From 4393fdd75d276fca3983c8995c2eb067d107a1bc Mon Sep 17 00:00:00 2001 From: FusionPBX Date: Mon, 17 Dec 2018 18:36:09 -0700 Subject: [PATCH] Update fax_file_delete.php --- app/fax/fax_file_delete.php | 30 +++++++++++++++++------------- 1 file changed, 17 insertions(+), 13 deletions(-) diff --git a/app/fax/fax_file_delete.php b/app/fax/fax_file_delete.php index 7cb21399fb..5c9b948a3b 100644 --- a/app/fax/fax_file_delete.php +++ b/app/fax/fax_file_delete.php @@ -17,22 +17,26 @@ The Initial Developer of the Original Code is Mark J Crane - Portions created by the Initial Developer are Copyright (C) 2015 + Portions created by the Initial Developer are Copyright (C) 2015 - 2018 the Initial Developer. All Rights Reserved. Contributor(s): Mark J Crane */ -require_once "root.php"; -require_once "resources/require.php"; -require_once "resources/check_auth.php"; -if (permission_exists('fax_file_delete')) { - //access granted -} -else { - echo "access denied"; - exit; -} + +//includes + require_once "root.php"; + require_once "resources/require.php"; + require_once "resources/check_auth.php"; + +//check permissions + if (permission_exists('fax_file_delete')) { + //access granted + } + else { + echo "access denied"; + exit; + } //add multi-lingual support require_once "app_languages.php"; @@ -46,7 +50,7 @@ else { } //validate the id - if (strlen($fax_file_uuid) > 0) { + if (is_uuid($fax_file_uuid)) { //get the fax file data $sql = "select * from v_fax_files "; $sql .= "where fax_file_uuid = '".$fax_file_uuid."' "; @@ -100,4 +104,4 @@ else { //redirect the user header('Location: fax_files.php?id='.$fax_uuid.'&box='.$type); -?> \ No newline at end of file +?>