Hi,
When you press on edit DID in the list of DID's page in A2billing's customer portal you will go to this page below:
http://serviceIP/customer/A2B_entity_di ... -edit&id=1where "id=1" is the the DID id number in the database.
If you change this value to something else, you are able to access the DID edit page menu even if the DID is not listed on your account. You can loop through all the DIDs on the system and edit them.
For example,
http://serviceIP/customer/A2B_entity_di ... k-edit&id=2http://serviceIP/customer/A2B_entity_di ... k-edit&id=5http://serviceIP/customer/A2B_entity_di ... k-edit&id=8etc...
This allows any customer to edit destinations to all your DID's even if he did not purchase them or does not have them listed on his account.
This is found on A2Billing v2.0.6, not sure if it is still there on the latest version.
Please test and report your findings, also if anyone can, please suggest a quick fix.
Thanks,
rshack