$id = $_GET['id'];
$id = urldecode($id);
+ $mail = unserialize($_SESSION['mailInfo'][$id]);
+
+ if (! is_object($mail) || false == $util->authorized($mail->recipient)) {
+ header('Location: index.php');
+ exit;
+ }
+
$util->setHeading("Message ID : $id");
echo $util->getHeader();
echo $util->getHeading();
- $mail = unserialize($_SESSION['mailInfo'][$id]);
-
$row = $DB->getMail($id);
$string = $row->mail_text;
$sa_tests = null;