aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rwxr-xr-xinclude/items.php2
-rw-r--r--mod/item.php15
2 files changed, 11 insertions, 6 deletions
diff --git a/include/items.php b/include/items.php
index ea6a7fcb9..7a94336be 100755
--- a/include/items.php
+++ b/include/items.php
@@ -1971,8 +1971,6 @@ function item_store($arr,$allow_exec = false) {
function item_store_update($arr,$allow_exec = false) {
-
-
$d = array('item' => $arr, 'allow_exec' => $allow_exec);
call_hooks('item_store_update', $d );
$arr = $d['item'];
diff --git a/mod/item.php b/mod/item.php
index be59bd4c7..d1952c60e 100644
--- a/mod/item.php
+++ b/mod/item.php
@@ -259,11 +259,17 @@ function item_post(&$a) {
}
+
+
if($orig_post) {
- $str_group_allow = $orig_post['allow_gid'];
- $str_contact_allow = $orig_post['allow_cid'];
- $str_group_deny = $orig_post['deny_gid'];
- $str_contact_deny = $orig_post['deny_cid'];
+ $str_group_allow = ((array_key_exists('group_allow',$_REQUEST))
+ ? perms2str($_REQUEST['group_allow']) : $orig_post['allow_gid']);
+ $str_contact_allow = ((array_key_exists('contact_allow',$_REQUEST))
+ ? perms2str($_REQUEST['contact_allow']) : $orig_post['allow_cid']);
+ $str_group_deny = ((array_key_exists('group_deny',$_REQUEST))
+ ? perms2str($_REQUEST['group_deny']) : $orig_post['deny_gid']);
+ $str_contact_deny = ((array_key_exists('contact_deny',$_REQUEST))
+ ? perms2str($_REQUEST['contact_deny']) : $orig_post['deny_cid']);
$location = $orig_post['location'];
$coord = $orig_post['coord'];
$verb = $orig_post['verb'];
@@ -305,6 +311,7 @@ function item_post(&$a) {
$str_contact_deny = perms2str($_REQUEST['contact_deny']);
}
+
$location = notags(trim($_REQUEST['location']));
$coord = notags(trim($_REQUEST['coord']));
$verb = notags(trim($_REQUEST['verb']));