require_once $CFG->root . 'lib/db_factory.php';
require_once $CFG->root . 'lib/utils.inc.php';
- $util = Utils::getInstance();
+ $util = new Utils;
$loggedIn = $util->isLoggedIn();
if ($loggedIn && isset($_GET['id'])) {
+ $id = $_GET['id'];
+ $mail = unserialize($_SESSION['mailInfo'][$id]);
+
+ if (! is_object($mail) || false == $util->authorized($mail->recipient)) {
+ header('Location: qtadmin.php');
+ exit;
+ }
+
$util->setHeading('Full Headers Report');
echo $util->getHeader();
echo $util->getHeading();
- $id = $_GET['id'];
- $mail = unserialize($_SESSION['mailInfo'][$id]);
-
$row = $DB->getMail($id);
$string = $row->mail_text;
$sa_tests = null;
echo $output;
echo $util->getFooter();
} else if ($loggedIn) {
- header('Location: index.php');
+ header('Location: qtadmin.php');
} else {
header('Location: auth.php');
}