diff options
| author | friendica <info@friendica.com> | 2012-03-06 17:21:14 -0800 |
|---|---|---|
| committer | friendica <info@friendica.com> | 2012-03-06 17:21:14 -0800 |
| commit | 88cd5800cf2e22f365bc38f567fcc1627e9278a7 (patch) | |
| tree | 6c73c3b9db3b7ca267a379b291af90df91839d21 /include | |
| parent | 39a49d51e370f6421a065cd78594e849ef92ff73 (diff) | |
| download | volse-hubzilla-88cd5800cf2e22f365bc38f567fcc1627e9278a7.tar.gz volse-hubzilla-88cd5800cf2e22f365bc38f567fcc1627e9278a7.tar.bz2 volse-hubzilla-88cd5800cf2e22f365bc38f567fcc1627e9278a7.zip | |
[privacy] rework latest fix
Diffstat (limited to 'include')
| -rwxr-xr-x | include/security.php | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/include/security.php b/include/security.php index 6b8128bdd..c04491570 100755 --- a/include/security.php +++ b/include/security.php @@ -159,6 +159,7 @@ function permissions_sql($owner_id,$remote_verified = false,$groups = null) { AND allow_gid = '' AND deny_cid = '' AND deny_gid = '' + AND private = 0 "; /** @@ -199,10 +200,11 @@ function permissions_sql($owner_id,$remote_verified = false,$groups = null) { } $sql = sprintf( - " AND ( allow_cid = '' OR allow_cid REGEXP '<%d>' ) + " AND (( allow_cid = '' OR allow_cid REGEXP '<%d>' ) AND ( deny_cid = '' OR NOT deny_cid REGEXP '<%d>' ) AND ( allow_gid = '' OR allow_gid REGEXP '%s' ) AND ( deny_gid = '' OR NOT deny_gid REGEXP '%s') + OR private = 0 ) ", intval($remote_user), intval($remote_user), |