diff options
-rw-r--r-- | include/security.php | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/include/security.php b/include/security.php index b9705a0e4..38cb72263 100644 --- a/include/security.php +++ b/include/security.php @@ -380,8 +380,8 @@ function permissions_sql($owner_id, $remote_observer = null, $table = '') { $regexop = db_getfunc('REGEXP'); $sql = sprintf( - " AND ( NOT ({$table}deny_cid regexop '%s' OR {$table}deny_gid $regexop '%s') - AND ( {$table}allow_cid regexop '%s' OR {$table}allow_gid $regexop '%s' OR ( {$table}allow_cid = '' AND {$table}allow_gid = '') ) + " AND ( NOT ({$table}deny_cid $regexop '%s' OR {$table}deny_gid $regexop '%s') + AND ( {$table}allow_cid $regexop '%s' OR {$table}allow_gid $regexop '%s' OR ( {$table}allow_cid = '' AND {$table}allow_gid = '') ) ) ", dbesc($cs), @@ -471,8 +471,8 @@ function item_permissions_sql($owner_id, $remote_observer = null) { $regexop = db_getfunc('REGEXP'); $sql = sprintf( - " AND (( NOT (deny_cid regexop '%s' OR deny_gid $regexop '%s') - AND ( allow_cid regexop '%s' OR allow_gid $regexop '%s' OR ( allow_cid = '' AND allow_gid = '' AND item_private = 0 )) + " AND (( NOT (deny_cid $regexop '%s' OR deny_gid $regexop '%s') + AND ( allow_cid $regexop '%s' OR allow_gid $regexop '%s' OR ( allow_cid = '' AND allow_gid = '' AND item_private = 0 )) ) OR ( item_private = 1 $scope )) ", dbesc($cs), @@ -552,8 +552,8 @@ function public_permissions_sql($observer_hash) { $regexop = db_getfunc('REGEXP'); $sql = sprintf( - " AND ( NOT (deny_cid regexop '%s' OR deny_gid $regexop '%s') - AND ( allow_cid regexop '%s' OR allow_gid $regexop '%s' OR ( allow_cid = '' AND allow_gid = '' AND item_private = 0) ) + " AND ( NOT (deny_cid $regexop '%s' OR deny_gid $regexop '%s') + AND ( allow_cid $regexop '%s' OR allow_gid $regexop '%s' OR ( allow_cid = '' AND allow_gid = '' AND item_private = 0) ) ) ", dbesc($cs), @@ -681,12 +681,12 @@ function get_security_ids($channel_id, $ob_hash) { ]; if($channel_id) { - $ch = q("select channel_hash, portable_id from channel where channel_id = %d", + $ch = q("select channel_hash, channel_portable_id from channel where channel_id = %d", intval($channel_id) ); if($ch) { $ret['channel_id'][] = $ch[0]['channel_hash']; - $ret['channel_id'][] = $ch[0]['portable_id']; + $ret['channel_id'][] = $ch[0]['channel_portable_id']; } } |