nsinnovations/fusionpbx
2
0
Fork 0
mirror of https://github.com/fusionpbx/fusionpbx.git synced 2026-01-26 10:39:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix conference active buttons.

Browse Source 
Security validation wasn't quite right so it prevented the mute, unmute and other conference actions from working.
This commit is contained in:
FusionPBX
2022-12-07 22:29:59 -07:00
committed by GitHub
parent b7147022cc
commit 7b928dc6b4
1 changed files with 6 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
app/conferences_active/conference_exec.php
View File

@@ -27,7 +27,7 @@
The Initial Developer of the Original Code is
Mark J Crane <markjcrane@fusionpbx.com>
Portions created by the Initial Developer are Copyright (C) 2008-2020
Portions created by the Initial Developer are Copyright (C) 2008-2022
the Initial Developer. All Rights Reserved.
Contributor(s):
@@ -80,12 +80,12 @@
//validate the name
if (!is_uuid($name)) {
$sql = "select conference_name ";
$sql = "select conference_extension ";
$sql .= "from v_conferences ";
$sql .= "where domain_uuid = :domain_uuid ";
$sql .= "and conference_name = :conference_name ";
$sql .= "and conference_extension = :conference_extension ";
$parameters['domain_uuid'] = $_SESSION['domain_uuid'];
$parameters['conference_name'] = $name;
$parameters['conference_extension'] = $name;
$database = new database;
$name = $database->select($sql, $parameters, 'column');
unset ($parameters, $sql);
@@ -178,6 +178,8 @@
unset($uuid);
}
//execute the command
if (count($_GET) > 0) {
if (strlen($cmd) > 0) {