diff options
| author | friendica <info@friendica.com> | 2014-06-14 16:35:38 -0700 |
|---|---|---|
| committer | friendica <info@friendica.com> | 2014-06-14 16:35:38 -0700 |
| commit | b67c8ec8b99f5a552c08afaedf022b088e55ef47 (patch) | |
| tree | d4deaf9e189406526214e836ff998beb31679228 /mod/item.php | |
| parent | 794cded66e521cdc581e00e4c432694c3117cfed (diff) | |
| download | volse-hubzilla-b67c8ec8b99f5a552c08afaedf022b088e55ef47.tar.gz volse-hubzilla-b67c8ec8b99f5a552c08afaedf022b088e55ef47.tar.bz2 volse-hubzilla-b67c8ec8b99f5a552c08afaedf022b088e55ef47.zip | |
webpage permissions weirdness
Diffstat (limited to 'mod/item.php')
| -rw-r--r-- | mod/item.php | 23 |
1 files changed, 14 insertions, 9 deletions
diff --git a/mod/item.php b/mod/item.php index 68582e580..7b105ee65 100644 --- a/mod/item.php +++ b/mod/item.php @@ -46,7 +46,7 @@ function item_post(&$a) { call_hooks('post_local_start', $_REQUEST); -// logger('postvars ' . print_r($_REQUEST,true), LOGGER_DATA); + logger('postvars ' . print_r($_REQUEST,true), LOGGER_DATA); $api_source = ((x($_REQUEST,'api_source') && $_REQUEST['api_source']) ? true : false); @@ -262,14 +262,19 @@ function item_post(&$a) { if($orig_post) { - $str_group_allow = ((array_key_exists('group_allow',$_REQUEST)) - ? perms2str($_REQUEST['group_allow']) : $orig_post['allow_gid']); - $str_contact_allow = ((array_key_exists('contact_allow',$_REQUEST)) - ? perms2str($_REQUEST['contact_allow']) : $orig_post['allow_cid']); - $str_group_deny = ((array_key_exists('group_deny',$_REQUEST)) - ? perms2str($_REQUEST['group_deny']) : $orig_post['deny_gid']); - $str_contact_deny = ((array_key_exists('contact_deny',$_REQUEST)) - ? perms2str($_REQUEST['contact_deny']) : $orig_post['deny_cid']); + // webpages are allowed to change ACLs after the fact. Normal conversation items aren't. + if($webpage) { + $str_group_allow = perms2str($_REQUEST['group_allow']); + $str_contact_allow = perms2str($_REQUEST['contact_allow']); + $str_group_deny = perms2str($_REQUEST['group_deny']); + $str_contact_deny = perms2str($_REQUEST['contact_deny']); + } + else { + $str_group_allow = $orig_post['allow_gid']; + $str_contact_allow = $orig_post['allow_cid']; + $str_group_deny = $orig_post['deny_gid']; + $str_contact_deny = $orig_post['deny_cid']; + } $location = $orig_post['location']; $coord = $orig_post['coord']; $verb = $orig_post['verb']; |