aboutsummaryrefslogtreecommitdiffstats
path: root/mod
diff options
context:
space:
mode:
Diffstat (limited to 'mod')
-rw-r--r--mod/network.php52
1 files changed, 26 insertions, 26 deletions
diff --git a/mod/network.php b/mod/network.php
index a0b1d0985..ca55d9e23 100644
--- a/mod/network.php
+++ b/mod/network.php
@@ -433,11 +433,11 @@ function network_content(&$a, $update = 0, $load = false) {
$sql_extra = " AND `item`.`parent` IN ( SELECT `parent` FROM `item` WHERE (item_flags & " . intval(ITEM_THREAD_TOP) . ") $sql_options ) ";
if($group) {
- $r = q("SELECT `name`, `id` FROM `group` WHERE `id` = %d AND `uid` = %d LIMIT 1",
- intval($group),
- intval($_SESSION['uid'])
- );
- if(! count($r)) {
+ $r = q("SELECT * FROM `group` WHERE id = %d AND uid = %d LIMIT 1",
+ intval($group),
+ intval(local_user())
+ );
+ if(! $r) {
if($update)
killme();
notice( t('No such group') . EOL );
@@ -445,33 +445,33 @@ function network_content(&$a, $update = 0, $load = false) {
// NOTREACHED
}
- $contacts = expand_groups(array($group));
- if((is_array($contacts)) && count($contacts)) {
- $contact_str = implode(',',$contacts);
- }
- else {
- $contact_str = ' 0 ';
- info( t('Group is empty'));
- }
+ $contacts = expand_groups(array($arr['group']));
+ if((is_array($contacts)) && count($contacts)) {
+ $contact_str = implode(',',$contacts);
+ }
+ else {
+ $contact_str = ' 0 ';
+ info( t('Group is empty'));
+ }
+
+ $sql_extra = " AND item.parent IN ( SELECT DISTINCT parent FROM item WHERE true $sql_options AND ( author_xchan IN ( $contact_str ) OR owner_xchan in ( $contact_str) or allow_gid like '" . protect_sprintf('%<' . dbesc($r[0]['hash']) . '>%') . "' ) and item_restrict = 0 ) ";
+
+ }
- $sql_extra = " AND `item`.`parent` IN ( SELECT DISTINCT(`parent`) FROM `item` WHERE 1 $sql_options AND ( `contact-id` IN ( $contact_str ) OR `allow_gid` like '" . protect_sprintf('%<' . intval($group) . '>%') . "' ) and deleted = 0 ) ";
- $o = '<h2>' . t('Group: ') . $r[0]['name'] . '</h2>' . $o;
- }
elseif($cid) {
- $r = q("SELECT `id`,`name`,`network`,`writable`,`nurl` FROM `contact` WHERE `id` = %d
- AND `blocked` = 0 AND `pending` = 0 LIMIT 1",
- intval($cid)
- );
- if(count($r)) {
- $sql_extra = " AND `item`.`parent` IN ( SELECT DISTINCT(`parent`) FROM `item` WHERE 1 $sql_options AND `contact-id` = " . intval($cid) . " and deleted = 0 ) ";
+ $r = q("SELECT * from abook where abook_id = %d and abook_channel = %d and not ( abook_flags & " . intval(ABOOK_FLAG_BLOCKED) . ") limit 1",
+ intval($cid),
+ intval(local_user())
+ );
+ if($r) {
+ $sql_extra = " AND item.parent IN ( SELECT DISTINCT parent FROM item WHERE true $sql_options AND uid = " . intval(local_user()) . " AND ( author_xchan = " . dbesc($r[0]['abook_xchan']) . " or owner_xchan = " . dbesc($r[0]['abook_xchan']) . " ) and item_restrict = 0 ) ";
$o = '<h2>' . t('Contact: ') . $r[0]['name'] . '</h2>' . $o;
- }
- else {
+ }
+ else {
notice( t('Invalid contact.') . EOL);
goaway($a->get_baseurl(true) . '/network');
- // NOTREACHED
- }
+ }
}