diff --git a/app/gateways/app_languages.php b/app/gateways/app_languages.php
index 320472be28..ab7b5fd40a 100644
--- a/app/gateways/app_languages.php
+++ b/app/gateways/app_languages.php
@@ -761,6 +761,26 @@ $text['label-action']['ru-ru'] = "Действие";
 $text['label-action']['sv-se'] = "Åtgärd";
 $text['label-action']['uk-ua'] = "Дія";
 
+$text['label-copy']['en-us'] = "Copy";
+$text['label-copy']['ar-eg'] = "Copy";
+$text['label-copy']['de-at'] = "Copy";
+$text['label-copy']['de-ch'] = "Copy";
+$text['label-copy']['de-de'] = "Copy";
+$text['label-copy']['es-cl'] = "Copy";
+$text['label-copy']['es-mx'] = "Copy";
+$text['label-copy']['fr-ca'] = "Copy";
+$text['label-copy']['fr-fr'] = "Copy";
+$text['label-copy']['he-il'] = "Copy";
+$text['label-copy']['it-it'] = "Copy";
+$text['label-copy']['nl-nl'] = "Copy";
+$text['label-copy']['pl-pl'] = "Copy";
+$text['label-copy']['pt-br'] = "Copy";
+$text['label-copy']['pt-pt'] = "Copy";
+$text['label-copy']['ro-ro'] = "Copy";
+$text['label-copy']['ru-ru'] = "Copy";
+$text['label-copy']['sv-se'] = "Copy";
+$text['label-copy']['uk-ua'] = "Copy";
+
 $text['description-username']['en-us'] = "Enter the username here.";
 $text['description-username']['ar-eg'] = "أدخل اسم المستخدم هنا";
 $text['description-username']['de-at'] = "Geben Sie den Benutzernamen an."; //copied from de-de
diff --git a/app/gateways/gateway_copy.php b/app/gateways/gateway_copy.php
index 493108d6e7..8cbd42a76f 100644
--- a/app/gateways/gateway_copy.php
+++ b/app/gateways/gateway_copy.php
@@ -44,141 +44,110 @@
 	$text = $language->get();
 
 //set the http get/post variable(s) to a php variable
-	if (isset($_REQUEST["id"])) {
-		$gateway_uuid = check_str($_REQUEST["id"]);
-	}
+	if (is_uuid($_REQUEST["id"])) {
+		$gateway_uuid = $_REQUEST["id"];
 
