diff --git a/app/voicemail_greetings/voicemail_greetings.php b/app/voicemail_greetings/voicemail_greetings.php index 28e45b83ec..17cee1d28c 100644 --- a/app/voicemail_greetings/voicemail_greetings.php +++ b/app/voicemail_greetings/voicemail_greetings.php @@ -42,10 +42,13 @@ $language = new text; $text = $language->get(); +//set the defaults + $sql_file_size = ''; + //get the http get values and set them as php variables - $voicemail_id = $_REQUEST["id"]; - $order_by = $_GET["order_by"]; - $order = $_GET["order"]; + $voicemail_id = $_REQUEST["id"] ?? ''; + $order_by = $_GET["order_by"] ?? ''; + $order = $_GET["order"] ?? ''; //set the back button url $_SESSION['back'][$_SERVER['PHP_SELF']] = ($_GET['back'] != '') ? urldecode($_GET['back']) : $_SESSION['back'][$_SERVER['PHP_SELF']]; @@ -80,7 +83,7 @@ $greeting_dir = $_SESSION['switch']['storage']['dir'].'/voicemail/default/'.$_SESSION['domains'][$domain_uuid]['domain_name'].'/'.$voicemail_id; //download the greeting - if ($_GET['a'] == "download" && (permission_exists('voicemail_greeting_play') || permission_exists('voicemail_greeting_download'))) { + if (!empty($_GET['a']) == "download" && (permission_exists('voicemail_greeting_play') || permission_exists('voicemail_greeting_download'))) { if ($_GET['type'] == "rec") { //get the id $voicemail_greeting_uuid = $_GET['uuid']; @@ -145,7 +148,7 @@ } //upload the greeting - if ($_POST['a'] == "upload" && permission_exists('voicemail_greeting_upload') + if (!empty($_POST['a']) == "upload" && permission_exists('voicemail_greeting_upload') && $_POST['type'] == 'rec' && is_uploaded_file($_FILES['file']['tmp_name'])) { //validate the token @@ -253,7 +256,7 @@ } //set the greeting - if ($_REQUEST['action'] == "set") { + if (!empty($_REQUEST['action']) == "set") { //save the greeting_id to a variable $greeting_id = $_REQUEST['greeting_id']; @@ -278,14 +281,14 @@ } //get the http post data - if (is_array($_POST['voicemail_greetings'])) { + if (!empty($_POST['voicemail_greetings'])) { $action = $_POST['action']; $voicemail_id = $_POST['voicemail_id']; $voicemail_greetings = $_POST['voicemail_greetings']; } //process the http post data by action - if ($action != '' && is_array($voicemail_greetings) && @sizeof($voicemail_greetings) != 0) { + if (!empty($action) && !empty($voicemail_greetings)) { switch ($action) { case 'delete': if (permission_exists('voicemail_greeting_delete')) { @@ -301,7 +304,7 @@ } //get the greetings list - if ($_SESSION['voicemail']['storage_type']['text'] == 'base64') { + if (!empty($_SESSION['voicemail']['storage_type']['text']) == 'base64') { switch ($db_type) { case 'pgsql': $sql_file_size = ", length(decode(greeting_base64,'base64')) as greeting_size "; break; case 'mysql': $sql_file_size = ", length(from_base64(greeting_base64)) as greeting_size "; break; @@ -390,7 +393,7 @@ $col_count++; echo th_order_by('greeting_name', $text['label-name'], $order_by, $order, null, null, "id=".urlencode($voicemail_id)); $col_count++; - if ($_SESSION['voicemail']['storage_type']['text'] != 'base64') { + if (!empty($_SESSION['voicemail']['storage_type']['text']) != 'base64') { echo th_order_by('greeting_filename', $text['label-filename'], $order_by, $order, null, "class='hide-sm-dn'", "id=".urlencode($voicemail_id)); $col_count++; } @@ -400,12 +403,12 @@ } echo "".$text['label-size']."\n"; $col_count++; - if ($_SESSION['voicemail']['storage_type']['text'] != 'base64') { + if (!empty($_SESSION['voicemail']['storage_type']['text']) != 'base64') { echo "".$text['label-uploaded']."