bug #38 posts and photos only visible to friends if so configured

This commit is contained in:
Friendika 2011-05-28 00:42:01 -07:00
parent b0c383a6d0
commit 4e8a97f30a
3 changed files with 19 additions and 7 deletions

View file

@ -14,14 +14,14 @@ function format_event_html($ev) {
. datetime_convert('UTC','UTC',$ev['start'], ATOM_TIME) . datetime_convert('UTC','UTC',$ev['start'], ATOM_TIME)
. '" >' . '" >'
. datetime_convert('UTC', date_default_timezone_get(), . datetime_convert('UTC', date_default_timezone_get(),
$ev['start'] /*, format /*) $ev['start'] /*, format */ )
. '</abbr></p>'; . '</abbr></p>';
$o .= '<p>' . t('Ends: ') . '<abbr class="dtend" title="' $o .= '<p>' . t('Ends: ') . '<abbr class="dtend" title="'
. datetime_convert('UTC','UTC',$ev['finish'], ATOM_TIME) . datetime_convert('UTC','UTC',$ev['finish'], ATOM_TIME)
. '" >' . '" >'
. datetime_convert('UTC', date_default_timezone_get(), . datetime_convert('UTC', date_default_timezone_get(),
$ev['finish'] /*, format /*) $ev['finish'] /*, format */ )
. '</abbr></p>'; . '</abbr></p>';
$o .= '<p> ' . t('Location:') . '<span class="location">' $o .= '<p> ' . t('Location:') . '<span class="location">'

View file

@ -722,6 +722,8 @@ function photos_content(&$a) {
$owner_uid = $a->data['user']['uid']; $owner_uid = $a->data['user']['uid'];
$community_page = (($a->data['user']['page-flags'] == PAGE_COMMUNITY) ? true : false); $community_page = (($a->data['user']['page-flags'] == PAGE_COMMUNITY) ? true : false);
if((local_user()) && (local_user() == $owner_uid)) if((local_user()) && (local_user() == $owner_uid))
@ -763,6 +765,15 @@ function photos_content(&$a) {
} }
} }
$r = q("SELECT `hidewall` FROM `profile` WHERE `uid` = %d AND `is-default` = 1 LIMIT 1",
intval($owner_uid)
);
if(count($r) && $r[0]['hidewall'] && (local_user() !== $owner_uid) && (! remote_contact)) {
notice( t('Access to this item is restricted.') . EOL);
return;
}
// default permissions - anonymous user // default permissions - anonymous user
$sql_extra = " AND `allow_cid` = '' AND `allow_gid` = '' AND `deny_cid` = '' AND `deny_gid` = '' "; $sql_extra = " AND `allow_cid` = '' AND `allow_gid` = '' AND `deny_cid` = '' AND `deny_gid` = '' ";

View file

@ -55,11 +55,6 @@ function profile_content(&$a, $update = 0) {
return login(); return login();
} }
if($a->profile['hidewall'] && (! local_user()) && (! remote_user())) {
notice( t('Access to this profile has been restricted.') . EOL);
return;
}
require_once("include/bbcode.php"); require_once("include/bbcode.php");
require_once('include/security.php'); require_once('include/security.php');
require_once('include/conversation.php'); require_once('include/conversation.php');
@ -103,6 +98,12 @@ function profile_content(&$a, $update = 0) {
$is_owner = ((local_user()) && (local_user() == $a->profile['profile_uid']) ? true : false); $is_owner = ((local_user()) && (local_user() == $a->profile['profile_uid']) ? true : false);
if($a->profile['hidewall'] && (! $is_owner) && (! remote_contact)) {
notice( t('Access to this profile has been restricted.') . EOL);
return;
}
if(! $update) { if(! $update) {
if(x($_GET,'tab')) if(x($_GET,'tab'))
$tab = notags(trim($_GET['tab'])); $tab = notags(trim($_GET['tab']));