aboutsummaryrefslogtreecommitdiffstats
path: root/include/security.php
diff options
context:
space:
mode:
authorzotlabs <mike@macgirvin.com>2019-03-10 22:32:37 -0700
committerzotlabs <mike@macgirvin.com>2019-03-10 22:32:37 -0700
commit4e97fb0e587eed6875b1d3a2615b0997a7f13c63 (patch)
treec3af3a1b5058c2fa234cc6d26d07e259f02ed6bf /include/security.php
parent1688e373bcaa9ab96de5e7010464aa531753c351 (diff)
downloadvolse-hubzilla-4e97fb0e587eed6875b1d3a2615b0997a7f13c63.tar.gz
volse-hubzilla-4e97fb0e587eed6875b1d3a2615b0997a7f13c63.tar.bz2
volse-hubzilla-4e97fb0e587eed6875b1d3a2615b0997a7f13c63.zip
testing init_groups_visitor changes - also add virtual groups for both zot identities
Diffstat (limited to 'include/security.php')
-rw-r--r--include/security.php24
1 files changed, 11 insertions, 13 deletions
diff --git a/include/security.php b/include/security.php
index 4af46c257..44cd605dc 100644
--- a/include/security.php
+++ b/include/security.php
@@ -564,17 +564,6 @@ function check_form_security_token_ForbiddenOnErr($typename = '', $formname = 'f
function init_groups_visitor($contact_id) {
$groups = [];
- // private profiles are treated as a virtual group
-
- $r = q("SELECT abook_profile from abook where abook_xchan = '%s' and abook_profile != '' ",
- dbesc($contact_id)
- );
- if($r) {
- foreach($r as $rv) {
- $groups[] = 'vp.' . $rv['abook_profile'];
- }
- }
-
$x = q("select * from xchan where xchan_hash = '%s'",
dbesc($contact_id)
);
@@ -594,10 +583,19 @@ function init_groups_visitor($contact_id) {
if($xchans) {
$hashes = ids_to_querystr($xchans,'xchan_hash',true);
}
-
+
+ // private profiles are treated as a virtual group
+
+ $r = q("SELECT abook_profile from abook where abook_xchan in ( " . protect_sprintf($hashes) . " ) and abook_profile != '' ");
+ if($r) {
+ foreach($r as $rv) {
+ $groups[] = 'vp.' . $rv['abook_profile'];
+ }
+ }
+
// physical groups this identity is a member of
- $r = q("SELECT hash FROM pgrp left join pgrp_member on pgrp.id = pgrp_member.gid WHERE xchan in ( " . protect_sprintf($hashes) . " ) " );
+ $r = q("SELECT hash FROM pgrp left join pgrp_member on pgrp.id = pgrp_member.gid WHERE xchan in ( " . protect_sprintf($hashes) . " ) ");
if($r) {
foreach($r as $rr)
$groups[] = $rr['hash'];