aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorfriendica <info@friendica.com>2012-05-11 05:19:29 -0700
committerfriendica <info@friendica.com>2012-05-11 05:19:29 -0700
commit4e0b0d4e43a26dc9bfddd2980a44fd738652cfda (patch)
tree4958b23f51e66ae22415c8dba995b87c214af9dd
parent20229ce18719b82b1a4d3ed2d8fd4b265cfbc57e (diff)
downloadvolse-hubzilla-4e0b0d4e43a26dc9bfddd2980a44fd738652cfda.tar.gz
volse-hubzilla-4e0b0d4e43a26dc9bfddd2980a44fd738652cfda.tar.bz2
volse-hubzilla-4e0b0d4e43a26dc9bfddd2980a44fd738652cfda.zip
fix search/new against possible email leakage
-rw-r--r--include/conversation.php3
1 files changed, 3 insertions, 0 deletions
diff --git a/include/conversation.php b/include/conversation.php
index ff68462ab..6bf673b97 100644
--- a/include/conversation.php
+++ b/include/conversation.php
@@ -278,6 +278,9 @@ function conversation(&$a, $items, $mode, $update, $preview = false) {
else
$nickname = $a->user['nickname'];
+ // prevent private email from leaking.
+ if($item['network'] === NETWORK_MAIL && local_user() != $item['uid'])
+ continue;
$profile_name = ((strlen($item['author-name'])) ? $item['author-name'] : $item['name']);
if($item['author-link'] && (! $item['author-name']))