diff --git a/app/ring_groups/ring_group_forward.php b/app/ring_groups/ring_group_forward.php
index 28ba413579..575c9f3624 100644
--- a/app/ring_groups/ring_group_forward.php
+++ b/app/ring_groups/ring_group_forward.php
@@ -50,25 +50,39 @@
 	$order_by = $_GET["order_by"];
 	$order = $_GET["order"];
 
+//find the path
+	switch ($_SERVER['REQUEST_URI']) {
+		case PROJECT_PATH."/core/user_settings/user_dashboard.php":
+			$validated_path = PROJECT_PATH."/core/user_settings/user_dashboard.php";
+			break;
+		case PROJECT_PATH."/app/ring_groups/ring_group_forward.php":
+			$validated_path = PROJECT_PATH."/app/ring_groups/ring_group_forward.php";
+			break;
+		default:
+			$validated_path = PROJECT_PATH."/app/ring_groups/ring_group_forward.php";
+	}
+
 //update ring group forwarding
 	if (sizeof($_POST) > 0) {
-		$ring_groups = $_POST['ring_group_forward_enabled'];
-		$destinations = $_POST['ring_group_forward_destination'];
-
-		if (is_array($ring_groups) && @sizeof($ring_groups) != 0 && permission_exists('ring_group_forward')) {
+		if (is_array($_POST['ring_groups']) && @sizeof($_POST['ring_groups']) != 0 && permission_exists('ring_group_forward')) {
 			$x = 0;
-			foreach ($ring_groups as $ring_group_uuid => $ring_group_forward_enabled) {
+			foreach ($_POST['ring_groups'] as $row) {
 				//remove non-numeric characters
-					$ring_group_foreward_destination = preg_replace("~[^0-9]~", "", $destinations[$ring_group_uuid]);
+					$ring_group_uuid = $row['ring_group_uuid'];
+					$ring_group_forward_destination = preg_replace("~[^0-9]~", "", $row['ring_group_forward_destination']);
+					$ring_group_forward_enabled = ($row['ring_group_forward_enabled'] == 'true') ? $ring_group_forward_enabled = 'true' : $ring_group_forward_enabled = 'false';
 				//build array
-					$array['ring_groups'][$x]['ring_group_uuid'] = $ring_group_uuid;
-					$array['ring_groups'][$x]['domain_uuid'] = $_SESSION['domain_uuid'];
-					$array['ring_groups'][$x]['ring_group_forward_enabled'] = $ring_group_forward_enabled;
-					$array['ring_groups'][$x]['ring_group_forward_destination'] = $ring_group_foreward_destination;
+					if (is_uuid($ring_group_uuid)) {
+						$array['ring_groups'][$x]['ring_group_uuid'] = $ring_group_uuid;
+						$array['ring_groups'][$x]['domain_uuid'] = $_SESSION['domain_uuid'];
+						$array['ring_groups'][$x]['ring_group_forward_enabled'] =$ring_group_forward_enabled;
+						$array['ring_groups'][$x]['ring_group_forward_destination'] = $ring_group_forward_destination;
+					}
 				//increment counter
 					$x++;
 			}
-			if (is_array($array) && !sizeof($array) != 0) {
+
+			if (is_array($array) && sizeof($array) != 0) {
 				//update ring group
 					$p = new permissions;
 					$p->add('ring_group_edit', 'temp');
@@ -85,7 +99,7 @@
 					message::add($text['message-update']);
 
 				//redirect the user
-					header("Location: ".$_REQUEST['return_url']);
+					header("Location: ".$validated_path);
 					exit;
 			}
 		}
@@ -104,8 +118,8 @@
 		$sql .= "where r.ring_group_uuid = u.ring_group_uuid ";
 		$sql .= "and r.domain_uuid = :domain_uuid ";
 		$sql .= "and u.user_uuid = :user_uuid ";
-		$parameters['domain_uuid'] = $_SESSION['domain_uuid'];
-		$parameters['user_uuid'] = $_SESSION['user_uuid'];
+		$parameters['domain_uuid'] = $_SESSION['user']['domain_uuid'];
+		$parameters['user_uuid'] = $_SESSION['user']['user_uuid'];
 	}
 	$database = new database;
 	$num_rows = $database->select($sql, $parameters, 'column');
@@ -132,7 +146,8 @@
 		$sql .= "where r.ring_group_uuid = u.ring_group_uuid ";
 		$sql .= "and r.domain_uuid = :domain_uuid ";
 		$sql .= "and u.user_uuid = :user_uuid ";
-		$parameters['domain_uuid'] = $_SESSION['domain_uuid'];
+		$parameters['domain_uuid'] = $_SESSION['user']['domain_uuid'];
+		$parameters['user_uuid'] = $_SESSION['user']['user_uuid'];
 	}
 	$sql .= order_by($order_by, $order, 'ring_group_extension', 'asc');
 	$sql .= limit_offset($rows_per_page, $offset);
@@ -140,9 +155,7 @@
 	$result = $database->select($sql, $parameters, 'all');
 	unset($sql, $parameters);
 
