$filter = array( 'id' => FILTER_VALIDATE_INT | FILTER_SANITIZE_NUMBER_INT, 'isview' => FILTER_VALIDATE_INT | FILTER_SANITIZE_NUMBER_INT, ); $filtered = filter_input_array(INPUT_POST, $filter); $filteredG = filter_input_array(INPUT_GET, $filter); $id = $filteredG['id']; $t->isView = $filteredG['isview'] ? true : false; try { if ($id) { $spylog = new SpyLog(); $spylog->get($id); $attackerCanSee = $user->id == $spylog->attackerId; $targetCanSee = ($user->id == $spylog->targetId) and ($spylog->type == 1 or $spylog->isSuccess == 0); if ($attackerCanSee) { $t->target = new User(); $t->target->get($spylog->targetId); $t->attacker = $user; } else if($targetCanSee) { $t->attacker = new User(); $t->attacker->get($spylog->attackerId); $t->target = $user; } else {