aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs/Module
diff options
context:
space:
mode:
authorMario <mario@mariovavti.com>2022-01-20 10:27:55 +0000
committerMario <mario@mariovavti.com>2022-01-20 10:27:55 +0000
commitae1fe83784f0fbe8a4ef71239631ae7a04b74e66 (patch)
tree140285c89d1bbbeeb9c512c81bbd1a7dca91d3ba /Zotlabs/Module
parentec491e87abadbf7e0f275a7c0ae99b45fbf9068c (diff)
downloadvolse-hubzilla-ae1fe83784f0fbe8a4ef71239631ae7a04b74e66.tar.gz
volse-hubzilla-ae1fe83784f0fbe8a4ef71239631ae7a04b74e66.tar.bz2
volse-hubzilla-ae1fe83784f0fbe8a4ef71239631ae7a04b74e66.zip
fix potential issue with ap addressing in mod hq
Diffstat (limited to 'Zotlabs/Module')
-rw-r--r--Zotlabs/Module/Hq.php12
1 files changed, 6 insertions, 6 deletions
diff --git a/Zotlabs/Module/Hq.php b/Zotlabs/Module/Hq.php
index 3b8e88488..29b0df739 100644
--- a/Zotlabs/Module/Hq.php
+++ b/Zotlabs/Module/Hq.php
@@ -42,6 +42,9 @@ class Hq extends \Zotlabs\Web\Controller {
$item_normal = item_normal();
$item_normal_update = item_normal_update();
+ $sys = get_sys_channel();
+ $sys_item = false;
+ $sql_extra = '';
if(! $item_hash) {
$r = q("SELECT mid FROM item
@@ -77,11 +80,6 @@ class Hq extends \Zotlabs\Web\Controller {
if($update && $_SESSION['loadtime'])
$simple_update = " AND (( item_unseen = 1 AND item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) OR item.changed > '" . datetime_convert('UTC','UTC',$_SESSION['loadtime']) . "' ) ";
- $sys = get_sys_channel();
- $sql_extra = item_permissions_sql($sys['channel_id']);
-
- $sys_item = false;
-
}
if(! $update) {
@@ -183,6 +181,7 @@ class Hq extends \Zotlabs\Web\Controller {
if(!$r) {
$sys_item = true;
+ $sql_extra = item_permissions_sql($sys['channel_id']);
$r = q("SELECT item.id AS item_id FROM item
LEFT JOIN abook ON item.author_xchan = abook.abook_xchan
@@ -209,6 +208,7 @@ class Hq extends \Zotlabs\Web\Controller {
if(!$r) {
$sys_item = true;
+ $sql_extra = item_permissions_sql($sys['channel_id']);
$r = q("SELECT item.parent AS item_id FROM item
LEFT JOIN abook ON item.author_xchan = abook.abook_xchan
@@ -227,7 +227,7 @@ class Hq extends \Zotlabs\Web\Controller {
if($r) {
$items = q("SELECT item.*, item.id AS item_id
FROM item
- WHERE parent = '%s' $item_normal ",
+ WHERE parent = '%s' $item_normal $sql_extra",
dbesc($r[0]['item_id'])
);