diff options
| author | Haakon Meland Eriksen <haakon.eriksen@far.no> | 2016-01-27 17:24:05 +0100 |
|---|---|---|
| committer | Haakon Meland Eriksen <haakon.eriksen@far.no> | 2016-01-27 17:24:05 +0100 |
| commit | c766cf9565129b762998e709f5ee7c3eb14cffca (patch) | |
| tree | c462e39540d6f63e30d10aca1c64ffefcfa4d4ef /include/widgets.php | |
| parent | e4674142c6a205651d4bb207aa038e6d089da73f (diff) | |
| parent | 722d7ff38d5bbf49a7c990d9219998c2c8a5b58f (diff) | |
| download | volse-hubzilla-c766cf9565129b762998e709f5ee7c3eb14cffca.tar.gz volse-hubzilla-c766cf9565129b762998e709f5ee7c3eb14cffca.tar.bz2 volse-hubzilla-c766cf9565129b762998e709f5ee7c3eb14cffca.zip | |
Merge remote-tracking branch 'upstream/master'
Diffstat (limited to 'include/widgets.php')
| -rw-r--r-- | include/widgets.php | 20 |
1 files changed, 14 insertions, 6 deletions
diff --git a/include/widgets.php b/include/widgets.php index 8e8f67ae6..891e9c018 100644 --- a/include/widgets.php +++ b/include/widgets.php @@ -807,20 +807,28 @@ function widget_suggestedchats($arr) { } function widget_item($arr) { - // FIXME there is no $a here - $uid = $a->profile['profile_uid']; - if((! $uid) || (! $arr['mid'])) + + $channel_id = 0; + if(array_key_exists('channel_id',$arr) && intval($arr['channel_id'])) + $channel_id = intval($arr['channel_id']); + if(! $channel_id) + $channel_id = get_app()->profile_uid; + if(! $channel_id) return ''; - if(! perm_is_allowed($uid, get_observer_hash(), 'view_pages')) + + if(! $arr['mid']) + return ''; + + if(! perm_is_allowed($channel_id, get_observer_hash(), 'view_pages')) return ''; require_once('include/security.php'); - $sql_extra = item_permissions_sql($uid); + $sql_extra = item_permissions_sql($channel_id); $r = q("select * from item where mid = '%s' and uid = %d and item_type = " . intval(ITEM_TYPE_WEBPAGE) . " $sql_extra limit 1", dbesc($arr['mid']), - intval($uid) + intval($channel_id) ); if(! $r) |