Fixes 9814 - again
This commit is contained in:
parent
6eb7677ac5
commit
9ccfa37d3c
|
@ -87,7 +87,7 @@ class TagCloud
|
||||||
*/
|
*/
|
||||||
private static function tagadelic($uid, $count = 0, $owner_id = 0, $flags = '', $type = Tag::HASHTAG)
|
private static function tagadelic($uid, $count = 0, $owner_id = 0, $flags = '', $type = Tag::HASHTAG)
|
||||||
{
|
{
|
||||||
$sql_options = Item::getPermissionsSQLByUserId($uid);
|
$sql_options = Item::getPermissionsSQLByUserId($uid, 'post-view');
|
||||||
$limit = $count ? sprintf('LIMIT %d', intval($count)) : '';
|
$limit = $count ? sprintf('LIMIT %d', intval($count)) : '';
|
||||||
|
|
||||||
if ($flags) {
|
if ($flags) {
|
||||||
|
|
|
@ -3382,17 +3382,28 @@ class Item
|
||||||
return $condition;
|
return $condition;
|
||||||
}
|
}
|
||||||
|
|
||||||
public static function getPermissionsSQLByUserId($owner_id)
|
/**
|
||||||
|
* Get a permission SQL string for the given user
|
||||||
|
*
|
||||||
|
* @param int $owner_id
|
||||||
|
* @param string $table
|
||||||
|
* @return string
|
||||||
|
*/
|
||||||
|
public static function getPermissionsSQLByUserId(int $owner_id, string $table = '')
|
||||||
{
|
{
|
||||||
$local_user = local_user();
|
$local_user = local_user();
|
||||||
$remote_user = Session::getRemoteContactID($owner_id);
|
$remote_user = Session::getRemoteContactID($owner_id);
|
||||||
|
|
||||||
|
if (!empty($table)) {
|
||||||
|
$table = DBA::quoteIdentifier($table) . '.';
|
||||||
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Construct permissions
|
* Construct permissions
|
||||||
*
|
*
|
||||||
* default permissions - anonymous user
|
* default permissions - anonymous user
|
||||||
*/
|
*/
|
||||||
$sql = sprintf(" AND `private` != %d", self::PRIVATE);
|
$sql = sprintf(" AND " . $table . "`private` != %d", self::PRIVATE);
|
||||||
|
|
||||||
// Profile owner - everything is visible
|
// Profile owner - everything is visible
|
||||||
if ($local_user && ($local_user == $owner_id)) {
|
if ($local_user && ($local_user == $owner_id)) {
|
||||||
|
@ -3408,12 +3419,12 @@ class Item
|
||||||
$set = PermissionSet::get($owner_id, $remote_user);
|
$set = PermissionSet::get($owner_id, $remote_user);
|
||||||
|
|
||||||
if (!empty($set)) {
|
if (!empty($set)) {
|
||||||
$sql_set = sprintf(" OR (`private` = %d AND `wall` AND `psid` IN (", self::PRIVATE) . implode(',', $set) . "))";
|
$sql_set = sprintf(" OR (" . $table . "`private` = %d AND " . $table . "`wall` AND " . $table . "`psid` IN (", self::PRIVATE) . implode(',', $set) . "))";
|
||||||
} else {
|
} else {
|
||||||
$sql_set = '';
|
$sql_set = '';
|
||||||
}
|
}
|
||||||
|
|
||||||
$sql = sprintf(" AND (`private` != %d", self::PRIVATE) . $sql_set . ")";
|
$sql = sprintf(" AND (" . $table . "`private` != %d", self::PRIVATE) . $sql_set . ")";
|
||||||
}
|
}
|
||||||
|
|
||||||
return $sql;
|
return $sql;
|
||||||
|
|
Loading…
Reference in a new issue