-//get the data
-	$sql = "select * from v_gateways ";
-	$sql .= "where gateway_uuid = '$gateway_uuid' ";
-	$prep_statement = $db->prepare(check_sql($sql));
-	$prep_statement->execute();
-	$gateways = $prep_statement->fetchAll(PDO::FETCH_NAMED);
-	foreach ($gateways as &$row) {
-		$domain_uuid = $row["domain_uuid"];
-		$gateway = $row["gateway"];
-		$username = $row["username"];
-		$password = $row["password"];
-		$auth_username = $row["auth_username"];
-		$realm = $row["realm"];
-		$from_user = $row["from_user"];
-		$from_domain = $row["from_domain"];
-		$proxy = $row["proxy"];
-		$register_proxy = $row["register_proxy"];
-		$outbound_proxy = $row["outbound_proxy"];
-		$expire_seconds = $row["expire_seconds"];
-		$register = $row["register"];
-		$register_transport = $row["register_transport"];
-		$retry_seconds = $row["retry_seconds"];
-		$extension = $row["extension"];
-		$codec_prefs = $row["codec_prefs"];
-		$ping = $row["ping"];
-		$channels = $row["channels"];
-		$caller_id_in_from = $row["caller_id_in_from"];
-		$supress_cng = $row["supress_cng"];
-		$extension_in_contact = $row["extension_in_contact"];
-		$effective_caller_id_name = $row["effective_caller_id_name"];
-		$effective_caller_id_number = $row["effective_caller_id_number"];
-		$outbound_caller_id_name = $row["outbound_caller_id_name"];
-		$outbound_caller_id_number = $row["outbound_caller_id_number"];
-		$context = $row["context"];
-		$enabled = $row["enabled"];
-		$description = 'copy: '.$row["description"];
-	}
-	unset ($prep_statement);
+		//get the data
+			$sql = "select * from v_gateways ";
+			$sql .= "where gateway_uuid = :gateway_uuid ";
+			$parameters['gateway_uuid'] = $gateway_uuid;
+			$database = new database;
+			$row = $database->select($sql, $parameters, 'row');
+			if (is_array($row) && @sizeof($row) != 0) {
+				$domain_uuid = $row["domain_uuid"];
+				$gateway = $row["gateway"];
+				$username = $row["username"];
+				$password = $row["password"];
+				$auth_username = $row["auth_username"];
+				$realm = $row["realm"];
+				$from_user = $row["from_user"];
+				$from_domain = $row["from_domain"];
+				$proxy = $row["proxy"];
+				$register_proxy = $row["register_proxy"];
+				$outbound_proxy = $row["outbound_proxy"];
+				$expire_seconds = $row["expire_seconds"];
+				$register = $row["register"];
+				$register_transport = $row["register_transport"];
+				$retry_seconds = $row["retry_seconds"];
+				$extension = $row["extension"];
+				$codec_prefs = $row["codec_prefs"];
+				$ping = $row["ping"];
+				$channels = $row["channels"];
+				$caller_id_in_from = $row["caller_id_in_from"];
+				$supress_cng = $row["supress_cng"];
+				$extension_in_contact = $row["extension_in_contact"];
+				$effective_caller_id_name = $row["effective_caller_id_name"];
+				$effective_caller_id_number = $row["effective_caller_id_number"];
+				$outbound_caller_id_name = $row["outbound_caller_id_name"];
+				$outbound_caller_id_number = $row["outbound_caller_id_number"];
+				$context = $row["context"];
+				$enabled = $row["enabled"];
+				$description = $row["description"]." (".$text['label-copy'].")";
+			}
+			unset($sql, $parameters, $row);
 
-//set defaults
-	if (strlen($expire_seconds) == 0) {
-		$expire_seconds = '800';
-	}
-	if (strlen($retry_seconds) == 0) {
-		$retry_seconds = '30';
-	}
+		//set defaults
+			if (strlen($expire_seconds) == 0) {
+				$expire_seconds = '800';
+			}
+			if (strlen($retry_seconds) == 0) {
+				$retry_seconds = '30';
+			}
 
