diff options
author | friendica <info@friendica.com> | 2013-09-20 18:41:15 -0700 |
---|---|---|
committer | friendica <info@friendica.com> | 2013-09-20 18:41:15 -0700 |
commit | 15ae108832aa94fdc098703de183bbf61baba58a (patch) | |
tree | d3f20e5964cb357c57d8b1bb932147eb0a5905b0 /include | |
parent | 7585b58d28978837a89f3a541c8b508dd04a92bc (diff) | |
download | volse-hubzilla-15ae108832aa94fdc098703de183bbf61baba58a.tar.gz volse-hubzilla-15ae108832aa94fdc098703de183bbf61baba58a.tar.bz2 volse-hubzilla-15ae108832aa94fdc098703de183bbf61baba58a.zip |
missing uid check on comanche_block to ensure we get the block with that name that we own
Diffstat (limited to 'include')
-rw-r--r-- | include/comanche.php | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/include/comanche.php b/include/comanche.php index 56a16fd3b..eb0de96c7 100644 --- a/include/comanche.php +++ b/include/comanche.php @@ -86,7 +86,8 @@ function comanche_replace_region($match) { function comanche_block($name) { $o = ''; - $r = q("select * from item left join item_id on iid = item_id and item_id.uid = item.uid and service = 'BUILDBLOCK' and sid = '%s' limit 1", + $r = q("select * from item left join item_id on iid = item_id and item_id.uid = item.uid and item.uid = %d and service = 'BUILDBLOCK' and sid = '%s' limit 1", + intval($a->profile['profile_uid']), dbesc($name) ); if($r) { |