aboutsummaryrefslogtreecommitdiffstats
path: root/include/attach.php
diff options
context:
space:
mode:
authorredmatrix <mike@macgirvin.com>2016-09-30 13:00:15 -0700
committerredmatrix <mike@macgirvin.com>2016-09-30 13:00:15 -0700
commit56b12f655546dc122e734654e1d5e5fc6dd06c43 (patch)
treeccbc38af7150cb9cd37254619b5a5d878f07d9d5 /include/attach.php
parente48323775d7db4dce5d74a6b4fa23bf7d45326c6 (diff)
downloadvolse-hubzilla-56b12f655546dc122e734654e1d5e5fc6dd06c43.tar.gz
volse-hubzilla-56b12f655546dc122e734654e1d5e5fc6dd06c43.tar.bz2
volse-hubzilla-56b12f655546dc122e734654e1d5e5fc6dd06c43.zip
issue #538 continued
Diffstat (limited to 'include/attach.php')
-rw-r--r--include/attach.php8
1 files changed, 4 insertions, 4 deletions
diff --git a/include/attach.php b/include/attach.php
index 8fa46a8b1..3d55b3bcb 100644
--- a/include/attach.php
+++ b/include/attach.php
@@ -254,7 +254,7 @@ function attach_by_hash($hash, $observer_hash, $rev = 0) {
return $ret;
}
- $sql_extra = permissions_sql($r[0]['uid']);
+ $sql_extra = permissions_sql($r[0]['uid'],$observer_hash);
// Now we'll see if we can access the attachment
@@ -269,7 +269,7 @@ function attach_by_hash($hash, $observer_hash, $rev = 0) {
}
if($r[0]['folder']) {
- $x = attach_can_view_folder($r[0]['uid'],get_observer_hash(),$r[0]['folder']);
+ $x = attach_can_view_folder($r[0]['uid'],$observer_hash,$r[0]['folder']);
if(! $x) {
$ret['message'] = t('Permission denied.');
return $ret;
@@ -340,7 +340,7 @@ function attach_by_hash_nodata($hash, $observer_hash, $rev = 0) {
return $ret;
}
- $sql_extra = permissions_sql($r[0]['uid']);
+ $sql_extra = permissions_sql($r[0]['uid'],$observer_hash);
// Now we'll see if we can access the attachment
@@ -355,7 +355,7 @@ function attach_by_hash_nodata($hash, $observer_hash, $rev = 0) {
}
if($r[0]['folder']) {
- $x = attach_can_view_folder($r[0]['uid'],get_observer_hash(),$r[0]['folder']);
+ $x = attach_can_view_folder($r[0]['uid'],$observer_hash,$r[0]['folder']);
if(! $x) {
$ret['message'] = t('Permission denied.');
return $ret;