aboutsummaryrefslogtreecommitdiffstats
path: root/include/security.php
diff options
context:
space:
mode:
Diffstat (limited to 'include/security.php')
-rw-r--r--include/security.php4
1 files changed, 2 insertions, 2 deletions
diff --git a/include/security.php b/include/security.php
index 7cc93fc06..380505a79 100644
--- a/include/security.php
+++ b/include/security.php
@@ -256,7 +256,7 @@ function item_permissions_sql($owner_id, $remote_observer = null) {
$regexop = db_getfunc('REGEXP');
$sql = sprintf(
" AND ( NOT (deny_cid like '%s' OR deny_gid $regexop '%s')
- AND ( allow_cid like '%s' OR allow_gid $regexop '%s' OR ( allow_cid = '' AND allow_gid = '') )
+ AND ( allow_cid like '%s' OR allow_gid $regexop '%s' OR ( allow_cid = '' AND allow_gid = '' AND item_private = 0 ) )
)
",
dbesc(protect_sprintf( '%<' . $observer . '>%')),
@@ -291,7 +291,7 @@ function public_permissions_sql($observer_hash) {
$regexop = db_getfunc('REGEXP');
$sql = sprintf(
" OR (( NOT (deny_cid like '%s' OR deny_gid $regexop '%s')
- AND ( allow_cid like '%s' OR allow_gid $regexop '%s' OR ( allow_cid = '' AND allow_gid = '') )
+ AND ( allow_cid like '%s' OR allow_gid $regexop '%s' OR ( allow_cid = '' AND allow_gid = '' AND item_private = 0 ) )
))
",
dbesc(protect_sprintf( '%<' . $observer_hash . '>%')),
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-15 15:37:46 +0000