From 7b928dc6b47444ac8cdfffc5b36f002dc0173f8b Mon Sep 17 00:00:00 2001
From: FusionPBX <markjcrane@gmail.com>
Date: Wed, 7 Dec 2022 22:29:59 -0700
Subject: [PATCH] Fix conference active buttons.

Security validation wasn't quite right so it prevented the mute, unmute and other conference actions from working.
---
 app/conferences_active/conference_exec.php | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/app/conferences_active/conference_exec.php b/app/conferences_active/conference_exec.php
index b50d755f8e..590b4391bb 100644
--- a/app/conferences_active/conference_exec.php
+++ b/app/conferences_active/conference_exec.php
@@ -27,7 +27,7 @@
 
 	The Initial Developer of the Original Code is
 	Mark J Crane <markjcrane@fusionpbx.com>
-	Portions created by the Initial Developer are Copyright (C) 2008-2020
+	Portions created by the Initial Developer are Copyright (C) 2008-2022
 	the Initial Developer. All Rights Reserved.
 
 	Contributor(s):
@@ -80,12 +80,12 @@
 
 //validate the name
 	if (!is_uuid($name)) {
-		$sql = "select conference_name ";
+		$sql = "select conference_extension ";
 		$sql .= "from v_conferences ";
 		$sql .= "where domain_uuid = :domain_uuid ";
-		$sql .= "and conference_name = :conference_name ";
+		$sql .= "and conference_extension = :conference_extension ";
 		$parameters['domain_uuid'] = $_SESSION['domain_uuid'];
-		$parameters['conference_name'] = $name;
+		$parameters['conference_extension'] = $name;
 		$database = new database;
 		$name = $database->select($sql, $parameters, 'column');
 		unset ($parameters, $sql);
@@ -178,6 +178,8 @@
 		unset($uuid);
 	}
 
+
+
 //execute the command
 	if (count($_GET) > 0) {
 		if (strlen($cmd) > 0) {