dbxe
/
fusionpbx
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update music_on_hold.php

This commit is contained in:
Nate 2019-08-19 07:18:24 -06:00
parent 33aad114a2
commit 95ed18aa9d
1 changed files with 12 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
app/music_on_hold/music_on_hold.php
View File

@ -86,6 +86,9 @@
$stream_file = base64_decode($_GET['file']); $stream_file = base64_decode($_GET['file']);
$stream_full_path = path_join($stream_path, $stream_file); $stream_full_path = path_join($stream_path, $stream_file);
//sanitize path
$stream_full_path = str_replace('../', '', $stream_full_path);
//dowload the file //dowload the file
session_cache_limiter('public'); session_cache_limiter('public');
if (file_exists($stream_full_path)) { if (file_exists($stream_full_path)) {
@ -284,13 +287,21 @@
} }
} }
//replace the sounds_dir variable in the path
$stream_path = str_replace('$${sounds_dir}', $_SESSION['switch']['sounds']['dir'], $stream_path);
//check permissions //check permissions
if (($stream_domain_uuid == '' && permission_exists('music_on_hold_domain')) || if (($stream_domain_uuid == '' && permission_exists('music_on_hold_domain')) ||
($stream_domain_uuid != '' && permission_exists('music_on_hold_delete'))) { ($stream_domain_uuid != '' && permission_exists('music_on_hold_delete'))) {
//remove specified file //remove specified file
if ($stream_file != '') { if ($stream_file != '') {
@unlink(path_join($stream_path, $stream_file)); //define path
$stream_full_path = path_join($stream_path, $stream_file);
//sanitize path
$stream_full_path = str_replace('../', '', $stream_full_path);
//delete file
@unlink($stream_full_path);
} }
//remove all audio files //remove all audio files
else { else {