-	echo "<form method='post' name='frm' action='".PROJECT_PATH."/app/ring_groups/ring_group_forward.php'>\n";
-	echo "<input type='hidden' name='return_url' value='".$_SERVER['REQUEST_URI']."'>\n";
-
+	echo "<form method='post' name='frm' action='".$validated_path."'>\n";
 	echo "	<div style='float: left;'>";
 	echo "		<b>".$text['header-ring-group-forward']."</b><br />";
 	if (!$is_included) {
@@ -168,25 +181,27 @@
 	}
 	echo "</tr>\n";
 
-	$c = 0;
+	$c = 0; $x = 0;
 	if (is_array($result) && @sizeof($result) != 0) {
 		foreach($result as $row) {
-			$onclick = "onclick=\"document.getElementById('".$row['ring_group_uuid']."').selectedIndex = (document.getElementById('".$row['ring_group_uuid']."').selectedIndex) ? 0 : 1; if (document.getElementById('".$row['ring_group_uuid']."').selectedIndex) { document.getElementById('destination').focus(); }\"";
+			$onclick = "onclick=\"document.getElementById('".escape($row['ring_group_uuid'])."').selectedIndex = (document.getElementById('".escape($row['ring_group_uuid'])."').selectedIndex) ? 0 : 1; if (document.getElementById('".escape($row['ring_group_uuid'])."').selectedIndex) { document.getElementById('destination').focus(); }\"";
 			echo "<tr>\n";
-			echo "	<td valign='top' class='row_style".$c."' ".$onclick.">".$row['ring_group_name']."&nbsp;</td>\n";
-			echo "	<td valign='top' class='row_style".$c."' ".$onclick.">".$row['ring_group_extension']."&nbsp;</td>\n";
+			echo "	<td valign='top' class='row_style".$c."' ".$onclick.">".escape($row['ring_group_name'])."&nbsp;</td>\n";
+			echo "	<td valign='top' class='row_style".$c."' ".$onclick.">".escape($row['ring_group_extension'])."&nbsp;</td>\n";
 			echo "	<td valign='top' class='row_style".$c." row_style_slim' width='5'>";
-			echo "		<select class='formfld' name='ring_group_forward_enabled[".$row['ring_group_uuid']."]' id='".$row['ring_group_uuid']."' onchange=\"(this.selectedIndex == 1) ? document.getElementById('destination').focus() : null;\">";
+			echo "		<input type='hidden' name='ring_groups[".$x."][ring_group_uuid]' id='destination'  value=\"".escape($row["ring_group_uuid"])."\">";
+			echo "		<select class='formfld' name='ring_groups[".$x."][ring_group_forward_enabled]\" id='".escape($row['ring_group_uuid'])."' onchange=\"(this.selectedIndex == 1) ? document.getElementById('destination').focus() : null;\">";
 			echo "			<option value='false'>".$text['option-disabled']."</option>";
 			echo "			<option value='true' ".(($row["ring_group_forward_enabled"] == 'true') ? "selected='selected'" : null).">".$text['option-enabled']."</option>";
 			echo "		</select>";
-			echo "		<input class='formfld' style='width: 100px;' type='text' name='ring_group_forward_destination[".$row['ring_group_uuid']."]' id='destination' placeholder=\"".$text['label-forward_destination']."\" maxlength='255' value=\"".$row["ring_group_forward_destination"]."\">";
+			echo "		<input class='formfld' style='width: 100px;' type='text' name='ring_groups[".$x."][ring_group_forward_destination]' id='destination' placeholder=\"".$text['label-forward_destination']."\" maxlength='255' value=\"".escape($row["ring_group_forward_destination"])."\">";
 			echo "	</td>\n";
 			if (!$is_included) {
-				echo "	<td valign='top' class='row_stylebg tr_link_void' ".$onclick.">".$row['ring_group_description']."&nbsp;</td>\n";
+				echo "	<td valign='top' class='row_stylebg tr_link_void' ".$onclick.">".escape($row['ring_group_description'])."&nbsp;</td>\n";
 			}
 			echo "</tr>\n";
 			$c = ($c) ? 0 : 1;
+			$x++;
 		}
 	}
 	unset($result, $row);