Merge branch 2.2RC2.2

1 files changed, 25 insertions, 14 deletions

diff --git a/include/security.php b/include/security.php
index 2f5de54c7..b49ceec0d 100644
--- a/include/security.php
+++ b/include/security.php
@@ -171,19 +171,16 @@ function atoken_create_xchan($xchan) {
 	if($r)
 		return;
 
-	$r = q("insert into xchan ( xchan_hash, xchan_guid, xchan_addr, xchan_url, xchan_name, xchan_network, xchan_photo_mimetype, xchan_photo_l, xchan_photo_m, xchan_photo_s )
-		values ('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s') ",
-		dbesc($xchan['xchan_hash']),
-		dbesc($xchan['xchan_hash']),
-		dbesc($xchan['xchan_addr']),
-		dbesc($xchan['xchan_url']),
-		dbesc($xchan['xchan_name']),
-		dbesc($xchan['xchan_network']),
-		dbesc($xchan['xchan_photo_mimetype']),
-		dbesc($xchan['xchan_photo_l']),
-		dbesc($xchan['xchan_photo_m']),
-		dbesc($xchan['xchan_photo_s'])
-	);
+	$xchan['xchan_guid'] = $xchan['xchan_hash'];
+
+	$store = [];
+	foreach($xchan as $k => $v) {
+		if(strpos($k,'xchan_') === 0) {
+			$store[$k] = $v;
+		}
+	}
+	
+	$r = xchan_store_lowlevel($store);
 
 	return true;
 }
@@ -556,7 +553,21 @@ function check_form_security_token_ForbiddenOnErr($typename = '', $formname = 'f
 // var $contact_id = xchan_hash of connection
 
 function init_groups_visitor($contact_id) {
-	$groups = array();
+	$groups = [];
+
+	// private profiles are treated as a virtual group
+
+	$r = q("SELECT abook_profile from abook where abook_xchan = '%s' and abook_profile != '' ",
+		dbesc($contact_id)
+	);
+	if($r) {
+		foreach($r as $rv) {
+			$groups[] = 'vp.' . $rv['abook_profile'];
+		}
+	}
+
+	// physical groups this channel is a member of
+
 	$r = q("SELECT hash FROM groups left join group_member on groups.id = group_member.gid WHERE xchan = '%s' ",
 		dbesc($contact_id)
 	);