dbxe
/
fusionpbx
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update how dialplan_detail_type is sanitized 

These detail types are safe: ${sip_to_user} and ${sip_req_user}
This commit is contained in:
FusionPBX 2023-03-31 13:34:22 -06:00 committed by GitHub
parent abbaccde9d
commit eac6f09832
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 13 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
app/destinations/destination_imports.php
View File

@ -276,9 +276,21 @@
$dialplan_detail_type = "destination_number";
}
//authorized specific dialplan_detail_type that are safe, sanitize all other values
switch ($dialplan_detail_type) {
case 'destination_number':
break;
case '${sip_to_user}':
break;
case '${sip_req_user}':
break;
default:
$dialplan_detail_type = xml::sanitize($dialplan_detail_type);
}
//build the xml dialplan
$array["dialplans"][$row_id]["dialplan_xml"] = "<extension name=\"".xml::sanitize($dialplan_name)."\" continue=\"false\" uuid=\"".xml::sanitize($dialplan_uuid)."\">\n";
$array["dialplans"][$row_id]["dialplan_xml"] .= " <condition field=\"".xml::sanitize($dialplan_detail_type)."\" expression=\"".xml::sanitize($destination_number_regex)."\">\n";
$array["dialplans"][$row_id]["dialplan_xml"] .= " <condition field=\"".$dialplan_detail_type."\" expression=\"".xml::sanitize($destination_number_regex)."\">\n";
$array["dialplans"][$row_id]["dialplan_xml"] .= " <action application=\"export\" data=\"call_direction=inbound\" inline=\"true\"/>\n";
$array["dialplans"][$row_id]["dialplan_xml"] .= " <action application=\"set\" data=\"domain_uuid=".$_SESSION['domain_uuid']."\" inline=\"true\"/>\n";
$array["dialplans"][$row_id]["dialplan_xml"] .= " <action application=\"set\" data=\"domain_name=".$_SESSION['domain_name']."\" inline=\"true\"/>\n";