diff options
Diffstat (limited to 'mod/lockview.php')
-rw-r--r-- | mod/lockview.php | 50 |
1 files changed, 22 insertions, 28 deletions
diff --git a/mod/lockview.php b/mod/lockview.php index 0307103f8..01a6997ee 100644 --- a/mod/lockview.php +++ b/mod/lockview.php @@ -3,12 +3,12 @@ function lockview_content(&$a) { - $type = (($a->argc > 1) ? $a->argv[1] : 0); + $type = ((argc() > 1) ? argv(1) : 0); if (is_numeric($type)) { $item_id = intval($type); $type='item'; } else { - $item_id = (($a->argc > 2) ? intval($a->argv[2]) : 0); + $item_id = ((argc() > 2) ? intval(argv(2)) : 0); } if(! $item_id) @@ -17,20 +17,20 @@ function lockview_content(&$a) { if (!in_array($type, array('item','photo','event'))) killme(); - $r = q("SELECT * FROM `%s` WHERE `id` = %d LIMIT 1", + $r = q("SELECT * FROM %s WHERE id = %d LIMIT 1", dbesc($type), intval($item_id) ); - if(! count($r)) + if(! $r) killme(); + $item = $r[0]; + if($item['uid'] != local_user()) killme(); - - if(($item['private'] == 1) && (! strlen($item['allow_cid'])) && (! strlen($item['allow_gid'])) + if(($item['item_private'] == 1) && (! strlen($item['allow_cid'])) && (! strlen($item['allow_gid'])) && (! strlen($item['deny_cid'])) && (! strlen($item['deny_gid']))) { - echo t('Remote privacy information not available.') . '<br />'; killme(); } @@ -43,40 +43,34 @@ function lockview_content(&$a) { $o = t('Visible to:') . '<br />'; $l = array(); + stringify_array_elms($allowed_groups,true); + stringify_array_elms($allowed_users,true); + stringify_array_elms($deny_groups,true); + stringify_array_elms($deny_users,true); + if(count($allowed_groups)) { - $r = q("SELECT `name` FROM `group` WHERE `id` IN ( %s )", - dbesc(implode(', ', $allowed_groups)) - ); - if(count($r)) + $r = q("SELECT name FROM group WHERE hash IN ( " . implode(', ', $allowed_groups) . " )"); + if($r) foreach($r as $rr) $l[] = '<b>' . $rr['name'] . '</b>'; } if(count($allowed_users)) { - $r = q("SELECT `name` FROM `contact` WHERE `id` IN ( %s )", - dbesc(implode(', ',$allowed_users)) - ); - if(count($r)) + $r = q("SELECT xchan_name FROM xchan WHERE xchan_hash IN ( " . implode(', ',$allowed_users) . " )"); + if($r) foreach($r as $rr) - $l[] = $rr['name']; - + $l[] = $rr['xchan_name']; } - if(count($deny_groups)) { - $r = q("SELECT `name` FROM `group` WHERE `id` IN ( %s )", - dbesc(implode(', ', $deny_groups)) - ); - if(count($r)) + $r = q("SELECT name FROM group WHERE hash IN ( " . implode(', ', $deny_groups) . " )"); + if($r) foreach($r as $rr) $l[] = '<b><strike>' . $rr['name'] . '</strike></b>'; } if(count($deny_users)) { - $r = q("SELECT `name` FROM `contact` WHERE `id` IN ( %s )", - dbesc(implode(', ',$deny_users)) - ); - if(count($r)) + $r = q("SELECT xchan_name FROM xchan WHERE xchan_hash IN ( " . implode(', ', $deny_users) . " )"); + if($r) foreach($r as $rr) - $l[] = '<strike>' . $rr['name'] . '</strike>'; - + $l[] = '<strike>' . $rr['xchan_name'] . '</strike>'; } echo $o . implode(', ', $l); |