diff options
| -rw-r--r-- | include/identity.php | 30 | ||||
| -rw-r--r-- | include/widgets.php | 12 | ||||
| -rw-r--r-- | mod/profile.php | 5 |
3 files changed, 27 insertions, 20 deletions
diff --git a/include/identity.php b/include/identity.php index 66e572866..b66eaad51 100644 --- a/include/identity.php +++ b/include/identity.php @@ -583,14 +583,16 @@ function profile_load(&$a, $nickname, $profile = '') { } + $a->profile = $p[0]; + $a->profile_uid = $p[0]['profile_uid']; + $a->page['title'] = $a->profile['channel_name'] . " - " . $a->profile['channel_address'] . "@" . $a->get_hostname(); + + $a->profile['permission_to_view'] = $can_view_profile; + if($can_view_profile) { - $a->profile = $p[0]; $online = get_online_status($nickname); $a->profile['online_status'] = $online['result']; - $a->profile_uid = $p[0]['profile_uid']; - - $a->page['title'] = $a->profile['channel_name'] . " - " . $a->profile['channel_address'] . "@" . $a->get_hostname(); } if(local_user()) { @@ -604,18 +606,12 @@ function profile_load(&$a, $nickname, $profile = '') { $_SESSION['theme'] = $p[0]['channel_theme']; - $a->set_template_engine(); // reset the template engine to the default in case the user's theme doesn't specify one +// $a->set_template_engine(); // reset the template engine to the default in case the user's theme doesn't specify one - $theme_info_file = "view/theme/".current_theme()."/php/theme.php"; - if (file_exists($theme_info_file)){ - require_once($theme_info_file); - } - - if(! $can_view_profile) { - // permission denied - notice( t(' Sorry, you don\'t have the permission to view this profile. ') . EOL); - return; - } +// $theme_info_file = "view/theme/".current_theme()."/php/theme.php"; +// if (file_exists($theme_info_file)){ +// require_once($theme_info_file); +// } return; } @@ -739,7 +735,7 @@ logger('online: ' . $profile['online']); $block = true; } - if(($profile['hidewall'] || $block) && (! local_user()) && (! remote_user())) { + if(($profile['hidewall'] && (! local_user()) && (! remote_user())) || $block ) { $location = $pdesc = $gender = $marital = $homepage = $online = False; } @@ -751,7 +747,7 @@ logger('online: ' . $profile['online']); $channel_menu = false; $menu = get_pconfig($profile['uid'],'system','channel_menu'); - if($menu) { + if($menu && ! $block) { require_once('include/menu.php'); $m = menu_fetch($menu,$profile['uid'],$observer['xchan_hash']); if($m) diff --git a/include/widgets.php b/include/widgets.php index 82769d925..678fed833 100644 --- a/include/widgets.php +++ b/include/widgets.php @@ -304,6 +304,9 @@ function widget_archive($arr) { if(! feature_enabled($uid,'archives')) return ''; + if(! perm_is_allowed($uid,get_observer_hash(),'view_stream')) + return ''; + $wall = ((array_key_exists('wall', $arr)) ? intval($arr['wall']) : 0); $style = ((array_key_exists('style', $arr)) ? $arr['style'] : 'select'); @@ -338,6 +341,12 @@ function widget_fullprofile($arr) { function widget_categories($arr) { $a = get_app(); + + + if($a->profile['profile_uid'] && (! perm_is_allowed($a->profile['profile_uid'],get_observer_hash(),'view_stream'))) + return ''; + + $cat = ((x($_REQUEST,'cat')) ? htmlspecialchars($_REQUEST['cat'],ENT_COMPAT,'UTF-8') : ''); $srchurl = $a->query_string; $srchurl = rtrim(preg_replace('/cat\=[^\&].*?(\&|$)/is','',$srchurl),'&'); @@ -350,6 +359,9 @@ function widget_tagcloud_wall($arr) { $a = get_app(); if((! $a->profile['profile_uid']) || (! $a->profile['channel_hash'])) return ''; + if(! perm_is_allowed($a->profile['profile_uid'],get_observer_hash(),'view_stream')) + return ''; + $limit = ((array_key_exists('limit',$arr)) ? intval($arr['limit']) : 50); if(feature_enabled($a->profile['profile_uid'],'tagadelic')) return tagblock('search',$a->profile['profile_uid'],$limit,$a->profile['channel_hash'],ITEM_WALL); diff --git a/mod/profile.php b/mod/profile.php index fca7c8f9f..792bf34c5 100644 --- a/mod/profile.php +++ b/mod/profile.php @@ -61,7 +61,7 @@ function profile_content(&$a, $update = 0) { $o = ''; if(! (perm_is_allowed($a->profile['profile_uid'],get_observer_hash(), 'view_profile'))) { - notice( t('Access to this profile has been restricted.') . EOL); + notice( t('Permission denied.') . EOL); return; } @@ -69,11 +69,10 @@ function profile_content(&$a, $update = 0) { $is_owner = ((local_user()) && (local_user() == $a->profile['profile_uid']) ? true : false); if($a->profile['hidewall'] && (! $is_owner) && (! remote_user())) { - notice( t('Access to this profile has been restricted.') . EOL); + notice( t('Permission denied.') . EOL); return; } - $o .= profile_tabs($a, $is_owner, $a->profile['channel_address']); |