Remove undocumented use of $_REQUEST['visibility'] in api_fr_photo_create_update()

- Visibility is inferred from ACL strings
2020-12-21 22:21:42 -05:00 · 2020-12-21 22:21:42 -05:00 · d9371d37ad
parent 42d05bcc1b
commit d9371d37ad
1 changed files with 1 additions and 1 deletions
--- a/include/api.php
+++ b/include/api.php
@ -4219,7 +4219,7 @@ function api_fr_photo_create_update($type)
 	$deny_cid  = $_REQUEST['deny_cid' ] ?? null;
 	$allow_gid = $_REQUEST['allow_gid'] ?? null;
 	$deny_gid  = $_REQUEST['deny_gid' ] ?? null;
-	$visibility = !empty($_REQUEST['visibility']) && $_REQUEST['visibility'] !== "false";
+	$visibility = !$allow_cid && !$deny_cid && !$allow_gid && !$deny_gid;

 	// do several checks on input parameters
 	// we do not allow calls without album string