]> git.datanom.net - qtadmin.git/blobdiff - mail_report.php
Enhance security
[qtadmin.git] / mail_report.php
index 21e826465d0a42d61bc9e219a045678deafed136..60405f7d124df6aab50cbc9684dc8a7ac5c13945 100644 (file)
@@ -8,13 +8,18 @@
     $util = new Utils;
     $loggedIn = $util->isLoggedIn();
     if ($loggedIn && isset($_GET['id'])) {
+        $id = $_GET['id'];
+        $mail = unserialize($_SESSION['mailInfo'][$id]);
+
+        if (false == $util->authorized($mail->recipient)) {
+            header('Location: index.php');
+            exit;
+        }
+
         $util->setHeading('Spam Report');
         echo $util->getHeader();
         echo $util->getHeading();
 
-        $id = $_GET['id'];
-        $mail = unserialize($_SESSION['mailInfo'][$id]);
-
         $row = $DB->getMail($id);
         $string = $row->mail_text;
         $sa_tests = null;
This page took 0.03954 seconds and 5 git commands to generate.