-//copy the gateways
-	$gateway_uuid = uuid();
-	$sql = "insert into v_gateways ";
-	$sql .= "(";
-	$sql .= "domain_uuid, ";
-	$sql .= "gateway_uuid, ";
-	$sql .= "gateway, ";
-	$sql .= "username, ";
-	$sql .= "password, ";
-	$sql .= "auth_username, ";
-	$sql .= "realm, ";
-	$sql .= "from_user, ";
-	$sql .= "from_domain, ";
-	$sql .= "proxy, ";
-	$sql .= "register_proxy, ";
-	$sql .= "outbound_proxy, ";
-	$sql .= "expire_seconds, ";
-	$sql .= "register, ";
-	$sql .= "register_transport, ";
-	$sql .= "retry_seconds, ";
-	$sql .= "extension, ";
-	$sql .= "codec_prefs, ";
-	$sql .= "ping, ";
-	//$sql .= "channels, ";
-	$sql .= "caller_id_in_from, ";
-	$sql .= "supress_cng, ";
-	$sql .= "extension_in_contact, ";
-	$sql .= "context, ";
-	$sql .= "enabled, ";
-	$sql .= "description ";
-	$sql .= ")";
-	$sql .= "values ";
-	$sql .= "(";
-	if (strlen($domain_uuid) > 0) {
-		$sql .= "'$domain_uuid', ";
-	}
-	else {
-		$sql .= "null, ";
-	}
-	$sql .= "'$gateway_uuid', ";
-	$sql .= "'$gateway', ";
-	$sql .= "'$username', ";
-	$sql .= "'$password', ";
-	$sql .= "'$auth_username', ";
-	$sql .= "'$realm', ";
-	$sql .= "'$from_user', ";
-	$sql .= "'$from_domain', ";
-	$sql .= "'$proxy', ";
-	$sql .= "'$register_proxy', ";
-	$sql .= "'$outbound_proxy', ";
-	$sql .= "'$expire_seconds', ";
-	$sql .= "'$register', ";
-	$sql .= "'$register_transport', ";
-	$sql .= "'$retry_seconds', ";
-	$sql .= "'$extension', ";
-	$sql .= "'$codec_prefs', ";
-	$sql .= "'$ping', ";
-	//$sql .= "'$channels', ";
-	$sql .= "'$caller_id_in_from', ";
-	$sql .= "'$supress_cng', ";
-	$sql .= "'$extension_in_contact', ";
-	$sql .= "'$context', ";
-	$sql .= "'$enabled', ";
-	$sql .= "'$description' ";
-	$sql .= ")";
-	$db->exec(check_sql($sql));
-	unset($sql);
+		//copy the gateways
+			$gateway_uuid = uuid();
+			$array['gateways'][0]['domain_uuid'] = is_uuid($domain_uuid) ? $domain_uuid : null;
+			$array['gateways'][0]['gateway_uuid'] = $gateway_uuid;
+			$array['gateways'][0]['gateway'] = $gateway;
+			$array['gateways'][0]['username'] = $username;
+			$array['gateways'][0]['password'] = $password;
+			$array['gateways'][0]['auth_username'] = $auth_username;
+			$array['gateways'][0]['realm'] = $realm;
+			$array['gateways'][0]['from_user'] = $from_user;
+			$array['gateways'][0]['from_domain'] = $from_domain;
+			$array['gateways'][0]['proxy'] = $proxy;
+			$array['gateways'][0]['register_proxy'] = $register_proxy;
+			$array['gateways'][0]['outbound_proxy'] = $outbound_proxy;
+			$array['gateways'][0]['expire_seconds'] = $expire_seconds;
+			$array['gateways'][0]['register'] = $register;
+			$array['gateways'][0]['register_transport'] = $register_transport;
+			$array['gateways'][0]['retry_seconds'] = $retry_seconds;
+			$array['gateways'][0]['extension'] = $extension;
+			$array['gateways'][0]['codec_prefs'] = $codec_prefs;
+			$array['gateways'][0]['ping'] = $ping;
+			//$array['gateways'][0]['channels'] = $channels;
+			$array['gateways'][0]['caller_id_in_from'] = $caller_id_in_from;
+			$array['gateways'][0]['supress_cng'] = $supress_cng;
+			$array['gateways'][0]['extension_in_contact'] = $extension_in_contact;
+			$array['gateways'][0]['context'] = $context;
+			$array['gateways'][0]['enabled'] = $enabled;
+			$array['gateways'][0]['description'] = $description;
 
-//add new gateway to session variable
-	if ($enabled == 'true') {
-		$_SESSION['gateways'][$gateway_uuid] = $gateway;
+			$database = new database;
+			$database->app_name = 'gateways';
+			$database->app_uuid = '297ab33e-2c2f-8196-552c-f3567d2caaf8';
+			$database->save($array);
+			unset($array);
+
+		//add new gateway to session variable
+			if ($enabled == 'true') {
+				$_SESSION['gateways'][$gateway_uuid] = $gateway;
+			}
+
+		//synchronize the xml config
+			save_gateway_xml();
+
+		//clear the cache
+			$fp = event_socket_create($_SESSION['event_socket_ip_address'], $_SESSION['event_socket_port'], $_SESSION['event_socket_password']);
+			$hostname = trim(event_socket_request($fp, 'api switchname'));
+			$cache = new cache;
+			$cache->delete("configuration:sofia.conf:".$hostname);
+
+		//set message
+			message::add($text['message-copy']);
 	}
 
-//synchronize the xml config
-	save_gateway_xml();
-
-//clear the cache
-	$fp = event_socket_create($_SESSION['event_socket_ip_address'], $_SESSION['event_socket_port'], $_SESSION['event_socket_password']);
-	$hostname = trim(event_socket_request($fp, 'api switchname'));
-	$cache = new cache;
-	$cache->delete("configuration:sofia.conf:".$hostname);
-
 //redirect the user
-	message::add($text['message-copy']);
 	header("Location: gateways.php");
 	return;
 
diff --git a/app/gateways/gateway_delete.php b/app/gateways/gateway_delete.php
index 6d99c9da77..f2a2b34196 100644
--- a/app/gateways/gateway_delete.php
+++ b/app/gateways/gateway_delete.php
@@ -44,20 +44,20 @@
 //delete the gateway
 	if (is_uuid($_GET["id"])) {
 		//set the variable
-			$id = check_str($_GET["id"]);
+			$id = $_GET["id"];
 
