From 196a1787a415919bb182296b6864967f4bafee93 Mon Sep 17 00:00:00 2001
From: FusionPBX <markjcrane@gmail.com>
Date: Thu, 30 Aug 2018 19:48:09 -0600
Subject: [PATCH] Update messages.php

---
 app/messages/messages.php | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/app/messages/messages.php b/app/messages/messages.php
index 37f39f800e..74c7882876 100644
--- a/app/messages/messages.php
+++ b/app/messages/messages.php
@@ -88,12 +88,13 @@
 
 //prepare to page the results
 	$sql = "select count(message_uuid) as num_rows from v_messages ";
+	$sql .= "where user_uuid = '".$_SESSION['user_uuid']."' ";
 	if ($_GET['show'] == "all" && permission_exists('message_all')) {
 		if (isset($sql_search)) {
-			$sql .= "where ".$sql_search;
+			$sql .= "and ".$sql_search;
 		}
 	} else {
-		$sql .= "where (domain_uuid = '".$domain_uuid."' or domain_uuid is null) ";
+		$sql .= "and (domain_uuid = '".$domain_uuid."' or domain_uuid is null) ";
 		if (isset($sql_search)) {
 			$sql .= "and ".$sql_search;
 		}
@@ -123,12 +124,13 @@
 
 //get the list
 	$sql = "select * from v_messages ";
+	$sql .= "where user_uuid = '".$_SESSION['user_uuid']."' ";
 	if ($_GET['show'] == "all" && permission_exists('message_all')) {
 		if (isset($sql_search)) {
-			$sql .= "where ".$sql_search;
+			$sql .= "and ".$sql_search;
 		}
 	} else {
-		$sql .= "where (domain_uuid = '".$domain_uuid."' or domain_uuid is null) ";
+		$sql .= "and (domain_uuid = '".$domain_uuid."' or domain_uuid is null) ";
 		if (isset($sql_search)) {
 				$sql .= "and ".$sql_search;
 		}
@@ -270,4 +272,4 @@
 //include the footer
 	require_once "resources/footer.php";
 
-?>
\ No newline at end of file
+?>