From bf02c8834033349407d2b2235f64be28f2ace107 Mon Sep 17 00:00:00 2001
From: tokul <tokul@7612ce4b-ef26-0410-bec9-ea0150e637f0>
Date: Mon, 12 Jun 2006 17:32:06 +0000
Subject: [PATCH] script could be loaded when $edit_identity is set to false

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@11202 7612ce4b-ef26-0410-bec9-ea0150e637f0
---
 ChangeLog                  | 2 ++
 src/options_identities.php | 7 +++++++
 2 files changed, 9 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index 32182780..3d6e2771 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -80,6 +80,8 @@ Version 1.5.2 - CVS
     should be converted to html line breaks.
   - Add note to conf.pl / config_default.php to warn users that set
     sensitive passwords in that file to properly secure it.
+  - Prevent modifications in advanced identities, when editing of
+    identities is disabled.
 
 Version 1.5.1 (branched on 2006-02-12)
 --------------------------------------
diff --git a/src/options_identities.php b/src/options_identities.php
index 026ae1f1..e6f348d4 100644
--- a/src/options_identities.php
+++ b/src/options_identities.php
@@ -21,6 +21,13 @@ require('../include/init.php');
 /* SquirrelMail required files. */
 require_once(SM_PATH . 'functions/identity.php');
 
+/* make sure that page is not available when $edit_identity is false */
+if (!$edit_identity) {
+    error_box(_("Editing identities is disabled."));
+    $oTemplate->display('footer.tpl');
+    die();
+}
+
 if (!sqgetGlobalVar('identities', $identities, SQ_SESSION)) {
     $identities = get_identities();
 }
-- 
2.25.1