aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorfriendica <info@friendica.com>2013-09-20 18:41:15 -0700
committerfriendica <info@friendica.com>2013-09-20 18:41:15 -0700
commit15ae108832aa94fdc098703de183bbf61baba58a (patch)
treed3f20e5964cb357c57d8b1bb932147eb0a5905b0
parent7585b58d28978837a89f3a541c8b508dd04a92bc (diff)
downloadvolse-hubzilla-15ae108832aa94fdc098703de183bbf61baba58a.tar.gz
volse-hubzilla-15ae108832aa94fdc098703de183bbf61baba58a.tar.bz2
volse-hubzilla-15ae108832aa94fdc098703de183bbf61baba58a.zip
missing uid check on comanche_block to ensure we get the block with that name that we own
-rw-r--r--include/comanche.php3
1 files changed, 2 insertions, 1 deletions
diff --git a/include/comanche.php b/include/comanche.php
index 56a16fd3b..eb0de96c7 100644
--- a/include/comanche.php
+++ b/include/comanche.php
@@ -86,7 +86,8 @@ function comanche_replace_region($match) {
function comanche_block($name) {
$o = '';
- $r = q("select * from item left join item_id on iid = item_id and item_id.uid = item.uid and service = 'BUILDBLOCK' and sid = '%s' limit 1",
+ $r = q("select * from item left join item_id on iid = item_id and item_id.uid = item.uid and item.uid = %d and service = 'BUILDBLOCK' and sid = '%s' limit 1",
+ intval($a->profile['profile_uid']),
dbesc($name)
);
if($r) {