diff options
author | zotlabs <mike@macgirvin.com> | 2018-03-22 19:52:25 -0700 |
---|---|---|
committer | zotlabs <mike@macgirvin.com> | 2018-03-22 19:52:25 -0700 |
commit | 034032c7c27ca0e0ba0720aeea84ba6272eb6d36 (patch) | |
tree | 6951198d7533b2666b8d2dc0828028623bfc98f2 /include/zot.php | |
parent | 05e11844e5a0f90b7f45f27047b2926442484108 (diff) | |
download | volse-hubzilla-034032c7c27ca0e0ba0720aeea84ba6272eb6d36.tar.gz volse-hubzilla-034032c7c27ca0e0ba0720aeea84ba6272eb6d36.tar.bz2 volse-hubzilla-034032c7c27ca0e0ba0720aeea84ba6272eb6d36.zip |
slight change in mail privacy implementation. If you initiate a private mail conversation and they respond, accept the reply. You can't hide behind your permissions or lack thereof. Often this will be accidental. If you truly want to block them from replying and your permissions otherwise would not allow them to reply, delete the conversation.
Diffstat (limited to 'include/zot.php')
-rw-r--r-- | include/zot.php | 26 |
1 files changed, 22 insertions, 4 deletions
diff --git a/include/zot.php b/include/zot.php index c11cace2a..25ea9b8fb 100644 --- a/include/zot.php +++ b/include/zot.php @@ -2285,13 +2285,31 @@ function process_mail_delivery($sender, $arr, $deliveries) { continue; } + if(! perm_is_allowed($channel['channel_id'],$sender['hash'],'post_mail')) { - logger("permission denied for mail delivery {$channel['channel_id']}"); - $DR->update('permission denied'); - $result[] = $DR->get(); - continue; + + /* + * Always allow somebody to reply if you initiated the conversation. It's anti-social + * and a bit rude to send a private message to somebody and block their ability to respond. + * If you are being harrassed and want to put an end to it, delete the conversation. + */ + + $return = false; + if($arr['parent_mid']) { + $return = q("select * from mail where mid = '%s' and channel_id = %d limit 1", + dbesc($arr['parent_mid']), + intval($channel['channel_id']) + ); + } + if(! $return) { + logger("permission denied for mail delivery {$channel['channel_id']}"); + $DR->update('permission denied'); + $result[] = $DR->get(); + continue; + } } + $r = q("select id from mail where mid = '%s' and channel_id = %d limit 1", dbesc($arr['mid']), intval($channel['channel_id']) |