 		//get the gateway name
 			$sql = "select * from v_gateways ";
-			$sql .= "where gateway_uuid = '$id' ";
-			$prep_statement = $db->prepare(check_sql($sql));
-			$prep_statement->execute();
-			$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
-			foreach ($result as &$row) {
+			$sql .= "where gateway_uuid = :gateway_uuid ";
+			$parameters['gateway_uuid'] = $id;
+			$database = new database;
+			$row = $database->select($sql, $parameters, 'row');
+			if (is_array($row) && @sizeof($row) != 0) {
 				$gateway_uuid = $row["gateway_uuid"];
 				$gateway = $row["gateway"];
 				$profile = $row["profile"];
 			}
-			unset ($prep_statement);
+			unset($sql, $parameters, $row);
 
 		//remove gateway from session variable
 			unset($_SESSION['gateways'][$gateway_uuid]);
@@ -81,10 +81,13 @@
 			unset($cmd);
 
 		//delete the gateway
-			$sql = "delete from v_gateways ";
-			$sql .= "where gateway_uuid = '$id' ";
-			$db->query($sql);
-			unset($sql);
+			$array['gateways'][0]['gateway_uuid'] = $id;
+
+			$database = new database;
+			$database->app_name = 'gateways';
+			$database->app_uuid = '297ab33e-2c2f-8196-552c-f3567d2caaf8';
+			$database->delete($array);
+			unset($array);
 
 		//syncrhonize configuration
 			save_gateway_xml();
@@ -114,11 +117,13 @@
 
 		//clear the apply settings reminder
 			$_SESSION["reload_xml"] = false;
+
+		//set message
+			message::add($text['message-delete']);
 	}
 
 //redirect the users
-	message::add($text['message-delete']);
 	header("Location: gateways.php");
-	return;
+	exit;
 
 ?>
diff --git a/app/gateways/gateway_edit.php b/app/gateways/gateway_edit.php
index d1e37b58b8..cbff121b40 100644
--- a/app/gateways/gateway_edit.php
+++ b/app/gateways/gateway_edit.php
@@ -43,13 +43,13 @@
 	$text = $language->get();
 
 //action add or update
-	if (isset($_REQUEST["id"]) && is_uuid($_REQUEST["id"])) {
+	if (is_uuid($_REQUEST["id"])) {
 		$action = "update";
-		if (isset($_POST["id"])) {
-			$gateway_uuid = check_str($_REQUEST["id"]);
+		if (is_uuid($_POST["id"])) {
+			$gateway_uuid = $_REQUEST["id"];
 		}
-		if (isset($_POST["gateway_uuid"])) {
-			$gateway_uuid = check_str($_POST["gateway_uuid"]);
+		if (is_uuid($_POST["gateway_uuid"])) {
+			$gateway_uuid = $_POST["gateway_uuid"];
 		}
 	}
 	else {
@@ -59,59 +59,52 @@
 
 //get total gateway count from the database, check limit, if defined
 	if ($action == 'add') {
-		if ($_SESSION['limit']['gateways']['numeric'] != '') {
-			$sql = "select count(gateway_uuid) as num_rows from v_gateways ";
-			$sql .= "where ( domain_uuid = '".$_SESSION['domain_uuid']."' ";
-			if (permission_exists('gateway_domain')) {
-				$sql .= "or domain_uuid is null ";
-			}
-			$sql .= ");";
-			$prep_statement = $db->prepare($sql);
-			if ($prep_statement) {
-				$prep_statement->execute();
-				$row = $prep_statement->fetch(PDO::FETCH_ASSOC);
-				$total_gateways = $row['num_rows'];
-			}
-			unset($prep_statement, $row);
+		if (is_numeric($_SESSION['limit']['gateways']['numeric'])) {
+			$sql = "select count(gateway_uuid) from v_gateways ";
+			$sql .= "where (domain_uuid = :domain_uuid ".(permission_exists('gateway_domain') ? " or domain_uuid is null " : null).") ";
+			$parameters['domain_uuid'] = $_SESSION['domain_uuid'];
+			$database = new database;
+			$total_gateways = $database->select($sql, $parameters, 'column');
+			unset($sql, $parameters);
 			if ($total_gateways >= $_SESSION['limit']['gateways']['numeric']) {
 				message::add($text['message-maximum_gateways'].' '.$_SESSION['limit']['gateways']['numeric'], 'negative');
 				header('Location: gateways.php');
-				return;
+				exit;
 			}
 		}
 	}
 
