Hi, in Disa 2.4.0, as part of freePBX 2.4.0Beta2.2, I ran across a problem with quoting the Caller ID field within the DISA module. I can't seem to figure out how to create a bug ticket, apparently I need some username and password that I'm not sure how to get. Anyways, so that I can end this day productive, I post it here in hopes that someone with smarts and know-how can fix the minor bug. I hereby release this in the public domain to do with as you will. I was lazy, but here is a patch:

--- functions.inc.php 2008-01-20 01:06:10.000000000 -0800
+++ Downloads/functions.inc.php 2008-01-20 01:03:26.000000000 -0800
@@ -132,7 +132,7 @@
if (!isset($needconf))
$needconf = '';
if(empty($displayname)) $displayname = "unnamed";
- $results = sql("INSERT INTO disa (displayname,pin,cid,context,resptimeout,digittimeout,needconf) values (\"".str_replace("\"", "\"\"",$displayname)."\",\"".$pin."\",'".str_replace("'", "''", $cid)."',\"".$context."\", \"$resptimeout\", \"$digittimeout\", \"$needconf\")");
+ $results = sql("INSERT INTO disa (displayname,pin,cid,context,resptimeout,digittimeout,needconf) values (\"".str_replace("\"", "\"\"",$displayname)."\",\"".$pin."\",\"".str_replace("\"", "\"\"", $cid)."\",\"".$context."\", \"$resptimeout\", \"$digittimeout\", \"$needconf\")");
}

function disa_del($id) {
@@ -147,6 +147,6 @@
if (!isset($needconf))
$needconf = '';
if(empty($displayname)) $displayname = "unnamed";
- $results = sql("UPDATE disa set displayname = \"".str_replace("\"", "\"\"",$displayname)."\", pin = \"$pin\", cid = '".str_replace("'", "''", $cid)."', context = \"$context\", resptimeout = \"$resptimeout\", digittimeout = \"$digittimeout\", needconf = \"$needconf\" where disa_id = \"$id\"");
+ $results = sql("UPDATE disa set displayname = \"".str_replace("\"", "\"\"",$displayname)."\", pin = \"$pin\", cid = \"".str_replace("\"", "\"\"",$cid)."\", context = \"$context\", resptimeout = \"$resptimeout\", digittimeout = \"$digittimeout\", needconf = \"$needconf\" where disa_id = \"$id\"");
}
?>