]> git.datanom.net - qtadmin.git/blobdiff - message_view.php
projects / qtadmin.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Enhance security
[qtadmin.git] / message_view.php
diff --git a/message_view.php b/message_view.php
index fabf6988a99b2dd3c9e85d66babb2a4dba7a5af8..e81d984f4dce3d2047cd04c2c1e8eb1142f0dde8 100644 (file)
--- a/message_view.php
+++ b/message_view.php
@@ -11,12 +11,17 @@
         $id = $_GET['id'];
         $id = urldecode($id);
 
+        $mail = unserialize($_SESSION['mailInfo'][$id]);
+
+        if (false == $util->authorized($mail->recipient)) {
+            header('Location: index.php');
+            exit;
+        }
+
         $util->setHeading("Message ID : $id");
         echo $util->getHeader();
         echo $util->getHeading();
 
-        $mail = unserialize($_SESSION['mailInfo'][$id]);
-
         $row = $DB->getMail($id);
         $string = $row->mail_text;
         $sa_tests = null;
An Amavisd qurantine administration interface
This page took 0.028223 seconds and 5 git commands to generate.