X-Git-Url: http://git.roojs.org/?a=blobdiff_plain;f=VerifyAccess.php;h=dee7aa7f8d0a71077f52c80691ccf323fde2942b;hb=f17cc11b5e3f272c8853816a89f2869ab9b06b9b;hp=c5a3029eb96d8a658d0b703ade4fb91de0a653a7;hpb=cf4019e655ff45d0b469b0dc3df6281b5d0ca443;p=Pman.Core

diff --git a/VerifyAccess.php b/VerifyAccess.php
index c5a3029e..dee7aa7f 100644
--- a/VerifyAccess.php
+++ b/VerifyAccess.php
@@ -14,9 +14,29 @@ class Pman_Core_VerifyAccess extends Pman
     
     function get($id)
     {
-        
         @list($id, $key) = explode('/', $id);
         
+        $ff = HTML_FlexyFramework::get();
+        
+        $core_person = DB_DataObject::factory('core_person');
+        $core_ip_access = DB_DataObject::factory('core_ip_access');
+        
+        if(
+                empty($ff->Pman['ip_management']) || 
+                empty($ff->Pman['XMPP']) ||
+                empty($ff->Pman['XMPP']['to']) ||
+                !$core_person->get('email', $ff->Pman['XMPP']['to']) ||
+                empty($id) ||
+                empty($key) ||
+                !$core_ip_access->get($id) ||
+                $core_ip_access->authorized_key != $key
+        ) {
+            $this->jerr('Invalid URL');
+        }
+        
+        
+        
+        
         
         
     }