- message = Message.find(params[:message_id], :conditions => ["to_user_id = ? or from_user_id = ?", @user.id, @user.id ])
- @body = "On #{message.sent_on} #{message.sender.display_name} wrote:\n\n#{message.body.gsub(/^/, '> ')}"
- @title = @subject = "Re: #{message.title.sub(/^Re:\s*/, '')}"
- @to_user = User.find(message.from_user_id)
- render :action => 'new'
+ message = Message.find(params[:message_id])
+
+ if message.to_user_id == @user.id then
+ @body = "On #{message.sent_on} #{message.sender.display_name} wrote:\n\n#{message.body.gsub(/^/, '> ')}"
+ @title = @subject = "Re: #{message.title.sub(/^Re:\s*/, '')}"
+ @to_user = User.find(message.from_user_id)
+
+ render :action => 'new'
+ else
+ flash[:notice] = t 'message.reply.wrong_user', :user => @user.display_name
+ redirect_to :controller => "user", :action => "login", :referer => request.request_uri
+ end