introduce a new privacy level "PERMS_AUTHED" to indicate somebody that is able to successfully authenticate (but is not necessarily in this network).

2 files changed, 9 insertions, 1 deletions

diff --git a/include/auth.php b/include/auth.php
index 425715014..a3b028c73 100644
--- a/include/auth.php
+++ b/include/auth.php
@@ -93,7 +93,7 @@ if((isset($_SESSION)) && (x($_SESSION,'authenticated')) && ((! (x($_POST,'auth-p
 			}
 		}
 
-		$r = q("select * from hubloc left join xchan on xchan_hash = hubloc_hash where hubloc_hash = '%s' limit 1",
+		$r = q("select * from xchan left join hubloc on xchan_hash = hubloc_hash where xchan_hash = '%s' limit 1",
 			dbesc($_SESSION['visitor_id'])
 		);
 		if($r) {
diff --git a/include/permissions.php b/include/permissions.php
index 0cbb5b984..eb1a7966f 100644
--- a/include/permissions.php
+++ b/include/permissions.php
@@ -88,6 +88,11 @@ function get_all_perms($uid,$observer_xchan,$internal_use = true) {
 		// These take priority over all other settings.
 
 		if($observer_xchan) {
+			if($r[0][$channel_perm] & PERMS_AUTHED) {
+				$ret[$perm_name] = true;
+				continue;
+			}
+			
 			if(! $abook_checked) {
 				$x = q("select abook_my_perms, abook_flags, xchan_network from abook left join xchan on abook_xchan = xchan_hash
 					where abook_channel = %d and abook_xchan = '%s' and not ( abook_flags & %d ) limit 1",
@@ -240,6 +245,9 @@ function perm_is_allowed($uid,$observer_xchan,$permission) {
 		return false;
 
 	if($observer_xchan) {
+		if($r[0][$channel_perm] & PERMS_AUTHED)
+			return true;
+
 		$x = q("select abook_my_perms, abook_flags, xchan_network from abook left join xchan on abook_xchan = xchan_hash 
 			where abook_channel = %d and abook_xchan = '%s' and not ( abook_flags & %d ) limit 1",
 			intval($uid),