diff options
| author | friendica <info@friendica.com> | 2012-05-11 05:19:29 -0700 |
|---|---|---|
| committer | friendica <info@friendica.com> | 2012-05-11 05:19:29 -0700 |
| commit | 4e0b0d4e43a26dc9bfddd2980a44fd738652cfda (patch) | |
| tree | 4958b23f51e66ae22415c8dba995b87c214af9dd /include/conversation.php | |
| parent | 20229ce18719b82b1a4d3ed2d8fd4b265cfbc57e (diff) | |
| download | volse-hubzilla-4e0b0d4e43a26dc9bfddd2980a44fd738652cfda.tar.gz volse-hubzilla-4e0b0d4e43a26dc9bfddd2980a44fd738652cfda.tar.bz2 volse-hubzilla-4e0b0d4e43a26dc9bfddd2980a44fd738652cfda.zip | |
fix search/new against possible email leakage
Diffstat (limited to 'include/conversation.php')
| -rw-r--r-- | include/conversation.php | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/include/conversation.php b/include/conversation.php index ff68462ab..6bf673b97 100644 --- a/include/conversation.php +++ b/include/conversation.php @@ -278,6 +278,9 @@ function conversation(&$a, $items, $mode, $update, $preview = false) { else $nickname = $a->user['nickname']; + // prevent private email from leaking. + if($item['network'] === NETWORK_MAIL && local_user() != $item['uid']) + continue; $profile_name = ((strlen($item['author-name'])) ? $item['author-name'] : $item['name']); if($item['author-link'] && (! $item['author-name'])) |