From: Michael Rasmussen <mir@datanom.net>
Date: Thu, 11 Jun 2015 18:05:38 +0000 (+0200)
Subject: Enhance security
X-Git-Url: http://git.datanom.net/qtadmin.git/commitdiff_plain/5ee144945eda9e1688bf8af140e7fee937380eaf

Enhance security
---

diff --git a/quarantine.php b/quarantine.php
index 7bda56d..dd7fa1a 100644
--- a/quarantine.php
+++ b/quarantine.php
@@ -83,8 +83,8 @@
         $query = array();
         $error = array();
         foreach ($marked as $mail_id) {
-            $mail = $DB->getMail($mail_id);
-            if (is_object($mail) && true == $util->authorized($mail->recipient)) {
+            $recipient = $DB->getRecipient($mail_id);
+            if ($recipient && true == $util->authorized($recipient)) {
                 $query[] = "delete from msgs where mail_id = '$mail_id'";
                 $query[] = "delete from msgrcpt where mail_id = '$mail_id'";
                 $query[] = "delete from quarantine where mail_id = '$mail_id'";