From 34081010ff2eeab2863bfe409f7fd75ecb9e2b20 Mon Sep 17 00:00:00 2001 From: Zach Prezkuta Date: Sat, 29 Sep 2012 17:54:37 -0600 Subject: [PATCH] allow contact if in allowed group, even if not in non-empty allowed contacts --- include/security.php | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/include/security.php b/include/security.php index 10bb692bb..2f779f54b 100644 --- a/include/security.php +++ b/include/security.php @@ -214,7 +214,7 @@ function permissions_sql($owner_id,$remote_verified = false,$groups = null) { $gs .= '|<' . intval($g) . '>'; } - $sql = sprintf( + /*$sql = sprintf( " AND ( allow_cid = '' OR allow_cid REGEXP '<%d>' ) AND ( deny_cid = '' OR NOT deny_cid REGEXP '<%d>' ) AND ( allow_gid = '' OR allow_gid REGEXP '%s' ) @@ -224,6 +224,16 @@ function permissions_sql($owner_id,$remote_verified = false,$groups = null) { intval($remote_user), dbesc($gs), dbesc($gs) + );*/ + $sql = sprintf( + " AND ( NOT (deny_cid REGEXP '<%d>' OR deny_gid REGEXP '%s') + AND ( allow_cid REGEXP '<%d>' OR allow_gid REGEXP '%s' OR ( allow_cid = '' AND allow_gid = '') ) + ) + ", + intval($remote_user), + dbesc($gs), + intval($remote_user), + dbesc($gs) ); } }