diff --git a/app/fax/fax_send.php b/app/fax/fax_send.php index 777e244096..a8808a0a27 100644 --- a/app/fax/fax_send.php +++ b/app/fax/fax_send.php @@ -312,7 +312,7 @@ if (!function_exists('fax_split_dtmf')) { if ($fax_file_extension != "pdf" && $fax_file_extension != "tif") { chdir($dir_fax_temp); $command = $IS_WINDOWS ? '' : 'export HOME=/tmp && '; - $command .= 'libreoffice --headless --convert-to pdf --outdir '.$dir_fax_temp.' '.$dir_fax_temp.'/'.$fax_name.'.'.$fax_file_extension; + $command .= 'libreoffice --headless --convert-to pdf --outdir '.$dir_fax_temp.' '.$dir_fax_temp.'/'.escapeshellarg($fax_name).'.'.escapeshellarg($fax_file_extension); exec($command); @unlink($dir_fax_temp.'/'.$fax_name.'.'.$fax_file_extension); } @@ -322,7 +322,7 @@ if (!function_exists('fax_split_dtmf')) { chdir($dir_fax_temp); //convert pdf to tif - $cmd = exec('which gs')." -q -r".$gs_r." -g".$gs_g." -dBATCH -dPDFFitPage -dNOSAFER -dNOPAUSE -dBATCH -sOutputFile=".correct_path($fax_name).".tif -sDEVICE=tiffg4 -Ilib stocht.ps -c \"{ .75 gt { 1 } { 0 } ifelse} settransfer\" -- ".correct_path($fax_name).".pdf -c quit"; + $cmd = exec('which gs')." -q -r".$gs_r." -g".$gs_g." -dBATCH -dPDFFitPage -dNOSAFER -dNOPAUSE -dBATCH -sOutputFile=".escapeshellarg($fax_name).".tif -sDEVICE=tiffg4 -Ilib stocht.ps -c \"{ .75 gt { 1 } { 0 } ifelse} settransfer\" -- ".escapeshellarg($fax_name).".pdf -c quit"; // echo($cmd . "
\n"); exec($cmd); @unlink($dir_fax_temp.'/'.$fax_name.'.pdf'); @@ -672,17 +672,17 @@ if (!function_exists('fax_split_dtmf')) { //send the fax $fax_file = $dir_fax_sent."/".$fax_instance_uuid.".tif"; - $common_variables .= "fax_queue_uuid='" . $fax_queue_uuid . "',"; + $common_variables .= "fax_queue_uuid='" . escapeshellarg($fax_queue_uuid) . "',"; $common_variables = "for_fax=1,"; - $common_variables .= "accountcode='" . $fax_accountcode . "',"; - $common_variables .= "sip_h_X-accountcode='" . $fax_accountcode . "',"; - $common_variables .= "domain_uuid=" . $_SESSION["domain_uuid"] . ","; - $common_variables .= "domain_name=" . $_SESSION["domain_name"] . ","; - $common_variables .= "origination_caller_id_name='" . $fax_caller_id_name . "',"; - $common_variables .= "origination_caller_id_number='" . $fax_caller_id_number . "',"; - $common_variables .= "fax_ident='" . $fax_caller_id_number . "',"; - $common_variables .= "fax_header='" . $fax_caller_id_name . "',"; - $common_variables .= "fax_file='" . $fax_file . "',"; + $common_variables .= "accountcode='" . escapeshellarg($fax_accountcode) . "',"; + $common_variables .= "sip_h_X-accountcode='" . escapeshellarg($fax_accountcode) . "',"; + $common_variables .= "domain_uuid=" . escapeshellarg($_SESSION["domain_uuid"]) . ","; + $common_variables .= "domain_name=" . escapeshellarg($_SESSION["domain_name"]) . ","; + $common_variables .= "origination_caller_id_name='" . escapeshellarg($fax_caller_id_name) . "',"; + $common_variables .= "origination_caller_id_number='" . escapeshellarg($fax_caller_id_number) . "',"; + $common_variables .= "fax_ident='" . escapeshellarg($fax_caller_id_number) . "',"; + $common_variables .= "fax_header='" . escapeshellarg($fax_caller_id_name) . "',"; + $common_variables .= "fax_file='" . escapeshellarg($fax_file) . "',"; foreach ($fax_numbers as $fax_number) { @@ -704,16 +704,16 @@ if (!function_exists('fax_split_dtmf')) { $fax_uri = $route_array[0]; $fax_variables = ""; foreach($_SESSION['fax']['variable'] as $variable) { - $fax_variables .= $variable.","; + $fax_variables .= escapeshellarg($variable).","; } } //build the fax dial string $dial_string = $common_variables; $dial_string .= $fax_variables; - $dial_string .= "mailto_address='" . $mail_to_address . "',"; - $dial_string .= "mailfrom_address='" . $mail_from_address . "',"; - $dial_string .= "fax_uri=" . $fax_uri . ","; + $dial_string .= "mailto_address='" . escapeshellarg($mail_to_address) . "',"; + $dial_string .= "mailfrom_address='" . escapeshellarg($mail_from_address) . "',"; + $dial_string .= "fax_uri=" . escapeshellarg($fax_uri) . ","; $dial_string .= "fax_retry_attempts=1" . ","; $dial_string .= "fax_retry_limit=20" . ","; $dial_string .= "fax_retry_sleep=180" . ",";