search should be ok, but a little extra security won't hurt

author: friendica <info@friendica.com> 2012-03-06 15:15:59 -0800
committer: friendica <info@friendica.com> 2012-03-06 15:15:59 -0800
commit: a464e4d33fbca9c02cd99abab092d43b631aa780 (patch)
tree: c40b8d0265d94e28985b6bb95bb24cfac891a0f9 /mod/search.php
parent: 009a826a4918b3d1e9feaf74e482b408f366ba41 (diff)
download: volse-hubzilla-a464e4d33fbca9c02cd99abab092d43b631aa780.tar.gz
volse-hubzilla-a464e4d33fbca9c02cd99abab092d43b631aa780.tar.bz2
volse-hubzilla-a464e4d33fbca9c02cd99abab092d43b631aa780.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/mod/search.php b/mod/search.php
index fe09b671f..386592ea1 100755
--- a/mod/search.php
+++ b/mod/search.php
@@ -127,7 +127,7 @@ function search_content(&$a) {
 		FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
 		LEFT JOIN `user` ON `user`.`uid` = `item`.`uid`
 		WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0
-		AND (( `wall` = 1 AND `item`.`allow_cid` = ''  AND `item`.`allow_gid` = '' AND `item`.`deny_cid`  = '' AND `item`.`deny_gid`  = '' AND `user`.`hidewall` = 0 ) 
+		AND (( `wall` = 1 AND `item`.`allow_cid` = ''  AND `item`.`allow_gid` = '' AND `item`.`deny_cid`  = '' AND `item`.`deny_gid`  = '' AND `item`.`private` = 0 AND `user`.`hidewall` = 0 ) 
 			OR `item`.`uid` = %d )
 		AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
 		$search_alg
author	friendica <info@friendica.com>	2012-03-06 15:15:59 -0800
committer	friendica <info@friendica.com>	2012-03-06 15:15:59 -0800
commit	a464e4d33fbca9c02cd99abab092d43b631aa780 (patch)
tree	c40b8d0265d94e28985b6bb95bb24cfac891a0f9 /mod/search.php
parent	009a826a4918b3d1e9feaf74e482b408f366ba41 (diff)
download	volse-hubzilla-a464e4d33fbca9c02cd99abab092d43b631aa780.tar.gz volse-hubzilla-a464e4d33fbca9c02cd99abab092d43b631aa780.tar.bz2 volse-hubzilla-a464e4d33fbca9c02cd99abab092d43b631aa780.zip