X-Git-Url: http://git.datanom.net/qtadmin.git/blobdiff_plain/b95d1cdbc4fe25e3f0df3b94e990f6af7b330c63..70c7fd5765720621553b3ddaff1009c795f49a76:/mail_report.php?ds=inline diff --git a/mail_report.php b/mail_report.php index 55b7ac4..3607ba2 100644 --- a/mail_report.php +++ b/mail_report.php @@ -5,16 +5,21 @@ require_once $CFG->root . 'lib/db_factory.php'; require_once $CFG->root . 'lib/utils.inc.php'; - $util = Utils::getInstance(); + $util = new Utils; $loggedIn = $util->isLoggedIn(); if ($loggedIn && isset($_GET['id'])) { + $id = $_GET['id']; + $mail = unserialize($_SESSION['mailInfo'][$id]); + + if (! is_object($mail) || false == $util->authorized($mail->recipient)) { + header('Location: qtadmin.php'); + exit; + } + $util->setHeading('Spam Report'); echo $util->getHeader(); echo $util->getHeading(); - $id = $_GET['id']; - $mail = unserialize($_SESSION['mailInfo'][$id]); - $row = $DB->getMail($id); $string = $row->mail_text; $sa_tests = null; @@ -89,8 +94,8 @@ } else { $bayes['total'] = "TOTAL-"; } - $plain = "?id=$id&format=plain"; - $html = "?id=$id&format=html"; + $plain = "?id=$id&format=plain"; + $html = "?id=$id&format=html"; echo '

Message ID : ' . $mail->mail_id . '

'; echo ''; echo ''; @@ -134,7 +139,7 @@ echo '
'; echo $util->getFooter(); } else if ($loggedIn) { - header('Location: index.php'); + header('Location: qtadmin.php'); } else { header('Location: auth.php'); }