diff --git a/app/fax/fax_edit.php b/app/fax/fax_edit.php index 70f59713f6..aa14f3c509 100644 --- a/app/fax/fax_edit.php +++ b/app/fax/fax_edit.php @@ -17,7 +17,7 @@ The Initial Developer of the Original Code is Mark J Crane - Portions created by the Initial Developer are Copyright (C) 2008-2021 + Portions created by the Initial Developer are Copyright (C) 2008-2023 the Initial Developer. All Rights Reserved. Contributor(s): @@ -54,7 +54,7 @@ $fax_dir = $_SESSION['switch']['storage']['dir'].'/fax/'.$_SESSION['domain_name']; //get the fax extension - if (is_numeric($fax_extension) > 0) { + if (!empty($fax_extension) && is_numeric($fax_extension)) { //set the fax directories. example /usr/local/freeswitch/storage/fax/329/inbox $dir_fax_inbox = $fax_dir.'/'.$fax_extension.'/inbox'; $dir_fax_sent = $fax_dir.'/'.$fax_extension.'/sent'; @@ -80,10 +80,10 @@ } //set the action as an add or an update - if (is_uuid($_REQUEST["id"])) { + if (!empty($_REQUEST["id"]) && is_uuid($_REQUEST["id"])) { $action = "update"; $fax_uuid = $_REQUEST["id"]; - $dialplan_uuid = $_REQUEST["dialplan_uuid"]; + $dialplan_uuid = $_REQUEST["dialplan_uuid"] ?? null; } else { $action = "add"; @@ -93,7 +93,7 @@ if (count($_POST) > 0) { //process the http post data by submitted action - if ($_POST['action'] != '' && is_uuid($fax_uuid)) { + if (!empty($_POST['action']) && is_uuid($fax_uuid)) { $array[0]['checked'] = 'true'; $array[0]['uuid'] = $fax_uuid; @@ -152,23 +152,23 @@ else { $forward_prefix = $forward_prefix.$fax_forward_number.'#'; //found } - $fax_local = $_POST["fax_local"]; //! @todo check in database + $fax_local = $_POST["fax_local"] ?? null; //! @todo check in database $fax_description = $_POST["fax_description"]; - $fax_send_greeting = $_POST["fax_send_greeting"]; + $fax_send_greeting = $_POST["fax_send_greeting"] ?? null; $fax_send_channels = $_POST["fax_send_channels"]; //restrict size of user data $fax_name = substr($fax_name, 0, 30); $fax_extension = substr($fax_extension, 0, 15); - $accountcode = substr($accountcode, 0, 80); - $fax_prefix = substr($fax_prefix, 0, 12); + $accountcode = substr($accountcode ?? '', 0, 80); + $fax_prefix = substr($fax_prefix ?? '', 0, 12); $fax_caller_id_name = substr($fax_caller_id_name, 0, 40); $fax_caller_id_number = substr($fax_caller_id_number, 0, 20); $fax_forward_number = substr($fax_forward_number, 0, 20); } //delete the user from the fax users - if (is_uuid($_REQUEST["user_uuid"]) && is_uuid($_REQUEST["id"]) && $_GET["a"] == "delete" && permission_exists("fax_extension_delete")) { + if (!empty($_REQUEST["user_uuid"]) && is_uuid($_REQUEST["user_uuid"]) && is_uuid($_REQUEST["id"]) && !empty($_GET["a"]) && $_GET["a"] == "delete" && permission_exists("fax_extension_delete")) { //set the variables $user_uuid = $_REQUEST["user_uuid"]; $fax_uuid = $_REQUEST["id"]; @@ -196,7 +196,7 @@ } //add the user to the fax users - if (is_uuid($_REQUEST["user_uuid"]) && is_uuid($_REQUEST["id"]) && $_GET["a"] != "delete") { + if (!empty($_REQUEST["user_uuid"]) && is_uuid($_REQUEST["user_uuid"]) && is_uuid($_REQUEST["id"]) && (empty($_GET["a"]) || $_GET["a"] != "delete")) { //set the variables $user_uuid = $_REQUEST["user_uuid"]; $fax_uuid = $_REQUEST["id"]; @@ -280,7 +280,7 @@ } //add or update the database - if ($_POST["persistformvar"] != "true") { + if (empty($_POST["persistformvar"]) || $_POST["persistformvar"] != "true") { //prep authorized senders if (is_array($fax_email_outbound_authorized_senders) && (sizeof($fax_email_outbound_authorized_senders) > 0)) { @@ -410,7 +410,7 @@ } //pre-populate the form - if (is_uuid($_GET['id']) && $_POST["persistformvar"] != "true") { + if (!empty($_GET['id']) && is_uuid($_GET['id']) && (empty($_POST["persistformvar"]) || $_POST["persistformvar"] != "true")) { $fax_uuid = $_GET["id"]; $sql = "select * from v_fax "; $sql .= "where domain_uuid = :domain_uuid "; @@ -453,39 +453,43 @@ } //get the fax users - $sql = "select * from v_fax_users as e, v_users as u "; - $sql .= "where e.user_uuid = u.user_uuid "; - $sql .= "and e.domain_uuid = :domain_uuid "; - $sql .= "and e.fax_uuid = :fax_uuid "; - $parameters['domain_uuid'] = $_SESSION['domain_uuid']; - $parameters['fax_uuid'] = $fax_uuid; - $database = new database; - $fax_users = $database->select($sql, $parameters, 'all'); - unset($sql, $parameters); + if (!empty($fax_uuid) && is_uuid($fax_uuid)) { + $sql = "select * from v_fax_users as e, v_users as u "; + $sql .= "where e.user_uuid = u.user_uuid "; + $sql .= "and e.domain_uuid = :domain_uuid "; + $sql .= "and e.fax_uuid = :fax_uuid "; + $parameters['domain_uuid'] = $_SESSION['domain_uuid']; + $parameters['fax_uuid'] = $fax_uuid; + $database = new database; + $fax_users = $database->select($sql, $parameters, 'all'); + unset($sql, $parameters); + } //get the users that are not assigned to this fax server - $sql = "select * from v_users \n"; - $sql .= "where domain_uuid = :domain_uuid \n"; - $sql .= "and user_uuid not in (\n"; - $sql .= " select user_uuid from v_fax_users "; - $sql .= " where domain_uuid = :domain_uuid "; - $sql .= " and fax_uuid = :fax_uuid "; - $sql .= " and user_uuid is not null "; - $sql .= ")\n"; - $parameters['domain_uuid'] = $_SESSION['domain_uuid']; - $parameters['fax_uuid'] = $fax_uuid; - $database = new database; - $available_users = $database->select($sql, $parameters, 'all'); - unset($sql, $parameters); + if (!empty($fax_uuid) && is_uuid($fax_uuid)) { + $sql = "select * from v_users \n"; + $sql .= "where domain_uuid = :domain_uuid \n"; + $sql .= "and user_uuid not in (\n"; + $sql .= " select user_uuid from v_fax_users "; + $sql .= " where domain_uuid = :domain_uuid "; + $sql .= " and fax_uuid = :fax_uuid "; + $sql .= " and user_uuid is not null "; + $sql .= ")\n"; + $parameters['domain_uuid'] = $_SESSION['domain_uuid']; + $parameters['fax_uuid'] = $fax_uuid; + $database = new database; + $available_users = $database->select($sql, $parameters, 'all'); + unset($sql, $parameters); + } //replace the dash with a space - $fax_name = str_replace("-", " ", $fax_name); + $fax_name = str_replace("-", " ", $fax_name ?? ''); //build the fax_emails array - $fax_emails = explode(',',$fax_email); + $fax_emails = explode(',', $fax_email ?? ''); //set the dialplan_uuid - if (!is_uuid($dialplan_uuid)) { + if (empty($dialplan_uuid) || !is_uuid($dialplan_uuid)) { $dialplan_uuid = uuid(); } @@ -522,11 +526,11 @@ if ($action == "update") { $button_margin = 'margin-left: 15px;'; if (permission_exists('fax_extension_copy')) { - echo button::create(['type'=>'button','label'=>$text['button-copy'],'icon'=>$_SESSION['theme']['button_icon_copy'],'name'=>'btn_copy','style'=>$button_margin,'onclick'=>"modal_open('modal-copy','btn_copy');"]); + echo button::create(['type'=>'button','label'=>$text['button-copy'],'icon'=>$_SESSION['theme']['button_icon_copy'],'name'=>'btn_copy','style'=>($button_margin ?? null),'onclick'=>"modal_open('modal-copy','btn_copy');"]); unset($button_margin); } if (permission_exists('fax_extension_delete')) { - echo button::create(['type'=>'button','label'=>$text['button-delete'],'icon'=>$_SESSION['theme']['button_icon_delete'],'name'=>'btn_delete','style'=>$button_margin,'onclick'=>"modal_open('modal-delete','btn_delete');"]); + echo button::create(['type'=>'button','label'=>$text['button-delete'],'icon'=>$_SESSION['theme']['button_icon_delete'],'name'=>'btn_delete','style'=>($button_margin ?? null),'onclick'=>"modal_open('modal-delete','btn_delete');"]); unset($button_margin); } } @@ -578,7 +582,7 @@ echo " ".$text['label-extension']."\n"; echo "\n"; echo "\n"; - echo " \n"; + echo " \n"; echo "
\n"; echo "".$text['description-extension']."\n"; echo "\n"; @@ -601,7 +605,7 @@ echo " ".$text['label-destination-number']."\n"; echo "\n"; echo "\n"; - echo " \n"; + echo " \n"; echo "
\n"; echo " ".$text['description-destination-number']."\n"; echo "\n"; @@ -612,7 +616,7 @@ echo " ".$text['label-fax_prefix']."\n"; echo "\n"; echo "\n"; - echo " \n"; + echo " \n"; echo "
\n"; echo " ".$text['description-fax_prefix']."\n"; echo "\n"; @@ -651,7 +655,7 @@ echo " ".$text['label-caller-id-name']."\n"; echo "\n"; echo "\n"; - echo " \n"; + echo " \n"; echo "
\n"; echo "".$text['description-caller-id-name']."\n"; echo "\n"; @@ -662,7 +666,7 @@ echo " ".$text['label-caller-id-number']."\n"; echo "\n"; echo "\n"; - echo " \n"; + echo " \n"; echo "
\n"; echo "".$text['description-caller-id-number']."\n"; echo "\n"; @@ -673,7 +677,7 @@ echo " ".$text['label-forward']."\n"; echo "\n"; echo "\n"; - echo " \n"; + echo " \n"; echo "
\n"; echo "".$text['description-forward-number']."\n"; echo "\n"; @@ -684,7 +688,7 @@ echo " ".$text['label-toll_allow']."\n"; echo "\n"; echo "\n"; - echo " \n"; + echo " \n"; echo "
\n"; echo "".$text['description-toll_allow']."\n"; echo "\n"; @@ -696,9 +700,9 @@ echo " ".$text['label-user-list'].""; echo " "; - if (is_array($fax_users) && @sizeof($fax_users) != 0) { + if (!empty($fax_users) && is_array($fax_users) && @sizeof($fax_users) != 0) { echo " \n"; - foreach($fax_users as $field) { + foreach ($fax_users as $field) { echo " \n"; echo " \n"; echo " \n"; echo "\n"; @@ -875,7 +879,7 @@ echo " \n"; echo " \n"; echo " \n"; - echo " \n"; + echo " \n"; echo " \n"; } echo " \n"; @@ -889,7 +893,7 @@ if (permission_exists('fax_extension_advanced') && function_exists("imap_open") && file_exists("fax_files_remote.php")) { - echo "
\n"; + echo "
\n"; echo "
\n"; echo "
".$text['label-advanced_settings']."
