diff --git a/app/calls_active/calls_active_inc.php b/app/calls_active/calls_active_inc.php
index 309248f5d8..c42da9cd76 100644
--- a/app/calls_active/calls_active_inc.php
+++ b/app/calls_active/calls_active_inc.php
@@ -165,9 +165,9 @@
foreach ($row as $key => $value) {
$$key = $value;
}
- if (if_group("superadmin") && isset($_REQUEST['debug'])) {
- echo "".print_r($row, true)." |
";
- }
+ //if (if_group("superadmin") && isset($_REQUEST['debug'])) {
+ // echo "".print_r(escape($row), true)." |
";
+ //}
//get the sip profile
$name_array = explode("/", $name);
@@ -196,21 +196,21 @@
//send the html
echo "\n";
- echo "| ".$sip_profile." | \n";
- echo "".$created." | \n";
+ echo "".escape($sip_profile)." | \n";
+ echo "".$escape(created)." | \n";
if ($show == 'all') {
- echo "".$domain_name." | \n";
+ echo "".escape($domain_name)." | \n";
}
- echo "".$tmp_number." | \n";
+ echo "".escape($tmp_number)." | \n";
echo "".escape($cid_name)." | \n";
echo "".escape($cid_num)." | \n";
- echo "".$dest." | \n";
- echo "".((strlen($application) > 0) ? $application.":".$application_data : null)." | \n";
- echo "".$read_codec.":".$read_rate." / ".$write_codec.":".$write_rate." | \n";
- echo "".$secure." | \n";
- echo "".$v_link_label_delete." | \n";
+ echo "".escape($dest)." | \n";
+ echo "".((strlen($application) > 0) ? escape($application).":".escape($application_data) : null)." | \n";
+ echo "".escape($read_codec).":".escape($read_rate)." / ".escape($write_codec).":".escape($write_rate)." | \n";
+ echo "".escape($secure)." | \n";
+ echo "".$v_link_label_delete." | \n";
echo "
\n";
-
+
//alternate the row style
$c = ($c) ? 0 : 1;
}