diff options
| author | redmatrix <redmatrix@redmatrix.me> | 2015-09-07 04:06:27 -0700 |
|---|---|---|
| committer | redmatrix <redmatrix@redmatrix.me> | 2015-09-07 04:06:27 -0700 |
| commit | 2f52b6c164a76435a957ad6a0562a55ae0becc2a (patch) | |
| tree | 79c8d188ae9ef4e3f0cf5e9f99e5f4734f6fef10 /include/security.php | |
| parent | 2312f03eacd973c18342e26087d279ea2bebd4a8 (diff) | |
| parent | 5d59462e49b893507c714d9ec72472e884677cd5 (diff) | |
| download | volse-hubzilla-2f52b6c164a76435a957ad6a0562a55ae0becc2a.tar.gz volse-hubzilla-2f52b6c164a76435a957ad6a0562a55ae0becc2a.tar.bz2 volse-hubzilla-2f52b6c164a76435a957ad6a0562a55ae0becc2a.zip | |
Merge https://github.com/redmatrix/redmatrix into pending_merge
Conflicts:
util/messages.po
Diffstat (limited to 'include/security.php')
| -rw-r--r-- | include/security.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/include/security.php b/include/security.php index 7cc93fc06..380505a79 100644 --- a/include/security.php +++ b/include/security.php @@ -256,7 +256,7 @@ function item_permissions_sql($owner_id, $remote_observer = null) { $regexop = db_getfunc('REGEXP'); $sql = sprintf( " AND ( NOT (deny_cid like '%s' OR deny_gid $regexop '%s') - AND ( allow_cid like '%s' OR allow_gid $regexop '%s' OR ( allow_cid = '' AND allow_gid = '') ) + AND ( allow_cid like '%s' OR allow_gid $regexop '%s' OR ( allow_cid = '' AND allow_gid = '' AND item_private = 0 ) ) ) ", dbesc(protect_sprintf( '%<' . $observer . '>%')), @@ -291,7 +291,7 @@ function public_permissions_sql($observer_hash) { $regexop = db_getfunc('REGEXP'); $sql = sprintf( " OR (( NOT (deny_cid like '%s' OR deny_gid $regexop '%s') - AND ( allow_cid like '%s' OR allow_gid $regexop '%s' OR ( allow_cid = '' AND allow_gid = '') ) + AND ( allow_cid like '%s' OR allow_gid $regexop '%s' OR ( allow_cid = '' AND allow_gid = '' AND item_private = 0 ) ) )) ", dbesc(protect_sprintf( '%<' . $observer_hash . '>%')), |