diff options
author | friendica <info@friendica.com> | 2012-09-09 21:17:06 -0700 |
---|---|---|
committer | friendica <info@friendica.com> | 2012-09-09 21:17:06 -0700 |
commit | 3ebb4a3dc7a369e7a716ab93d02b44b20522080f (patch) | |
tree | 5b8daecf7a29c6fe2f0c8572204d9e2bd1713a50 /include/security.php | |
parent | a08666be142c484134c2f10cf0c460c8a3c07682 (diff) | |
download | volse-hubzilla-3ebb4a3dc7a369e7a716ab93d02b44b20522080f.tar.gz volse-hubzilla-3ebb4a3dc7a369e7a716ab93d02b44b20522080f.tar.bz2 volse-hubzilla-3ebb4a3dc7a369e7a716ab93d02b44b20522080f.zip |
updates
Diffstat (limited to 'include/security.php')
-rw-r--r-- | include/security.php | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/include/security.php b/include/security.php index 497166ec4..bc1e97059 100644 --- a/include/security.php +++ b/include/security.php @@ -181,12 +181,26 @@ function can_write_wall(&$a,$owner) { elseif($verified === 1) return false; else { + $cid = 0; + + if(is_array($_SESSION['remote'])) { + foreach($_SESSION['remote'] as $visitor) { + if($visitor['uid'] == $owner) { + $cid = $visitor['cid']; + break; + } + } + } + + if(! $cid) + return false; + $r = q("SELECT `contact`.*, `user`.`page-flags` FROM `contact` LEFT JOIN `user` on `user`.`uid` = `contact`.`uid` WHERE `contact`.`uid` = %d AND `contact`.`id` = %d AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 AND `user`.`blockwall` = 0 AND `readonly` = 0 AND ( `contact`.`rel` IN ( %d , %d ) OR `user`.`page-flags` = %d ) LIMIT 1", intval($owner), - intval(remote_user()), + intval($cid), intval(CONTACT_IS_SHARING), intval(CONTACT_IS_FRIEND), intval(PAGE_COMMUNITY) |