aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorfriendica <info@friendica.com>2013-09-22 22:52:48 -0700
committerfriendica <info@friendica.com>2013-09-22 22:52:48 -0700
commit956d275693c451c4d9ba60751704b80257f37433 (patch)
tree972cc4a680deea49aeae5c602ac60f1150911495 /include
parent3ff96427506de4d7f230b94e333cb5f397ceb895 (diff)
downloadvolse-hubzilla-956d275693c451c4d9ba60751704b80257f37433.tar.gz
volse-hubzilla-956d275693c451c4d9ba60751704b80257f37433.tar.bz2
volse-hubzilla-956d275693c451c4d9ba60751704b80257f37433.zip
fixes for display and search privacy enforcement
Diffstat (limited to 'include')
-rw-r--r--include/security.php46
1 files changed, 36 insertions, 10 deletions
diff --git a/include/security.php b/include/security.php
index 4738e473b..632b8d607 100644
--- a/include/security.php
+++ b/include/security.php
@@ -302,16 +302,19 @@ function public_permissions_sql($observer_hash) {
foreach($groups as $g)
$gs .= '|<' . $g . '>';
}
- $sql = sprintf(
- " OR (( NOT (deny_cid like '%s' OR deny_gid REGEXP '%s')
- AND ( allow_cid like '%s' OR allow_gid REGEXP '%s' OR ( allow_cid = '' AND allow_gid = '') )
- ))
- ",
- dbesc(protect_sprintf( '%<' . $observer_hash . '>%')),
- dbesc($gs),
- dbesc(protect_sprintf( '%<' . $observer_hash . '>%')),
- dbesc($gs)
- );
+ $sql = '';
+ if($observer_hash) {
+ $sql = sprintf(
+ " OR (( NOT (deny_cid like '%s' OR deny_gid REGEXP '%s')
+ AND ( allow_cid like '%s' OR allow_gid REGEXP '%s' OR ( allow_cid = '' AND allow_gid = '') )
+ ))
+ ",
+ dbesc(protect_sprintf( '%<' . $observer_hash . '>%')),
+ dbesc($gs),
+ dbesc(protect_sprintf( '%<' . $observer_hash . '>%')),
+ dbesc($gs)
+ );
+ }
return $sql;
}
@@ -424,6 +427,29 @@ function stream_perms_api_uids($perms_min = PERMS_SITE) {
$str .= ',';
$str .= intval($rr);
}
+logger('stream_perms_api_uids: ' . $str);
return $str;
}
+function stream_perms_xchans($perms_min = PERMS_SITE) {
+ $ret = array();
+ if(local_user())
+ $ret[] = get_observer_hash();
+ $r = q("select channel_hash from channel where channel_r_stream <= %d",
+ intval($perms_min)
+ );
+ if($r)
+ foreach($r as $rr)
+ if(! in_array($rr['channel_hash'],$ret))
+ $ret[] = $rr['channel_hash'];
+
+ $str = '';
+ if($ret)
+ foreach($ret as $rr) {
+ if($str)
+ $str .= ',';
+ $str .= "'" . dbesc($rr) . "'";
+ }
+logger('stream_perms_xchans: ' . $str);
+ return $str;
+}