diff options
| author | Mike Macgirvin <mike@macgirvin.com> | 2010-10-17 20:04:17 -0700 |
|---|---|---|
| committer | Mike Macgirvin <mike@macgirvin.com> | 2010-10-17 20:04:17 -0700 |
| commit | 0f47ac282c30c61dbc13e42c4f53b2fc14d65593 (patch) | |
| tree | b56358665636f78c6e9a62f2abebfb75049cf447 /include/security.php | |
| parent | f5a8a92df101cbf37fedb9ac3f7702f60a40772e (diff) | |
| download | volse-hubzilla-0f47ac282c30c61dbc13e42c4f53b2fc14d65593.tar.gz volse-hubzilla-0f47ac282c30c61dbc13e42c4f53b2fc14d65593.tar.bz2 volse-hubzilla-0f47ac282c30c61dbc13e42c4f53b2fc14d65593.zip | |
celebrity/group/community pages about 75% implemented
Diffstat (limited to 'include/security.php')
| -rw-r--r-- | include/security.php | 17 |
1 files changed, 10 insertions, 7 deletions
diff --git a/include/security.php b/include/security.php index 630690f9e..cb1077049 100644 --- a/include/security.php +++ b/include/security.php @@ -3,15 +3,18 @@ function can_write_wall(&$a,$owner) { if((! (local_user())) && (! (remote_user()))) return false; - if((local_user()) && ($_SESSION['uid'] == $owner)) + $uid = get_uid(); + if(($uid) && ($uid === $owner)) return true; - $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `id` = %d AND `blocked` = 0 AND `pending` = 0 - AND `readonly` = 0 AND `rel` IN ( %d , %d ) LIMIT 1", - intval($owner), - intval($_SESSION['visitor_id']), - intval(REL_VIP), - intval(REL_BUD) + $r = q("SELECT `contact`.*, `user`.`page-flags` FROM `contact` LEFT JOIN `user` on `user`.`uid` = `contact`.`uid` + WHERE `contact`.`uid` = %d AND `contact`.`id` = %d AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 + AND `readonly` = 0 AND ( `contact`.`rel` IN ( %d , %d ) OR `user`.`page_flags` = %d ) LIMIT 1", + intval($owner), + intval($_SESSION['visitor_id']), + intval(REL_VIP), + intval(REL_BUD), + intval(PAGE_COMMUNITY) ); if(count($r)) return true; |