dbxe
/
fusionpbx
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update user_edit.php

This commit is contained in:
FusionPBX 2019-08-23 21:38:17 -06:00 committed by GitHub
parent 2f6d52626b
commit 95c3da9f13
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
core/users/user_edit.php
View File

@ -45,7 +45,7 @@
}
else {
// load users own account
header("Location: user_edit.php?id=".$_SESSION['user_uuid']);
header("Location: user_edit.php?id=".urlencode($_SESSION['user_uuid']));
exit;
}
@ -206,7 +206,7 @@
//return if error
if (message::count() != 0) {
$_SESSION['tmp'][$_SERVER['PHP_SELF']]['user'] = $_POST;
header("Location: user_edit.php".(permission_exists('user_edit') && $action != 'add' ? "?id=".$user_uuid : null));
header("Location: user_edit.php".(permission_exists('user_edit') && $action != 'add' ? "?id=".urlencode($user_uuid) : null));
exit;
}
@ -666,7 +666,7 @@
echo " <input type='button' class='btn' style='margin-right: 10px;' onclick=\"window.location='users.php'\" value='".$text['button-back']."'>";
}
if (permission_exists('ticket_add') || permission_exists('ticket_edit')) {
echo " <input type='button' class='btn' style='margin-right: 3px;' onclick=\"window.location='/app/tickets/tickets.php?user_uuid=".escape($user_uuid)."'\" value='".$text['button-tickets']."'>";
echo " <input type='button' class='btn' style='margin-right: 3px;' onclick=\"window.location='/app/tickets/tickets.php?user_uuid=".urlencode($user_uuid)."'\" value='".$text['button-tickets']."'>";
}
echo " <input type='submit' class='btn' value='".$text['button-save']."'>";
echo "</div>\n";
@ -875,7 +875,7 @@
echo "<br />\n";
echo $text['description-contact']."\n";
if (strlen($contact_uuid) > 0) {
echo " <a href=\"".PROJECT_PATH."/app/contacts/contact_edit.php?id=".escape($contact_uuid)."\">".$text['description-contact_view']."</a>\n";
echo " <a href=\"".PROJECT_PATH."/app/contacts/contact_edit.php?id=".urlencode($contact_uuid)."\">".$text['description-contact_view']."</a>\n";
}
echo " </td>";
echo " </tr>";
@ -930,7 +930,7 @@
echo " </td>\n";
if (permission_exists('group_member_delete') || if_group("superadmin")) {
echo " <td class='list_control_icons' style='width: 25px;'>\n";
echo " <a href='user_edit.php?id=".escape($user_uuid)."&domain_uuid=".escape($domain_uuid)."&group_uuid=".escape($field['group_uuid'])."&a=delete' alt='".$text['button-delete']."' onclick=\"return confirm('".$text['confirm-delete']."')\">".$v_link_label_delete."</a>\n";
echo " <a href='user_edit.php?id=".urlencode($user_uuid)."&domain_uuid=".urlencode($domain_uuid)."&group_uuid=".urlencode($field['group_uuid'])."&a=delete' alt='".$text['button-delete']."' onclick=\"return confirm('".$text['confirm-delete']."')\">".$v_link_label_delete."</a>\n";
echo " </td>\n";
}
echo "</tr>\n";