diff --git a/app/xml_cdr/xml_cdr_extension_summary.php b/app/xml_cdr/xml_cdr_extension_summary.php index a003f40ed8..2eb5b755a4 100644 --- a/app/xml_cdr/xml_cdr_extension_summary.php +++ b/app/xml_cdr/xml_cdr_extension_summary.php @@ -233,20 +233,20 @@ $tr_link = "xhref='xml_cdr.php?'"; echo "\n"; if ($_GET['showall'] && permission_exists('xml_cdr_all')) { - echo " ".$row['domain_name']."\n"; + echo " ".escape($row['domain_name'])."\n"; } - echo " ".$row['extension']."\n"; - echo " ".$row['number_alias']." \n"; - //echo " ".$row['answered']." \n"; - echo " ".$row['missed']." \n"; - echo " ".$row['no_answer']." \n"; - echo " ".$row['busy']." \n"; + echo " ".escape($row['extension'])."\n"; + echo " ".escape($row['number_alias'])." \n"; + //echo " ".escape($row['answered'])." \n"; + echo " ".escape($row['missed'])." \n"; + echo " ".escape($row['no_answer'])." \n"; + echo " ".escape($row['busy'])." \n"; echo " ".gmdate("H:i:s",$row['aloc'])." \n"; - echo "  ". $row['inbound_calls'] ."\n"; + echo "  ". escape($row['inbound_calls']) ."\n"; echo " ".(($row['inbound_duration'] != '0') ? gmdate("G:i:s", $row['inbound_duration']) : '0:00:00')."\n"; - echo "  ".(($row['outbound_calls'] != '') ? $row['outbound_calls'] : "0")."\n"; + echo "  ".(($row['outbound_calls'] != '') ? escape($row['outbound_calls']) : "0")."\n"; echo " ".(($row['outbound_duration'] != '') ? gmdate("G:i:s", $row['outbound_duration']) : '0:00:00')."\n"; - echo " ".$row['description']." \n"; + echo " ".escape($row['description'])." \n"; echo "\n"; $c = ($c==0) ? 1 : 0; }