diff options
| author | redmatrix <git@macgirvin.com> | 2016-05-12 16:51:20 -0700 |
|---|---|---|
| committer | redmatrix <git@macgirvin.com> | 2016-05-12 16:51:20 -0700 |
| commit | 2d79e75788aa71664a379c4cea0b6bfe3ab87ad0 (patch) | |
| tree | 1b3293c5c83dd24b3dc7f9cc054f296c068073b5 | |
| parent | 9f57bfb5dfdb9ce843bb6d1665a1cd9c70ce5374 (diff) | |
| download | volse-hubzilla-2d79e75788aa71664a379c4cea0b6bfe3ab87ad0.tar.gz volse-hubzilla-2d79e75788aa71664a379c4cea0b6bfe3ab87ad0.tar.bz2 volse-hubzilla-2d79e75788aa71664a379c4cea0b6bfe3ab87ad0.zip | |
SECURITY: edited comment to private post loses privacy info. Not visible in stream but may be visible in feeds
| -rwxr-xr-x | boot.php | 2 | ||||
| -rw-r--r-- | include/zot.php | 10 |
2 files changed, 11 insertions, 1 deletions
@@ -46,7 +46,7 @@ require_once('include/account.php'); define ( 'PLATFORM_NAME', 'hubzilla' ); -define ( 'STD_VERSION', '1.6.1' ); +define ( 'STD_VERSION', '1.6.2' ); define ( 'ZOT_REVISION', 1 ); define ( 'DB_UPDATE_VERSION', 1168 ); diff --git a/include/zot.php b/include/zot.php index 157354afa..8adc74ffa 100644 --- a/include/zot.php +++ b/include/zot.php @@ -1953,6 +1953,16 @@ function remove_community_tag($sender, $arr, $uid) { */ function update_imported_item($sender, $item, $orig, $uid) { + // If this is a comment being updated, remove any privacy information + // so that item_store_update will set it from the original. + + if($item['mid'] !== $item['parent_mid']) { + unset($item['allow_cid']); + unset($item['allow_gid']); + unset($item['deny_cid']); + unset($item['deny_gid']); + unset($item['item_private']); + } $x = item_store_update($item); |