aboutsummaryrefslogtreecommitdiffstats
path: root/include/security.php
diff options
context:
space:
mode:
authorfriendica <info@friendica.com>2012-09-09 21:17:06 -0700
committerfriendica <info@friendica.com>2012-09-09 21:17:06 -0700
commit3ebb4a3dc7a369e7a716ab93d02b44b20522080f (patch)
tree5b8daecf7a29c6fe2f0c8572204d9e2bd1713a50 /include/security.php
parenta08666be142c484134c2f10cf0c460c8a3c07682 (diff)
downloadvolse-hubzilla-3ebb4a3dc7a369e7a716ab93d02b44b20522080f.tar.gz
volse-hubzilla-3ebb4a3dc7a369e7a716ab93d02b44b20522080f.tar.bz2
volse-hubzilla-3ebb4a3dc7a369e7a716ab93d02b44b20522080f.zip
updates
Diffstat (limited to 'include/security.php')
-rw-r--r--include/security.php16
1 files changed, 15 insertions, 1 deletions
diff --git a/include/security.php b/include/security.php
index 497166ec4..bc1e97059 100644
--- a/include/security.php
+++ b/include/security.php
@@ -181,12 +181,26 @@ function can_write_wall(&$a,$owner) {
elseif($verified === 1)
return false;
else {
+ $cid = 0;
+
+ if(is_array($_SESSION['remote'])) {
+ foreach($_SESSION['remote'] as $visitor) {
+ if($visitor['uid'] == $owner) {
+ $cid = $visitor['cid'];
+ break;
+ }
+ }
+ }
+
+ if(! $cid)
+ return false;
+
$r = q("SELECT `contact`.*, `user`.`page-flags` FROM `contact` LEFT JOIN `user` on `user`.`uid` = `contact`.`uid`
WHERE `contact`.`uid` = %d AND `contact`.`id` = %d AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
AND `user`.`blockwall` = 0 AND `readonly` = 0 AND ( `contact`.`rel` IN ( %d , %d ) OR `user`.`page-flags` = %d ) LIMIT 1",
intval($owner),
- intval(remote_user()),
+ intval($cid),
intval(CONTACT_IS_SHARING),
intval(CONTACT_IS_FRIEND),
intval(PAGE_COMMUNITY)