X-Git-Url: http://git.datanom.net/qtadmin.git/blobdiff_plain/b95d1cdbc4fe25e3f0df3b94e990f6af7b330c63..70c7fd5765720621553b3ddaff1009c795f49a76:/message_view.php diff --git a/message_view.php b/message_view.php index 751b65b..93cc339 100644 --- a/message_view.php +++ b/message_view.php @@ -5,18 +5,23 @@ require_once $CFG->root . 'lib/db_factory.php'; require_once $CFG->root . 'lib/utils.inc.php'; - $util = Utils::getInstance(); + $util = new Utils; $loggedIn = $util->isLoggedIn(); if ($loggedIn && isset($_GET['id'])) { $id = $_GET['id']; $id = urldecode($id); + $mail = unserialize($_SESSION['mailInfo'][$id]); + + if (! is_object($mail) || false == $util->authorized($mail->recipient)) { + header('Location: qtadmin.php'); + exit; + } + $util->setHeading("Message ID : $id"); echo $util->getHeader(); echo $util->getHeading(); - $mail = unserialize($_SESSION['mailInfo'][$id]); - $row = $DB->getMail($id); $string = $row->mail_text; $sa_tests = null; @@ -35,7 +40,7 @@ onclick="javascript: history.back();"/>'; echo ''; - echo ''; + echo '
'; $from = $headers['from']; $from = str_replace("<", "<", $from); $from = str_replace(">", ">", $from); @@ -90,7 +95,7 @@ echo '
'; echo $util->getFooter(); } else if ($loggedIn) { - header('Location: index.php'); + header('Location: qtadmin.php'); } else { header('Location: auth.php'); }