bitPickups/friendica_2019-12_sharedHosting_hotFix
1
1
Fork 0
Code Pull requests Activity

really nitty permission tweaking

Browse source
This commit is contained in:
friendica 2013-01-27 18:10:26 -08:00
parent c9cce9873d
commit 38238972b5
1 changed files with 9 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
include/security.php
View file

@ -266,8 +266,14 @@ function item_permissions_sql($owner_id,$remote_verified = false,$groups = null)
* Profile owner - everything is visible * Profile owner - everything is visible
*/ */
if(($local_user) && ($local_user == $owner_id)) { if($local_user) {
$sql = ''; if($local_user == $owner_id) {
$sql = '';
}
else {
/* logged in user can see hidden walls and feeds that are blocked to unknown users (private == 2) */
$sql = " AND private != 1 ";
}
} }
/** /**
@ -300,7 +306,7 @@ function item_permissions_sql($owner_id,$remote_verified = false,$groups = null)
} }
$sql = sprintf( $sql = sprintf(
" AND ( private = 0 OR ( private = 1 AND wall = 1 AND ( allow_cid = '' OR allow_cid REGEXP '<%d>' ) " AND ( private = 0 OR ( private in (1,2) AND wall = 1 AND ( allow_cid = '' OR allow_cid REGEXP '<%d>' )
AND ( deny_cid = '' OR NOT deny_cid REGEXP '<%d>' ) AND ( deny_cid = '' OR NOT deny_cid REGEXP '<%d>' )
AND ( allow_gid = '' OR allow_gid REGEXP '%s' ) AND ( allow_gid = '' OR allow_gid REGEXP '%s' )
AND ( deny_gid = '' OR NOT deny_gid REGEXP '%s'))) AND ( deny_gid = '' OR NOT deny_gid REGEXP '%s')))