1 files changed, 20 insertions, 18 deletions

diff --git a/mod/viewsrc.php b/mod/viewsrc.php
index bc7f771d6..d728f96f5 100644
--- a/mod/viewsrc.php
+++ b/mod/viewsrc.php
@@ -3,34 +3,36 @@
 
 function viewsrc_content(&$a) {
 
+	$o = '';
+
+	$item_id = ((argc() > 1) ? intval(argv(1)) : 0);
+	$raw_output = ((argc() > 2 && argv[2] === 'raw') ? true : false);
+
 	if(! local_user()) {
-		notice( t('Access denied.') . EOL);
-		return;
+		notice( t('Permission denied.') . EOL);
 	}
 
-	$item_id = ((argc() > 1) ? intval(argv(1)) : 0);
 
 	if(! $item_id) {
 		$a->error = 404;
 		notice( t('Item not found.') . EOL);
-		return;
 	}
 
-	$r = q("SELECT `item`.`body` FROM `item` 
-		WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0
-		and `item`.`moderated` = 0
-		AND `item`.`id` = %d LIMIT 1",
-		intval(local_user()),
-		intval($item_id)
-	);
-
-	if(count($r)) {
-		$o = str_replace("\n",'<br />',$r[0]['body']);
-		if(is_ajax()) {
-			echo $o;
-			killme();
-		} 
+	if(local_user() && $item_id) {
+		$r = q("select body from item where item_restrict = 0 and uid = %d and id = %d limit 1",
+			intval(local_user()),
+			intval($item_id)
+		);
+
+		if($r)
+			$o = (($raw_output) ? $r[0]['body'] : str_replace("\n",'<br />',$r[0]['body']));
 	}
+
+	if(is_ajax()) {
+		echo $o;
+		killme();
+	} 
+
 	return $o;
 }