From 247cc1b4c53565a5e7676322a50535c6da62f385 Mon Sep 17 00:00:00 2001
From: AlexanderDCrane <40072887+AlexanderDCrane@users.noreply.github.com>
Date: Mon, 3 Jun 2019 10:59:27 -0600
Subject: [PATCH] Update click_to_call.php (#4247)

---
 app/click_to_call/click_to_call.php | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/app/click_to_call/click_to_call.php b/app/click_to_call/click_to_call.php
index bb8e465f66..7a953f7b97 100644
--- a/app/click_to_call/click_to_call.php
+++ b/app/click_to_call/click_to_call.php
@@ -176,16 +176,16 @@
 				//local extension (source) > external number (destination)
 				if (strlen($src) < 7 && strlen($dest_cid_number) == 0) {
 					//retrieve outbound caller id from the (source) extension
-					$sql = "select outbound_caller_id_name, outbound_caller_id_number from v_extensions where domain_uuid = '".$_SESSION['domain_uuid']."' and extension = '".$src."' ";
-					$prep_statement = $db->prepare(check_sql($sql));
-					$prep_statement->execute();
-					$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
+					$sql = "select outbound_caller_id_name, outbound_caller_id_number from v_extensions where domain_uuid = :domain_uuid and extension = :src ";
+					$parameters['domain_uuid'] = $_SESSION['domain_uuid'];
+					$parameters['src'] = $src;
+					$database = new database;
+					$result = $database->select($sql, $parameters, 'all');
 					foreach ($result as &$row) {
 						$dest_cid_name = $row["outbound_caller_id_name"];
 						$dest_cid_number = $row["outbound_caller_id_number"];
 						break; //limit to 1 row
 					}
-					unset ($prep_statement);
 				}
 				if (permission_exists('click_to_call_call')) {
 					if (strpbrk($dest, '@') != FALSE) { //sip-uri