X-Git-Url: http://git.datanom.net/qtadmin.git/blobdiff_plain/d0eeb33895db0f11ce7615fdb85f5044c5d65dd2..HEAD:/show_headers.php

diff --git a/show_headers.php b/show_headers.php
index 4c8f3d9..34ca065 100644
--- a/show_headers.php
+++ b/show_headers.php
@@ -1,59 +1,64 @@
 <?php
 /* vim: set ts=4 tw=0 sw=4 noet: */
-	require_once 'Mail/mimeDecode.php';
-	require_once 'config.php';
-	require_once $CFG->root . 'lib/db_factory.php';
-	require_once $CFG->root . 'lib/utils.inc.php';
+    require_once 'Mail/mimeDecode.php';
+    require_once 'config.php';
+    require_once $CFG->root . 'lib/db_factory.php';
+    require_once $CFG->root . 'lib/utils.inc.php';
 
-	$util = Utils::getInstance();
-	$loggedIn = $util->isLoggedIn();
-	if ($loggedIn && isset($_GET['id'])) {
-		$util->setHeading('Full Headers Report');
-		echo $util->getHeader();
-		echo $util->getHeading();
+    $util = new Utils;
+    $loggedIn = $util->isLoggedIn();
+    if ($loggedIn && isset($_GET['id'])) {
+        $id = $_GET['id'];
+        $mail = unserialize($_SESSION['mailInfo'][$id]);
 
-		$id = $_GET['id'];
-		$mail = unserialize($_SESSION['mailInfo'][$id]);
+        if (! is_object($mail) || false == $util->authorized($mail->recipient)) {
+            header('Location: qtadmin.php');
+            exit;
+        }
 
-		$row = $DB->getMail($id);
-		$string = $row->mail_text;
-		$sa_tests = null;
-		$params['include_bodies'] = false;
-		$params['decode_bodies']  = true;
-		$params['decode_headers'] = true;
-		$params['input']          = $string;
-		$params['crlf']           = "\r\n";
-		
-		$structure = Mail_mimeDecode::decode($params);
-		$headers = $structure->headers;
-		$output = '<table><tr><th>Header</th><th>Value</th></tr>';
-		foreach ($headers as $header => $value) {
-			if (is_array($value)) {
-				$text = '';
-				foreach ($value as $val) {
-					if ($text == '') {
-						$text = $val;
-					} else {
-						$text .= "<br/><br/>$val";
-					}
-				}
-			} else {
-				$text = $value;
-			}
-			$output .= "<tr><td class=\"label\">$header</td><td class=\"value\">$text</td></tr>";
-		}
-		$output .= '</table>';
-		echo '<table class="button-menu">';
-		echo '<tr class="button-row">';
-		echo '<td class="button"><input class="btn-input" type="button" value="Return" 
-			  onclick="javascript: history.back();"/></td>';
-		echo '</tr></table>';
-		echo $output;
-		echo $util->getFooter();
-	} else if ($loggedIn) {
-		header('Location: index.php');
-	} else {
-		header('Location: auth.php');
-	}
+        $util->setHeading('Full Headers Report');
+        echo $util->getHeader();
+        echo $util->getHeading();
+
+        $row = $DB->getMail($id);
+        $string = $row->mail_text;
+        $sa_tests = null;
+        $params['include_bodies'] = false;
+        $params['decode_bodies']  = true;
+        $params['decode_headers'] = true;
+        $params['input']          = $string;
+        $params['crlf']           = "\r\n";
+
+        $structure = Mail_mimeDecode::decode($params);
+        $headers = $structure->headers;
+        $output = '<table><tr><th>Header</th><th>Value</th></tr>';
+        foreach ($headers as $header => $value) {
+            if (is_array($value)) {
+                $text = '';
+                foreach ($value as $val) {
+                    if ($text == '') {
+                        $text = $val;
+                    } else {
+                        $text .= "<br/><br/>$val";
+                    }
+                }
+            } else {
+                $text = $value;
+            }
+            $output .= "<tr><td class=\"label\">$header</td><td class=\"value\">$text</td></tr>";
+        }
+        $output .= '</table>';
+        echo '<table class="button-menu">';
+        echo '<tr class="button-row">';
+        echo '<td class="button"><input class="btn-input" type="button" value="Return"
+              onclick="javascript: history.back();"/></td>';
+        echo '</tr></table>';
+        echo $output;
+        echo $util->getFooter();
+    } else if ($loggedIn) {
+        header('Location: qtadmin.php');
+    } else {
+        header('Location: auth.php');
+    }
 
 ?>