From 1f162cd95fa1da353d3bc747f31477d31a6471d3 Mon Sep 17 00:00:00 2001
From: FusionPBX <markjcrane@gmail.com>
Date: Wed, 21 Aug 2019 00:52:06 -0600
Subject: [PATCH] Update fifo_interactive_inc.php

---
 app/fifo_list/fifo_interactive_inc.php | 13 +++++--------
 1 file changed, 5 insertions(+), 8 deletions(-)

diff --git a/app/fifo_list/fifo_interactive_inc.php b/app/fifo_list/fifo_interactive_inc.php
index 200ba607bd..3ba68c182b 100644
--- a/app/fifo_list/fifo_interactive_inc.php
+++ b/app/fifo_list/fifo_interactive_inc.php
@@ -44,6 +44,7 @@
 
 //set variables
 	$fifo_name = trim($_REQUEST["c"]);
+	$fifo_name = preg_replace('#[^a-zA-Z0-9\-./]#', '', $fifo_name);
 
 //if not the user is not a member of the superadmin then restrict to viewing their own domain
 	if (!if_group("superadmin")) {
@@ -54,7 +55,9 @@
 	}
 
 //prepare and send the api command over event socket
+
 	$switch_cmd = 'fifo list_verbose '.$fifo_name.'';
+	
 	$fp = event_socket_create($_SESSION['event_socket_ip_address'], $_SESSION['event_socket_port'], $_SESSION['event_socket_password']);
 	if (!$fp) {
 		$msg = "<div align='center'>Connection to Event Socket failed.<br /></div>";
@@ -64,7 +67,7 @@
 		echo "<th align='left'>Message</th>\n";
 		echo "</tr>\n";
 		echo "<tr>\n";
-		echo "<td class='row_style1'><strong>$msg</strong></td>\n";
+		echo "<td class='row_style1'><strong>".escape($msg)."</strong></td>\n";
 		echo "</tr>\n";
 		echo "</table>\n";
 		echo "</div>\n";
@@ -193,7 +196,6 @@
 			}
 			echo "</table>\n";
 
-
 			//Current logged members
 			//set the alternating row styles
 			$c = 0;
@@ -207,20 +209,14 @@
 
 		//show the content
 			echo "<table width='100%' border='0' cellpadding='0' cellspacing='0'>\n";
-
 			echo "<tr>\n";
 			echo "<th>".$text['label-username']."</th>\n";
 			echo "<th>Total inbound calls</th>\n";
 			echo "<th>Logged on since</th>\n";
 			echo "</tr>\n";
-
 			//print_r($xml->fifo->outbound->member[0]);
 			//print_r($xml->fifo->outbound->member[1]);
-
 			foreach ($xml->fifo->outbound->member as $row) {
-
-
-
 				$username=explode("@",$row);
 				$username=explode("/",$username[0]);
 				$username=$username[1];
@@ -237,4 +233,5 @@
 			}
 			echo "</table>\n";
 		}
+
 ?>