\n"; @@ -920,7 +924,7 @@ echo "
\n"; echo "\n"; @@ -946,8 +950,8 @@ echo "\n"; echo "\n"; echo "\n"; @@ -997,7 +1001,7 @@ echo " ".$text['label-email_connection_mailbox']."\n"; echo "\n"; echo "\n"; @@ -1022,7 +1026,7 @@ echo " ".$text['label-email_inbound_subject_tag']."\n"; echo "\n"; echo "\n"; @@ -1042,7 +1046,7 @@ echo " ".$text['label-email_outbound_subject_tag']."\n"; echo "\n"; echo "\n"; @@ -1057,15 +1061,12 @@ echo " "; echo " "; echo "
".escape($field['username'])."\n"; @@ -710,10 +714,10 @@ echo "
\n"; } unset($fax_users); - if (is_array($available_users) && @sizeof($available_users) != 0) { + if (!empty($available_users) && is_array($available_users) && @sizeof($available_users) != 0) { echo " "; @@ -765,7 +769,7 @@ echo "\n"; echo "\n"; } - echo " \n"; echo " \n"; //recordings if($dh = opendir($_SESSION['switch']['recordings']['dir']."/".$_SESSION['domain_name']."/")) { @@ -793,7 +797,7 @@ echo "\n"; foreach ($result as &$row) { $selected = ($fax_send_greeting == "phrase:".$row["phrase_uuid"]) ? true : false; - echo " \n"; + echo " \n"; if ($selected) { $tmp_selected = true; } } echo "\n"; @@ -810,7 +814,7 @@ $fax_send_greeting = substr($fax_send_greeting, 71); } $selected = ($fax_send_greeting == $value) ? true : false; - echo " \n"; + echo " \n"; if ($selected) { $tmp_selected = true; } } } @@ -858,7 +862,7 @@ echo " ".$text['label-description']."\n"; echo "		\n"; - echo " \n"; + echo " \n"; echo "
\n"; echo "".$text['description-info']."\n"; echo "		\n"; echo " \n"; echo "
\n"; echo " ".$text['description-email_connection_type']."\n"; @@ -932,8 +936,8 @@ echo " ".$text['label-email_connection_server']."\n"; echo "		\n"; - echo "  : "; - echo "\n"; + echo "  : "; + echo "\n"; echo "
\n"; echo " ".$text['description-email_connection_server']."\n"; echo "		\n"; echo " \n"; echo "
\n"; echo " ".$text['description-email_connection_security']."\n"; @@ -961,7 +965,7 @@ echo "		\n"; echo " \n"; echo "
\n"; echo " ".$text['description-email_connection_validate']."\n"; @@ -973,7 +977,7 @@ echo " ".$text['label-email_connection_username']."\n"; echo "		\n"; - echo " \n"; + echo " \n"; echo " \n"; //help defeat browser auto-fill echo "
\n"; echo " ".$text['description-email_connection_username']."\n"; @@ -986,7 +990,7 @@ echo "		\n"; echo " \n"; //help defeat browser auto-fill - echo " \n"; + echo " \n"; echo "
\n"; echo " ".$text['description-email_connection_password']."\n"; echo "		\n"; - echo " \n"; + echo " \n"; echo "
\n"; echo " ".$text['description-email_connection_mailbox']."\n"; echo "		\n"; - echo " [ ]\n"; + echo " [ ]\n"; echo "
\n"; echo " ".$text['description-email_inbound_subject_tag']."\n"; echo "		\n"; - echo " [ ]\n"; + echo " [ ]\n"; echo "
\n"; echo " ".$text['description-email_outbound_subject_tag']."\n"; echo "
"; - if (substr_count($fax_email_outbound_authorized_senders, ',') > 0) { - $senders = explode(',', $fax_email_outbound_authorized_senders); - } - else { - $senders[] = $fax_email_outbound_authorized_senders; + if (!empty($fax_email_outbound_authorized_senders)) { + $senders = substr_count($fax_email_outbound_authorized_senders, ',') > 0 ? explode(',', $fax_email_outbound_authorized_senders) : $fax_email_outbound_authorized_senders; } $senders[] = ''; // empty one foreach ($senders as $sender_num => $sender) { - echo " ".((sizeof($senders) > 0 && $sender_num < (sizeof($senders) - 1) ) ? "
" : null); + echo " ".(sizeof($senders) > 0 && $sender_num < (sizeof($senders) - 1) ? "
" : null); } echo " 		"; @@ -1093,4 +1094,4 @@ //show the footer require_once "resources/footer.php"; -?> +?> \ No newline at end of file