From 774ad2edca01d21a15ae28a0180af725694edc9d Mon Sep 17 00:00:00 2001 From: FusionPBX Date: Sun, 16 Jun 2019 09:52:52 -0600 Subject: [PATCH] Update call_center_queue.php --- app/call_center_active/call_center_queue.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/app/call_center_active/call_center_queue.php b/app/call_center_active/call_center_queue.php index 31c37d752d..e8f502b115 100644 --- a/app/call_center_active/call_center_queue.php +++ b/app/call_center_active/call_center_queue.php @@ -17,7 +17,7 @@ The Initial Developer of the Original Code is Mark J Crane - Portions created by the Initial Developer are Copyright (C) 2008-2018 + Portions created by the Initial Developer are Copyright (C) 2008-2019 the Initial Developer. All Rights Reserved. Contributor(s): @@ -87,7 +87,7 @@ $parameters['domain_uuid'] = $_SESSION['domain_uuid']; $result = $database->select($sql, $parameters, 'all'); $num_rows = $database->select($sql, $parameters, 'column'); - + //paging the records $rows_per_page = ($_SESSION['domain']['paging']['numeric'] != '') ? $_SESSION['domain']['paging']['numeric'] : 50; $param = ""; @@ -137,7 +137,7 @@ if (is_array($call_center_queues)) { foreach($call_center_queues as $row) { - $tr_link = "href='".PROJECT_PATH."/app/call_center_active/call_center_active.php?queue_name=".$row['call_center_queue_uuid']."&name=".urlencode($row['queue_name'])."'"; + $tr_link = "href='".PROJECT_PATH."/app/call_center_active/call_center_active.php?queue_name=".escape($row['call_center_queue_uuid'])."&name=".urlencode(escape($row['queue_name']))."'"; echo "\n"; echo " ".escape($row['queue_name'])."\n"; echo " ".escape($row['queue_extension'])."\n";