Action::handle($args);
- $id = $this->trimmed('id');
-
- $message = Message::staticGet('id', $id);
+ $message = $this->get_message();
if (!$message) {
$this->client_error(_('No such message.'), 404);
$cur = common_current_user();
- if (!$cur ||
- $cur->id != $message->from_profile &&
- $cur->id != $message->to_profile)
- {
- $this->client_error(_('Only the sender and recipient may read this message.'), 404);
+ if ($cur && ($cur->id == $message->from_profile || $cur->id == $message->to_profile)) {
+ $this->show_page($cur, 1);
+ } else {
+ $this->client_error(_('Only the sender and recipient may read this message.'), 403);
return;
}
-
- $this->show_page($cur, 1);
}
function get_message() {
- $id = $this->trimmed('id');
+ $id = $this->trimmed('message');
$message = Message::staticGet('id', $id);
return $message;
}
if ($user->id == $message->from_profile) {
$to = $message->getTo();
- $title = sprintf(_('Message to %1\$s on %2\$s'),
+ $title = sprintf(_("Message to %1\$s on %2\$s"),
$to->nickname,
common_exact_date($message->created));
} else if ($user->id == $message->to_profile) {
$from = $message->getFrom();
- $title = sprintf(_('Message from %1\$s on %2\$s'),
+ $title = sprintf(_("Message from %1\$s on %2\$s"),
$from->nickname,
common_exact_date($message->created));
}
return $title;
}
-
+
function get_messages($user, $page) {
- return $this->get_message();
+ $message = new Message();
+ $message->id = $this->trimmed('message');
+ $message->find();
+ return $message;
}
function get_message_profile($message) {
function get_instructions() {
return '';
}
+
+ function views_menu() {
+ return;
+ }
}
\ No newline at end of file