X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=actions%2Fshowmessage.php;h=c171ffe0b596b790bd5b458dbcae1a0393ed9026;hb=485247e9011e08a6ff0b9a2ff3d7a60bad515a26;hp=0fef90e79019f6ab7a072c0b57d0ddf894899fcb;hpb=d5b4dbbca3f5fa8cb0e909c6fc3417864e237db2;p=quix0rs-gnu-social.git

diff --git a/actions/showmessage.php b/actions/showmessage.php
index 0fef90e790..c171ffe0b5 100644
--- a/actions/showmessage.php
+++ b/actions/showmessage.php
@@ -27,9 +27,7 @@ class ShowmessageAction extends MailboxAction {
 
 		Action::handle($args);
 
-		$id = $this->trimmed('id');
-
-		$message = Message::staticGet('id', $id);
+		$message = $this->get_message();
 
 		if (!$message) {
 			$this->client_error(_('No such message.'), 404);
@@ -38,19 +36,16 @@ class ShowmessageAction extends MailboxAction {
 		
 		$cur = common_current_user();
 		
-		if (!$cur ||
-			$cur->id != $message->from_profile &&
-			$cur->id != $message->to_profile) 
-		{
-			$this->client_error(_('Only the sender and recipient may read this message.'), 404);
+		if ($cur && ($cur->id == $message->from_profile || $cur->id == $message->to_profile)) {
+			$this->show_page($cur, 1);
+		} else {
+			$this->client_error(_('Only the sender and recipient may read this message.'), 403);
 			return;
 		}
-			
-		$this->show_page($cur, 1);
 	}
 	
 	function get_message() {
-		$id = $this->trimmed('id');
+		$id = $this->trimmed('message');
 		$message = Message::staticGet('id', $id);
 		return $message;
 	}
@@ -74,7 +69,7 @@ class ShowmessageAction extends MailboxAction {
 		}
 		return $title;
 	}
-	
+
 	function get_messages($user, $page) {
 		$message = new Message();
 		$message->id = $this->trimmed('message');
@@ -97,5 +92,9 @@ class ShowmessageAction extends MailboxAction {
 	function get_instructions() {
 		return '';
 	}
+	
+	function views_menu() {
+		return;
+	}
 }
 	
\ No newline at end of file