 //get http post variables and set them to php variables
 	if (count($_POST) > 0) {
-		$domain_uuid = check_str($_POST["domain_uuid"]);
-		$gateway = check_str($_POST["gateway"]);
-		$username = check_str($_POST["username"]);
-		$password = check_str($_POST["password"]);
-		$distinct_to = check_str($_POST["distinct_to"]);
-		$auth_username = check_str($_POST["auth_username"]);
-		$realm = check_str($_POST["realm"]);
-		$from_user = check_str($_POST["from_user"]);
-		$from_domain = check_str($_POST["from_domain"]);
-		$proxy = check_str($_POST["proxy"]);
-		$register_proxy = check_str($_POST["register_proxy"]);
-		$outbound_proxy = check_str($_POST["outbound_proxy"]);
-		$expire_seconds = check_str($_POST["expire_seconds"]);
-		$register = check_str($_POST["register"]);
-		$register_transport = check_str($_POST["register_transport"]);
-		$retry_seconds = check_str($_POST["retry_seconds"]);
-		$extension = check_str($_POST["extension"]);
-		$ping = check_str($_POST["ping"]);
-		$channels = check_str($_POST["channels"]);
-		$caller_id_in_from = check_str($_POST["caller_id_in_from"]);
-		$supress_cng = check_str($_POST["supress_cng"]);
-		$sip_cid_type = check_str($_POST["sip_cid_type"]);
-		$codec_prefs = check_str($_POST["codec_prefs"]);
-		$extension_in_contact = check_str($_POST["extension_in_contact"]);
-		$context = check_str($_POST["context"]);
-		$profile = check_str($_POST["profile"]);
-		$hostname = check_str($_POST["hostname"]);
-		$enabled = check_str($_POST["enabled"]);
-		$description = check_str($_POST["description"]);
+		$domain_uuid = $_POST["domain_uuid"];
+		$gateway = $_POST["gateway"];
+		$username = $_POST["username"];
+		$password = $_POST["password"];
+		$distinct_to = $_POST["distinct_to"];
+		$auth_username = $_POST["auth_username"];
+		$realm = $_POST["realm"];
+		$from_user = $_POST["from_user"];
+		$from_domain = $_POST["from_domain"];
+		$proxy = $_POST["proxy"];
+		$register_proxy = $_POST["register_proxy"];
+		$outbound_proxy = $_POST["outbound_proxy"];
+		$expire_seconds = $_POST["expire_seconds"];
+		$register = $_POST["register"];
+		$register_transport = $_POST["register_transport"];
+		$retry_seconds = $_POST["retry_seconds"];
+		$extension = $_POST["extension"];
+		$ping = $_POST["ping"];
+		$channels = $_POST["channels"];
+		$caller_id_in_from = $_POST["caller_id_in_from"];
+		$supress_cng = $_POST["supress_cng"];
+		$sip_cid_type = $_POST["sip_cid_type"];
+		$codec_prefs = $_POST["codec_prefs"];
+		$extension_in_contact = $_POST["extension_in_contact"];
+		$context = $_POST["context"];
+		$profile = $_POST["profile"];
+		$hostname = $_POST["hostname"];
+		$enabled = $_POST["enabled"];
+		$description = $_POST["description"];
 	}
 
 //prevent the domain_uuid from not being set by someone without this permission
@@ -158,12 +151,7 @@
 
