ZoneMinder Forums

Posted: **Fri Mar 18, 2011 2:41 pm**

First...I have a working 1.24.2 ZM install.
I routinely watch the montage for activities going on around my house. I want to build my own status page that also includes motion sensors, temperature, etc. I want to include streaming outputs from ZM. I can go get the camera URLs from the existing montage page source, but it includes the token from when I authenticated.
I see the ZM_AUTH_HASH_SECRET setting in the options, but don't see any examples on how to use it.

Here is a URL for a camera
https://www.mysite.com/cgi-bin/nph-zms? ... 1300412345

Any thoughts on what I need to do to use the hash secret I already set?
I'll probably write my status page in PHP, if that helps.

Thanks
Scott

Posted: **Fri Mar 18, 2011 4:12 pm**

The secret is used in the generation of the authentication. If you look in web/includes/functions.php you will find this example of how it is used.

Code: Select all

function generateAuthHash( $useRemoteAddr )
{
    if ( ZM_OPT_USE_AUTH && ZM_AUTH_RELAY == "hashed" )
    {
        $time = localtime();
        if ( $useRemoteAddr )
        {
            $authKey = ZM_AUTH_HASH_SECRET.$_SESSION['username'].$_SESSION['passwordHash'].$_SESSION['remoteAddr'].$time[2].$time[3].$time[4].$time[5];
        }
        else
        {
            $authKey = ZM_AUTH_HASH_SECRET.$_SESSION['username'].$_SESSION['passwordHash'].$time[2].$time[3].$time[4].$time[5];
        }
        $auth = md5( $authKey );
    }
    else
    {
        $auth = "";
    }
    return( $auth );
}

You can either use this function directly or create something similar if you want to generate hashes. The hash should be generated each time you initiate an access as it is time keyed. If you are doing it from a static page you will probably need to hard code your password hash from whatever is stored in the ZM DB.

ZoneMinder Forums

Examples of using ZM_AUTH_HASH_SECRET

Examples of using ZM_AUTH_HASH_SECRET

Re: Examples of using ZM_AUTH_HASH_SECRET