it is not recoverable. if ( !$includeFiles || $view == 'error' ) { foreach ( getSkinIncludes('views/error.php', true, true) as $includeFile ) require_once $includeFile; } ?>
---------------
Where to go next? Thanks in advance for help.
iconnor wrote: ↑Wed Apr 05, 2023 10:35 pm
You can if you want...
I think the fix is more complicated... I need user preferences, which I've started to rough in. So basically preferences that aren't in the session or global, but per-user, forever. So I can set the defaults appropriately.
So in short, I'm wokring towards it, I think the big break was the cookie lifetime being too short...
The problem is that the paging etc get remembered across different views and filters. The behaviour is not great. I suggest at least a shorter expiry, like 1 hour.
I am working towards implemented user preferences, where I can simply store the defaults for these and leave the paging out.
lightguy48 wrote: ↑Sun Mar 26, 2023 7:20 pm
I've been chasing this issue and also I'm noticing the same thing, all of the column settings and row number selections are getting lost.
It's frustrating to hear that both you and I are experiencing the same issue. Losing column settings and row number selections can be a significant inconvenience, especially when working with data. It's crucial for the platform or software to address this problem promptly to ensure a seamless user experience.Free Fire Name
JariR wrote: ↑Wed Mar 01, 2023 6:28 am
Upgraded yesterday to 1.36.33 and noticed that this version won't anymore remember earlier selected option for displayed rows per page on events listing. If I choose option to display "all" next time arrive to list page it has changed selection to smallest option "10".
same for me
solved with new .34 in proposed repo!
---------------------------------------------------------------------------
ZM 1.36.36 - 14 cameras on Orange Pi 5 (arm64) - Ubuntu Jammy 22.04
Hey man, it's awesome that you're keeping up with the latest updates for ZoneMinder. It's crucial to stay on top of those patches and fixes for security reasons, especially with those vulnerabilities being addressed. Make sure you update to version 1.36.33 ASAP to keep your system secure and running smoothly. And hey, if you ever need help or advice with anything tech-related, feel free to hit me up anytime, bro!