From 8528f38c518b44a890b04bcf0980bd23279fb076 Mon Sep 17 00:00:00 2001
From: FusionPBX <markjcrane@gmail.com>
Date: Wed, 28 Oct 2020 22:02:54 -0600
Subject: [PATCH] Update dialplan_outbound_add.php

Use a parameterized query for the domain_uuid.
---
 app/dialplan_outbound/dialplan_outbound_add.php | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/app/dialplan_outbound/dialplan_outbound_add.php b/app/dialplan_outbound/dialplan_outbound_add.php
index f0cfa99e5f..1274d864e8 100644
--- a/app/dialplan_outbound/dialplan_outbound_add.php
+++ b/app/dialplan_outbound/dialplan_outbound_add.php
@@ -729,12 +729,13 @@
 	$sql = "select * from v_gateways ";
 	$sql .= "where enabled = 'true' ";
 	if (permission_exists('outbound_route_any_gateway')) {
-		$sql .= "order by domain_uuid = '$domain_uuid' DESC, gateway ";
+		$sql .= "order by domain_uuid = :domain_uuid DESC, gateway ";
 	}
 	else {
 		$sql .= "and domain_uuid = :domain_uuid ";
-		$parameters['domain_uuid'] = $domain_uuid;
+		
 	}
+	$parameters['domain_uuid'] = $domain_uuid;
 	$database = new database;
 	$gateways = $database->select($sql, $parameters, 'all');
 	unset($sql, $parameters);