diff options
Diffstat (limited to 'mod')
| -rw-r--r-- | mod/viewsrc.php | 38 |
1 files changed, 20 insertions, 18 deletions
diff --git a/mod/viewsrc.php b/mod/viewsrc.php index bc7f771d6..d728f96f5 100644 --- a/mod/viewsrc.php +++ b/mod/viewsrc.php @@ -3,34 +3,36 @@ function viewsrc_content(&$a) { + $o = ''; + + $item_id = ((argc() > 1) ? intval(argv(1)) : 0); + $raw_output = ((argc() > 2 && argv[2] === 'raw') ? true : false); + if(! local_user()) { - notice( t('Access denied.') . EOL); - return; + notice( t('Permission denied.') . EOL); } - $item_id = ((argc() > 1) ? intval(argv(1)) : 0); if(! $item_id) { $a->error = 404; notice( t('Item not found.') . EOL); - return; } - $r = q("SELECT `item`.`body` FROM `item` - WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0 - and `item`.`moderated` = 0 - AND `item`.`id` = %d LIMIT 1", - intval(local_user()), - intval($item_id) - ); - - if(count($r)) { - $o = str_replace("\n",'<br />',$r[0]['body']); - if(is_ajax()) { - echo $o; - killme(); - } + if(local_user() && $item_id) { + $r = q("select body from item where item_restrict = 0 and uid = %d and id = %d limit 1", + intval(local_user()), + intval($item_id) + ); + + if($r) + $o = (($raw_output) ? $r[0]['body'] : str_replace("\n",'<br />',$r[0]['body'])); } + + if(is_ajax()) { + echo $o; + killme(); + } + return $o; } |