\n"; $col_count++; } echo th_order_by('greeting_description', $text['label-description'], $order_by, $order, null, "class='hide-sm-dn pct-25'", "id=".urlencode($voicemail_id)); - if (permission_exists('voicemail_greeting_edit') && $_SESSION['theme']['list_row_edit_button']['boolean'] == 'true') { + if (permission_exists('voicemail_greeting_edit') && !empty($_SESSION['theme']['list_row_edit_button']['boolean']) == 'true') { echo "  \n"; } echo "\n"; diff --git a/app/voicemails/voicemail_messages.php b/app/voicemails/voicemail_messages.php index 9e0b09321f..052e96de7a 100644 --- a/app/voicemails/voicemail_messages.php +++ b/app/voicemails/voicemail_messages.php @@ -34,7 +34,7 @@ //download the message if ( - $_REQUEST["action"] == "download" + !empty($_REQUEST["action"]) == "download" && is_numeric($_REQUEST["id"]) && is_uuid($_REQUEST["uuid"]) && is_uuid($_REQUEST["voicemail_uuid"]) @@ -73,13 +73,13 @@ } //get the http post data - if (is_array($_POST['voicemail_messages'])) { + if (!empty($_POST['voicemail_messages'])) { $action = $_POST['action']; $voicemail_messages = $_POST['voicemail_messages']; } //process the http post data by action - if ($action != '' && is_array($voicemail_messages) && @sizeof($voicemail_messages) != 0) { + if (!empty($action) && !empty($voicemail_messages)) { //set the referrer $http_referer = parse_url($_SERVER["HTTP_REFERER"]); @@ -166,8 +166,8 @@ $text = $language->get(); //get the html values and set them as variables - $order_by = $_GET["order_by"]; - $order = $_GET["order"]; + $order_by = $_GET["order_by"] ?? ''; + $order = $_GET["order"] ?? ''; //get the voicemail $vm = new voicemail; @@ -282,7 +282,7 @@ $col_count++; echo th_order_by('message_length', $text['label-message_length'], $order_by, $order, null, "class='hide-xs right pct-15'"); $col_count++; - if ($_SESSION['voicemail']['storage_type']['text'] != 'base64') { + if (!empty($_SESSION['voicemail']['storage_type']['text']) != 'base64') { echo "".$text['label-message_size']."\n"; $col_count++; } @@ -296,7 +296,7 @@ echo "\n"; echo "\n"; // dummy row to maintain alternating background color - $bold = ($row['message_status'] == '' && $_REQUEST["uuid"] != $row['voicemail_message_uuid']) ? 'font-weight: bold;' : null; + $bold = ($row['message_status'] && !empty($_REQUEST["uuid"]) != $row['voicemail_message_uuid']) ? 'font-weight: bold;' : null; $list_row_url = "javascript:recording_play('".escape($row['voicemail_message_uuid'])."');"; echo "\n"; echo " \n"; @@ -311,16 +311,16 @@ echo ""; echo button::create(['type'=>'button','title'=>$text['label-play'].' / '.$text['label-pause'],'icon'=>$_SESSION['theme']['button_icon_play'],'id'=>'recording_button_'.escape($row['voicemail_message_uuid']),'onclick'=>"recording_play('".escape($row['voicemail_message_uuid'])."');"]); echo button::create(['type'=>'button','title'=>$text['label-download'],'icon'=>$_SESSION['theme']['button_icon_download'],'link'=>"voicemail_messages.php?action=download&id=".urlencode($row['voicemail_id'])."&voicemail_uuid=".escape($row['voicemail_uuid'])."&uuid=".escape($row['voicemail_message_uuid'])."&t=bin&r=".uuid(),'onclick'=>"$(this).closest('tr').children('td').css('font-weight','normal');"]); - if ($_SESSION['voicemail']['transcribe_enabled']['boolean'] == 'true' && $row['message_transcription'] != '') { + if (!empty($_SESSION['voicemail']['transcribe_enabled']['boolean']) == 'true' && $row['message_transcription'] != '') { echo button::create(['type'=>'button','title'=>$text['label-transcription'],'icon'=>'quote-right','onclick'=>"document.getElementById('transcription_".$row['voicemail_message_uuid']."').style.display = document.getElementById('transcription_".$row['voicemail_message_uuid']."').style.display == 'none' ? 'table-row' : 'none'; this.blur(); return false;"]); } echo " \n"; echo " ".escape($row['message_length_label'])."\n"; - if ($_SESSION['voicemail']['storage_type']['text'] != 'base64') { + if (!empty($_SESSION['voicemail']['storage_type']['text']) != 'base64') { echo " ".escape($row['file_size_label'])."\n"; } echo "\n"; - if ($_SESSION['voicemail']['transcribe_enabled']['boolean'] == 'true' && $row['message_transcription'] != '') { + if (!empty($_SESSION['voicemail']['transcribe_enabled']['boolean']) == 'true' && $row['message_transcription'] != '') { echo "\n"; // dummy row to maintain same background color for transcription row echo "\n"; echo " \n"; @@ -351,7 +351,7 @@ echo "
"; //autoplay message - if ($_REQUEST["action"] == "autoplay" && is_uuid($_REQUEST["uuid"])) { + if (!empty($_REQUEST["action"]) == "autoplay" && is_uuid($_REQUEST["uuid"])) { echo ""; }