slight change in mail privacy implementation. If you initiate a private mail conversation and they respond, accept the reply. You can't hide behind your permissions or lack thereof. Often this will be accidental. If you truly want to block them from replying and your permissions otherwise would not allow them to reply, delete the conversation.

1 files changed, 22 insertions, 4 deletions

diff --git a/include/zot.php b/include/zot.php
index c11cace2a..25ea9b8fb 100644
--- a/include/zot.php
+++ b/include/zot.php
@@ -2285,13 +2285,31 @@ function process_mail_delivery($sender, $arr, $deliveries) {
 			continue;
 		}
 
+
 		if(! perm_is_allowed($channel['channel_id'],$sender['hash'],'post_mail')) {
-			logger("permission denied for mail delivery {$channel['channel_id']}");
-			$DR->update('permission denied');
-			$result[] = $DR->get();
-			continue;
+
+			/* 
+			 * Always allow somebody to reply if you initiated the conversation. It's anti-social
+			 * and a bit rude to send a private message to somebody and block their ability to respond.
+			 * If you are being harrassed and want to put an end to it, delete the conversation.
+			 */
+
+			$return = false;
+			if($arr['parent_mid']) {
+				$return = q("select * from mail where mid = '%s' and channel_id = %d limit 1",
+					dbesc($arr['parent_mid']),
+					intval($channel['channel_id'])
+				);
+			}
+			if(! $return) {
+				logger("permission denied for mail delivery {$channel['channel_id']}");
+				$DR->update('permission denied');
+				$result[] = $DR->get();
+				continue;
+			}
 		}
 
+
 		$r = q("select id from mail where mid = '%s' and channel_id = %d limit 1",
 			dbesc($arr['mid']),
 			intval($channel['channel_id'])