 				//build the gateway array
 					$x = 0;
-					if (strlen($domain_uuid) == 0) {
-						$array['gateways'][$x]["domain_uuid"] = null;
-					}
-					else {
-						$array['gateways'][$x]["domain_uuid"] = $domain_uuid;
-					}
+					$array['gateways'][$x]["domain_uuid"] = is_uuid($domain_uuid) ? $domain_uuid : null;
 					$array['gateways'][$x]["gateway_uuid"] = $gateway_uuid;
 					$array['gateways'][$x]["gateway"] = $gateway;
 					$array['gateways'][$x]["username"] = $username;
@@ -190,12 +178,7 @@
 					$array['gateways'][$x]["extension_in_contact"] = $extension_in_contact;
 					$array['gateways'][$x]["context"] = $context;
 					$array['gateways'][$x]["profile"] = $profile;
-					if (strlen($hostname) == 0) {
-						$array['gateways'][$x]["hostname"] = null;
-					}
-					else {
-						$array['gateways'][$x]["hostname"] = $hostname;
-					}
+					$array['gateways'][$x]["hostname"] = strlen($hostname) != 0 ? $hostname : null;
 					$array['gateways'][$x]["enabled"] = $enabled;
 					$array['gateways'][$x]["description"] = $description;
 
@@ -211,7 +194,7 @@
 					$database = new database;
 					$database->app_name = 'gateways';
 					$database->app_uuid = '297ab33e-2c2f-8196-552c-f3567d2caaf8';
-					if (strlen($gateway_uuid) > 0) {
+					if (is_uuid($gateway_uuid)) {
 						$database->uuid($gateway_uuid);
 					}
 					$database->save($array);
@@ -246,7 +229,7 @@
 					//clear the apply settings reminder
 						$_SESSION["reload_xml"] = false;
 
-			} //if ($_POST["persistformvar"] != "true")
+			}
 
 		//redirect the user
 			if (isset($action)) {
@@ -257,19 +240,19 @@
 					message::add($text['message-update']);
 				}
 				header("Location: gateways.php");
-				return;
+				exit;
 			}
-	} //(count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0)
+	}
 
 //pre-populate the form
-	if (count($_GET) > 0 && $_POST["persistformvar"] != "true") {
-		$gateway_uuid = check_str($_GET["id"]);
+	if (count($_GET) > 0 && is_uuid($_GET["id"]) && $_POST["persistformvar"] != "true") {
+		$gateway_uuid = $_GET["id"];
 		$sql = "select * from v_gateways ";
-		$sql .= "where gateway_uuid = '".$gateway_uuid."' ";
-		$prep_statement = $db->prepare(check_sql($sql));
-		$prep_statement->execute();
-		$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
-		foreach ($result as &$row) {
+		$sql .= "where gateway_uuid = :gateway_uuid ";
+		$parameters['gateway_uuid'] = $gateway_uuid;
+		$database = new database;
+		$row = $database->select($sql, $parameters, 'row');
+		if (is_array($row) && @sizeof($row) != 0) {
 			$domain_uuid = $row["domain_uuid"];
 			$gateway = $row["gateway"];
 			$username = $row["username"];
@@ -300,17 +283,16 @@
 			$enabled = $row["enabled"];
 			$description = $row["description"];
 		}
-		unset ($prep_statement);
+		unset($sql, $parameters, $row);
 	}
 
 //get the sip profiles
 	$sql = "select sip_profile_name from v_sip_profiles ";
 	$sql .= "where sip_profile_enabled = 'true' ";
 	$sql .= "order by sip_profile_name asc ";
-	$prep_statement = $db->prepare(check_sql($sql));
-	$prep_statement->execute();
-	$sip_profiles = $prep_statement->fetchAll();
-	unset ($prep_statement, $sql);
+	$database = new database;
+	$sip_profiles = $database->select($sql, null, 'all');
+	unset($sql);
 
 //set defaults
 	if (strlen($enabled) == 0) { $enabled = "true"; }
diff --git a/app/gateways/gateways.php b/app/gateways/gateways.php
index 614e1dbbf9..9155e75fd3 100644
--- a/app/gateways/gateways.php
+++ b/app/gateways/gateways.php
@@ -47,19 +47,19 @@
 	require_once "resources/paging.php";
 
 //get variables used to control the order
-	$order_by = check_str($_GET["order_by"]);
-	$order = check_str($_GET["order"]);
+	$order_by = $_GET["order_by"];
+	$order = $_GET["order"];
 
