aboutsummaryrefslogtreecommitdiffstats
path: root/include/security.php
diff options
context:
space:
mode:
Diffstat (limited to 'include/security.php')
-rw-r--r--include/security.php26
1 files changed, 14 insertions, 12 deletions
diff --git a/include/security.php b/include/security.php
index 2fd4f46e3..f37603916 100644
--- a/include/security.php
+++ b/include/security.php
@@ -10,19 +10,21 @@ function can_write_wall(&$a,$owner) {
return true;
}
- $r = q("SELECT `contact`.*, `user`.`page-flags` FROM `contact` LEFT JOIN `user` on `user`.`uid` = `contact`.`uid`
- WHERE `contact`.`uid` = %d AND `contact`.`id` = %d AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
- AND `readonly` = 0 AND ( `contact`.`rel` IN ( %d , %d ) OR `user`.`page-flags` = %d OR (`contact`.`network` = 'stat' AND `contact`.rel` = %d)) LIMIT 1",
- intval($owner),
- intval($_SESSION['visitor_id']),
- intval(REL_VIP),
- intval(REL_BUD),
- intval(PAGE_COMMUNITY),
- intval(REL_FAN)
- );
+ if(remote_user()) {
+ $r = q("SELECT `contact`.*, `user`.`page-flags` FROM `contact` LEFT JOIN `user` on `user`.`uid` = `contact`.`uid`
+ WHERE `contact`.`uid` = %d AND `contact`.`id` = %d AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
+ AND `readonly` = 0 AND ( `contact`.`rel` IN ( %d , %d ) OR `user`.`page-flags` = %d ) LIMIT 1",
+ intval($owner),
+ intval(remote_user()),
+ intval(REL_VIP),
+ intval(REL_BUD),
+ intval(PAGE_COMMUNITY)
+ );
+ }
+ if(count($r))
+ return true;
- if(count($r))
- return true;
+
return false;
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-03 13:29:43 +0000