aboutsummaryrefslogtreecommitdiffstats
path: root/include/security.php
diff options
context:
space:
mode:
Diffstat (limited to 'include/security.php')
-rw-r--r--include/security.php12
1 files changed, 11 insertions, 1 deletions
diff --git a/include/security.php b/include/security.php
index f5e829e47..e221ad59b 100644
--- a/include/security.php
+++ b/include/security.php
@@ -274,7 +274,7 @@ function permissions_sql($owner_id,$remote_verified = false,$groups = null) {
$gs .= '|<' . intval($g) . '>';
}
- $sql = sprintf(
+ /*$sql = sprintf(
" AND ( allow_cid = '' OR allow_cid REGEXP '<%d>' )
AND ( deny_cid = '' OR NOT deny_cid REGEXP '<%d>' )
AND ( allow_gid = '' OR allow_gid REGEXP '%s' )
@@ -284,6 +284,16 @@ function permissions_sql($owner_id,$remote_verified = false,$groups = null) {
intval($remote_user),
dbesc($gs),
dbesc($gs)
+ );*/
+ $sql = sprintf(
+ " AND ( NOT (deny_cid REGEXP '<%d>' OR deny_gid REGEXP '%s')
+ AND ( allow_cid REGEXP '<%d>' OR allow_gid REGEXP '%s' OR ( allow_cid = '' AND allow_gid = '') )
+ )
+ ",
+ intval($remote_user),
+ dbesc($gs),
+ intval($remote_user),
+ dbesc($gs)
);
}
}