diff --git a/app/fax/fax_send.php b/app/fax/fax_send.php
index c050430a90..9316882ada 100644
--- a/app/fax/fax_send.php
+++ b/app/fax/fax_send.php
@@ -33,16 +33,19 @@ if (stristr(PHP_OS, 'WIN')) { $IS_WINDOWS = true; } else { $IS_WINDOWS = false;
if (!$included) {
- include "root.php";
- require_once "resources/require.php";
- require_once "resources/check_auth.php";
- if (permission_exists('fax_send')) {
- //access granted
- }
- else {
- echo "access denied";
- exit;
- }
+ //includes
+ include "root.php";
+ require_once "resources/require.php";
+ require_once "resources/check_auth.php";
+
+ //check permissions
+ if (permission_exists('fax_send')) {
+ //access granted
+ }
+ else {
+ echo "access denied";
+ exit;
+ }
//add multi-lingual support
$language = new text;
@@ -110,11 +113,11 @@ if (!$included) {
// set fax cover font to generate pdf
$fax_cover_font = $_SESSION['fax']['cover_font']['text'];
}
-else{
+else {
require_once "resources/classes/event_socket.php";
}
-if(!function_exists('correct_path')) {
+if (!function_exists('correct_path')) {
function correct_path($p) {
global $IS_WINDOWS;
if ($IS_WINDOWS) {
@@ -124,7 +127,7 @@ if(!function_exists('correct_path')) {
}
}
-if(!function_exists('gs_cmd')) {
+if (!function_exists('gs_cmd')) {
function gs_cmd($args) {
global $IS_WINDOWS;
if ($IS_WINDOWS) {
@@ -134,7 +137,7 @@ if(!function_exists('gs_cmd')) {
}
}
-if(!function_exists('fax_enqueue')) {
+if (!function_exists('fax_enqueue')) {
function fax_enqueue($fax_uuid, $fax_file, $wav_file, $reply_address, $fax_uri, $fax_dtmf, $dial_string){
global $db, $db_type;
@@ -186,16 +189,16 @@ HERE;
}
}
-if(!function_exists('fax_split_dtmf')) {
-function fax_split_dtmf(&$fax_number, &$fax_dtmf){
- $tmp = array();
- $fax_dtmf = '';
- if(preg_match('/^\s*(.*?)\s*\((.*)\)\s*$/', $fax_number, $tmp)){
- $fax_number = $tmp[1];
- $fax_dtmf = $tmp[2];
+if (!function_exists('fax_split_dtmf')) {
+ function fax_split_dtmf(&$fax_number, &$fax_dtmf){
+ $tmp = array();
+ $fax_dtmf = '';
+ if(preg_match('/^\s*(.*?)\s*\((.*)\)\s*$/', $fax_number, $tmp)){
+ $fax_number = $tmp[1];
+ $fax_dtmf = $tmp[2];
+ }
}
}
-}
//get the fax extension
if (strlen($fax_extension) > 0) {
@@ -347,7 +350,6 @@ function fax_split_dtmf(&$fax_number, &$fax_dtmf){
$fax_name = str_replace("+", "_", $fax_name);
$fax_name = str_replace("=", "_", $fax_name);
-
$attachment_file_name = $_files['name'][$index];
rename($dir_fax_temp.'/'.$attachment_file_name, $dir_fax_temp.'/'.$fax_name.'.'.$fax_file_extension);
unset($attachment_file_name);
@@ -960,11 +962,10 @@ if (!$included) {
$sql .= ") \n";
}
$prep_statement = $db->prepare(check_sql($sql));
- $prep_statement -> execute();
- $result = $prep_statement -> fetchAll(PDO::FETCH_NAMED);
- $result_count = count($result);
- if ($result_count > 0) {
- foreach ($result as &$row) {
+ $prep_statement->execute();
+ $contacts = $prep_statement->fetchAll(PDO::FETCH_NAMED);
+ if (is_array($contacts)) {
+ foreach ($contacts as &$row) {
if ($row['contact_organization'] != '') {
$contact_option_label = $row['contact_organization'];
}
@@ -976,7 +977,7 @@ if (!$included) {
}
$contact_option_value_recipient = $contact_option_label;
$contact_option_value_faxnumber = $row['phone_number'];
- $contact_option_label .= ": ".format_phone($row['phone_number']);
+ $contact_option_label .= ": ".escape(format_phone($row['phone_number']));
$contact_labels[] = $contact_option_label;
$contact_values[] = $contact_option_value_faxnumber."|".$contact_option_value_recipient;
unset($contact_option_label);
@@ -985,13 +986,13 @@ if (!$included) {
echo " \n";
}
- unset ($prep_statement);
+ unset($prep_statement);
echo " \n";
- if ($result_count > 0) {
+ if (is_array($contacts)) {
echo " \n";
}
echo "
\n";