Enhance security

diff --git a/quarantine.php b/quarantine.php
index 7bda56d66d090903397e7a6e5f0fe0d3e60f9f28..dd7fa1a5375a3e3eed8fe6cb21bb678dec2fe779 100644 (file)
--- a/quarantine.php
+++ b/quarantine.php
@@ -83,8 +83,8 @@
         $query = array();
         $error = array();
         foreach ($marked as $mail_id) {
-            $mail = $DB->getMail($mail_id);
-            if (is_object($mail) && true == $util->authorized($mail->recipient)) {
+            $recipient = $DB->getRecipient($mail_id);
+            if ($recipient && true == $util->authorized($recipient)) {
                 $query[] = "delete from msgs where mail_id = '$mail_id'";
                 $query[] = "delete from msgrcpt where mail_id = '$mail_id'";
                 $query[] = "delete from quarantine where mail_id = '$mail_id'";