 //connect to event socket
 	$fp = event_socket_create($_SESSION['event_socket_ip_address'], $_SESSION['event_socket_port'], $_SESSION['event_socket_password']);
 	if ($fp) {
-		if (strlen($_GET["a"]) > 0) {
-			$profile = check_str($_GET["profile"]);
+		if (strlen($_GET["a"]) > 0 && is_uuid($_GET["gateway"])) {
+			$profile = $_GET["profile"];
 			if (strlen($profile) == 0) {
 				$profile = 'external';
 			}
 			if ($_GET["a"] == "stop") {
-				$gateway_uuid = check_str($_GET["gateway"]);
+				$gateway_uuid = $_GET["gateway"];
 				$cmd = 'api sofia profile '.$profile.' killgw '.$gateway_uuid;
 				$response = trim(event_socket_request($fp, $cmd));
 				$msg = '<strong>Stop Gateway:</strong><pre>'.$response.'</pre>';
@@ -113,19 +113,13 @@
 	echo "<br />\n";
 
 //get total gateway count from the database
-	$sql = "select count(*) as num_rows from v_gateways ";
-	$sql .= "where ( domain_uuid = '".$_SESSION['domain_uuid']."' ";
-	if (permission_exists('gateway_domain')) {
-		$sql .= "or domain_uuid is null ";
+	$sql = "select count(*) from v_gateways ";
+	if (!($_GET['show'] == "all" && permission_exists('gateway_all'))) {
+		$sql .= "where (domain_uuid = :domain_uuid ".(permission_exists('gateway_domain') ? " or domain_uuid is null " : null).") ";
+		$parameters['domain_uuid'] = $_SESSION['domain_uuid'];
 	}
-	$sql .= ");";
-	$prep_statement = $db->prepare($sql);
-	if ($prep_statement) {
-		$prep_statement->execute();
-		$row = $prep_statement->fetch(PDO::FETCH_ASSOC);
-		$total_gateways = $row['num_rows'];
-	}
-	unset($sql, $prep_statement, $row);
+	$database = new database;
+	$total_gateways = $database->select($sql, $parameters, 'column');
 
 //prepare to page the results
 	$rows_per_page = ($_SESSION['domain']['paging']['numeric'] != '') ? $_SESSION['domain']['paging']['numeric'] : 50;
@@ -136,28 +130,12 @@
 	$offset = $rows_per_page * $_GET['page'];
 
 //get the list
-	$sql = "select * from v_gateways ";
-	if ($_GET['show'] == "all" && permission_exists('gateway_all')) {
-		//show all gateways
-	} else {
-		$sql .= "where (\n";
-		$sql .= " domain_uuid = '".$_SESSION['domain_uuid']."'\n";
-		if (permission_exists('gateway_domain')) {
-			$sql .= " or domain_uuid is null\n";
-		}
-		$sql .= ") ";
-	}
-	if (strlen($order_by) == 0) {
-		$sql .= "order by gateway asc\n";
-	}
-	else {
-		$sql .= "order by $order_by $order\n";
-	}
-	$sql .= "limit $rows_per_page offset $offset\n";
-	$prep_statement = $db->prepare(check_sql($sql));
-	$prep_statement->execute();
-	$gateways = $prep_statement->fetchAll(PDO::FETCH_NAMED);
-	unset ($prep_statement, $sql);
+	$sql = str_replace('count(*)', '*', $sql);
+	$sql .= order_by($order_by, $order, 'gateway', 'asc');
+	$sql .= limit_offset($rows_per_page, $offset);
+	$database = new database;
+	$gateways = $database->select($sql, $parameters, 'all');
+	unset($sql, $parameters);
 
 	$c = 0;
 	$row_style["0"] = "row_style0";
@@ -255,10 +233,10 @@
 				echo "	</td>\n";
 				echo "</tr>\n";
 			}
-			if ($c==0) { $c=1; } else { $c=0; }
-		} //end foreach
-		unset($sql, $gateways, $row_count);
-	} //end if results
+			$c = $c ? 0 : 1;
+		}
+	}
+	unset($gateways, $row);
 
 	echo "<tr>\n";
 	echo "</table>\n";