aboutsummaryrefslogtreecommitdiffstats
path: root/mod/item.php
diff options
context:
space:
mode:
authorfriendica <info@friendica.com>2013-11-13 03:15:07 -0800
committerfriendica <info@friendica.com>2013-11-13 03:15:07 -0800
commit251ba6db30d9f75d1e9e03e5bed6c5dec2c4402b (patch)
treeaefad98d41e39f7a1687378ffcb1f5978eb57fa4 /mod/item.php
parenta1b8f6e4ec4fb0b9a56857173bb2f390f4f42fdd (diff)
downloadvolse-hubzilla-251ba6db30d9f75d1e9e03e5bed6c5dec2c4402b.tar.gz
volse-hubzilla-251ba6db30d9f75d1e9e03e5bed6c5dec2c4402b.tar.bz2
volse-hubzilla-251ba6db30d9f75d1e9e03e5bed6c5dec2c4402b.zip
fix photo permissions on encrypted posts
Diffstat (limited to 'mod/item.php')
-rw-r--r--mod/item.php10
1 files changed, 8 insertions, 2 deletions
diff --git a/mod/item.php b/mod/item.php
index be24d242c..b564c7545 100644
--- a/mod/item.php
+++ b/mod/item.php
@@ -412,12 +412,18 @@ function item_post(&$a) {
* now. So now we'll look for links of uploaded photos and attachments that are in the
* post and set them to the same permissions as the post itself.
*
+ * If the post was end-to-end encrypted we can't find images and attachments in the body,
+ * use our media_str input instead which only contains these elements - but only do this
+ * when encrypted content exists because the photo/attachment may have been removed from
+ * the post and we should keep it private. If it's encrypted we have no way of knowing
+ * so we'll set the permissions regardless and realise that the media may not be
+ * referenced in the post.
*/
if(! $preview) {
- fix_attached_photo_permissions($profile_uid,$owner_xchan['xchan_hash'],$body,$str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny);
+ fix_attached_photo_permissions($profile_uid,$owner_xchan['xchan_hash'],((strpos($body,'[/crypt]')) ? $_POST['media_str'] : $body),$str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny);
- fix_attached_file_permissions($channel,$observer['xchan_hash'],$body,$str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny);
+ fix_attached_file_permissions($channel,$observer['xchan_hash'],((strpos($body,'[/crypt]')) ? $_POST['media_str'] : $body),$str_contact_allow,$str_group_allow,$str_contact_deny,$str_group_deny);
}