From 65d1a77f7f98fa166487ad56a04faabbe5ce868e Mon Sep 17 00:00:00 2001 From: Alexey Melnichuk Date: Tue, 25 Aug 2015 16:46:31 +0400 Subject: [PATCH 1/2] Fix. Display only profiles which related to specific FS. --- app/sip_status/sip_status.php | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/app/sip_status/sip_status.php b/app/sip_status/sip_status.php index 029f979e55..abb921be11 100644 --- a/app/sip_status/sip_status.php +++ b/app/sip_status/sip_status.php @@ -100,9 +100,18 @@ if ($_GET['a'] == "download") { $gateways = $prep_statement->fetchAll(PDO::FETCH_NAMED); unset ($prep_statement, $sql); + if ($fp) { + $hostname = trim(event_socket_request($fp, 'api switchname')); + } + //get the sip profiles $sql = "select sip_profile_name from v_sip_profiles "; $sql .= "where sip_profile_enabled = 'true' "; + if ($hostname) { + $sql .= "and (sip_profile_hostname = '" . $hostname . "' "; + $sql .= "or sip_profile_hostname = '' "; + $sql .= "or sip_profile_hostname is null ) "; + } $sql .= "order by sip_profile_name asc "; $prep_statement = $db->prepare(check_sql($sql)); $prep_statement->execute(); From 55e35631911c3362658a08b36a43ecb56c36a13e Mon Sep 17 00:00:00 2001 From: Alexey Melnichuk Date: Tue, 25 Aug 2015 16:49:56 +0400 Subject: [PATCH 2/2] Fix. Escape hostname string. --- app/sip_status/sip_status.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/sip_status/sip_status.php b/app/sip_status/sip_status.php index abb921be11..1ad33c4e78 100644 --- a/app/sip_status/sip_status.php +++ b/app/sip_status/sip_status.php @@ -108,7 +108,7 @@ if ($_GET['a'] == "download") { $sql = "select sip_profile_name from v_sip_profiles "; $sql .= "where sip_profile_enabled = 'true' "; if ($hostname) { - $sql .= "and (sip_profile_hostname = '" . $hostname . "' "; + $sql .= "and (sip_profile_hostname = '" . check_str($hostname) . "' "; $sql .= "or sip_profile_hostname = '' "; $sql .= "or sip_profile_hostname is null ) "; }