Action::handle($args);
- $id = $this->trimmed('id');
-
- $message = Message::staticGet('id', $id);
+ $message = $this->get_message();
if (!$message) {
$this->client_error(_('No such message.'), 404);
$cur = common_current_user();
- if (!$cur ||
- $cur->id != $message->from_profile &&
- $cur->id != $message->to_profile)
- {
- $this->client_error(_('Only the sender and recipient may read this message.'), 404);
+ if ($cur && ($cur->id == $message->from_profile || $cur->id == $message->to_profile)) {
+ $this->show_page($cur, 1);
+ } else {
+ $this->client_error(_('Only the sender and recipient may read this message.'), 403);
return;
}
-
- $this->show_page($cur, 1);
}
function get_message() {
- $id = $this->trimmed('id');
+ $id = $this->trimmed('message');
$message = Message::staticGet('id', $id);
return $message;
}
}
return $title;
}
-
+
function get_messages($user, $page) {
$message = new Message();
$message->id = $this->trimmed('message');
function get_instructions() {
return '';
}
+
+ function views_menu() {
+ return;
+ }
}
\ No newline at end of file