From cee785cb6004193a030b20b222f748dcc4b9b5a4 Mon Sep 17 00:00:00 2001
From: Henry Sudhof <kellanved@phpbb.com>
Date: Mon, 28 Jan 2008 15:18:56 +0000
Subject: [PATCH] More checks

git-svn-id: file:///svn/phpbb/branches/phpBB-2_0_0@8339 89ea8834-ac86-4346-8a33-228a782c2dd0
---
 phpBB/privmsg.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/phpBB/privmsg.php b/phpBB/privmsg.php
index d6688e3a53..3d958081c4 100644
--- a/phpBB/privmsg.php
+++ b/phpBB/privmsg.php
@@ -668,6 +668,7 @@ else if ( ( $delete && $mark_list ) || $delete_all )
 	{
 		$s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" />';
 		$s_hidden_fields .= ( isset($HTTP_POST_VARS['delete']) ) ? '<input type="hidden" name="delete" value="true" />' : '<input type="hidden" name="deleteall" value="true" />';
+		$s_hidden_fields .= '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />';
 
 		for($i = 0; $i < count($mark_list); $i++)
 		{
@@ -698,7 +699,7 @@ else if ( ( $delete && $mark_list ) || $delete_all )
 		include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
 
 	}
-	else if ( $confirm )
+	else if ($confirm && $_POST['sid'] === $userdata['session_id'])
 	{
 		$delete_sql_id = '';