Verify logged in user before displaying a message in mail.php
This commit is contained in:
parent
e042c25c00
commit
4096ff8d18
|
@ -54,6 +54,8 @@ echo '</form>';
|
||||||
echo '</table>';
|
echo '</table>';
|
||||||
exit(0);
|
exit(0);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$user = strtolower($_POST['username']);
|
||||||
if(isset($_POST['command']) && $_POST['command'] == 'Message') {
|
if(isset($_POST['command']) && $_POST['command'] == 'Message') {
|
||||||
$database = $spooldir.'/mail.db3';
|
$database = $spooldir.'/mail.db3';
|
||||||
$dbh = mail_db_open($database);
|
$dbh = mail_db_open($database);
|
||||||
|
@ -69,6 +71,9 @@ echo '</table>';
|
||||||
$newdate = $ts->format('D, j M Y H:i T');
|
$newdate = $ts->format('D, j M Y H:i T');
|
||||||
}
|
}
|
||||||
unset($ts);
|
unset($ts);
|
||||||
|
if(($row['mail_from'] != $user) && ($row['rcpt_to'] != $user)) {
|
||||||
|
continue;
|
||||||
|
}
|
||||||
$body = rtrim(nl2br($row['message'])).'<br />';
|
$body = rtrim(nl2br($row['message'])).'<br />';
|
||||||
echo '<div class="np_article_header">';
|
echo '<div class="np_article_header">';
|
||||||
echo '<b>Subject:</b> '.$row['subject'].'<br />';
|
echo '<b>Subject:</b> '.$row['subject'].'<br />';
|
||||||
|
@ -130,7 +135,6 @@ echo '</table>';
|
||||||
$dbh = null;
|
$dbh = null;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
$user = strtolower($_POST['username']);
|
|
||||||
if(isset($_POST['command']) && $_POST['command'] == 'Send') {
|
if(isset($_POST['command']) && $_POST['command'] == 'Send') {
|
||||||
if(isset($_POST['id'])) {
|
if(isset($_POST['id'])) {
|
||||||
$database = $spooldir.'/mail.db3';
|
$database = $spooldir.'/mail.db3';
|
||||||
|
|
Loading…
Reference in New Issue