aboutsummaryrefslogtreecommitdiffstats
path: root/mod
diff options
context:
space:
mode:
Diffstat (limited to 'mod')
-rw-r--r--mod/acl.php2
-rw-r--r--mod/connections.php12
-rw-r--r--mod/profile.php5
-rw-r--r--mod/profile_photo.php28
-rw-r--r--mod/profperm.php16
-rw-r--r--mod/viewconnections.php14
6 files changed, 42 insertions, 35 deletions
diff --git a/mod/acl.php b/mod/acl.php
index 3b737d36e..0f997c8b8 100644
--- a/mod/acl.php
+++ b/mod/acl.php
@@ -206,7 +206,7 @@ function acl_init(&$a){
if(count($r)) {
foreach($r as $g){
- if($g['abook_their_perms'] & PERMS_W_TAGWALL) {
+ if(($g['abook_their_perms'] & PERMS_W_TAGWALL) && $type == 'c') {
$contacts[] = array(
"type" => "c",
"photo" => "images/twopeople.png",
diff --git a/mod/connections.php b/mod/connections.php
index a453203ab..e95f72b49 100644
--- a/mod/connections.php
+++ b/mod/connections.php
@@ -213,12 +213,10 @@ function connections_content(&$a) {
nav_set_selected('intros');
break;
case 'ifpending':
- $r = q("SELECT COUNT(abook.abook_id) AS total FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash where abook_channel = %d and not (abook_flags & %d) and not (xchan_flags & %d ) and (abook_flags & %d) and not (abook_flags & %d)",
+ $r = q("SELECT COUNT(abook.abook_id) AS total FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash where abook_channel = %d and not (abook_flags & %d) and not (xchan_flags & %d )",
intval(local_user()),
- intval(ABOOK_FLAG_SELF),
- intval(XCHAN_FLAGS_DELETED),
- intval(ABOOK_FLAG_PENDING),
- intval(ABOOK_FLAG_IGNORED)
+ intval(ABOOK_FLAG_SELF|ABOOK_FLAG_PENDING|ABOOK_FLAG_IGNORED),
+ intval(XCHAN_FLAGS_DELETED|XCHAN_FLAGS_ORPHAN)
);
if($r && $r[0]['total']) {
$search_flags = ABOOK_FLAG_PENDING;
@@ -342,7 +340,7 @@ function connections_content(&$a) {
where abook_channel = %d and not (abook_flags & %d) and not (xchan_flags & %d ) $sql_extra $sql_extra2 ",
intval(local_user()),
intval(ABOOK_FLAG_SELF),
- intval(XCHAN_FLAGS_DELETED)
+ intval(XCHAN_FLAGS_DELETED|XCHAN_FLAGS_ORPHAN)
);
if($r) {
$a->set_pager_total($r[0]['total']);
@@ -353,7 +351,7 @@ function connections_content(&$a) {
WHERE abook_channel = %d and not (abook_flags & %d) and not ( xchan_flags & %d) $sql_extra $sql_extra2 ORDER BY xchan_name LIMIT %d , %d ",
intval(local_user()),
intval(ABOOK_FLAG_SELF),
- intval(XCHAN_FLAGS_DELETED),
+ intval(XCHAN_FLAGS_DELETED|XCHAN_FLAGS_ORPHAN),
intval($a->pager['start']),
intval($a->pager['itemspage'])
);
diff --git a/mod/profile.php b/mod/profile.php
index fca7c8f9f..792bf34c5 100644
--- a/mod/profile.php
+++ b/mod/profile.php
@@ -61,7 +61,7 @@ function profile_content(&$a, $update = 0) {
$o = '';
if(! (perm_is_allowed($a->profile['profile_uid'],get_observer_hash(), 'view_profile'))) {
- notice( t('Access to this profile has been restricted.') . EOL);
+ notice( t('Permission denied.') . EOL);
return;
}
@@ -69,11 +69,10 @@ function profile_content(&$a, $update = 0) {
$is_owner = ((local_user()) && (local_user() == $a->profile['profile_uid']) ? true : false);
if($a->profile['hidewall'] && (! $is_owner) && (! remote_user())) {
- notice( t('Access to this profile has been restricted.') . EOL);
+ notice( t('Permission denied.') . EOL);
return;
}
-
$o .= profile_tabs($a, $is_owner, $a->profile['channel_address']);
diff --git a/mod/profile_photo.php b/mod/profile_photo.php
index 2cf7a8abf..ef0a31673 100644
--- a/mod/profile_photo.php
+++ b/mod/profile_photo.php
@@ -1,20 +1,30 @@
<?php
+/* @file profile_photo.php
+ @brief Module-file with functions for handling of profile-photos
+
+*/
+
require_once('include/photo/photo_driver.php');
+/* @brief Function for sync'ing permissions of profile-photos and their profile
+*
+* @param $profileid The id number of the profile to sync
+* @return void
+*/
+
function profile_photo_set_profile_perms($profileid) {
$allowcid = '';
- $r = q("SELECT photo, profile_guid, id FROM profile WHERE profile.id = %d LIMIT 1", intval($profileid));
- $profile = $r[0];
-
- if(x($profile['photo'])) {
- preg_match("@\w*(?=-\d*$)@i", $profile['photo'], $resource_id);
- $resource_id = $resource_id[0];
+ if (x($profileid)) {
- if(x($profileid)) {
+ $r = q("SELECT photo, profile_guid, id, is_default FROM profile WHERE profile.id = %d LIMIT 1", intval($profileid));
+ $profile = $r[0];
+ if(x($profile['id']) && x($profile['photo']) && intval($profile['is_default']) != 1) { //Only set perms when query suceeded and when we are not on the default profile
+ preg_match("@\w*(?=-\d*$)@i", $profile['photo'], $resource_id);
+ $resource_id = $resource_id[0];
- $r1 = q("SELECT abook.abook_xchan FROM abook WHERE abook_profile = %d ", intval($profile['id']));
+ $r1 = q("SELECT abook.abook_xchan FROM abook WHERE abook_profile = %d ", intval($profile['id'])); //Should not be needed in future. Catches old int-profile-ids.
$r2 = q("SELECT abook.abook_xchan FROM abook WHERE abook_profile = '%s'", dbesc($profile['profile_guid']));
foreach ($r1 as $entry) {
$allowcid .= "<" . $entry['abook_xchan'] . ">";
@@ -23,7 +33,7 @@ function profile_photo_set_profile_perms($profileid) {
$allowcid .= "<" . $entry['abook_xchan'] . ">";
}
if(x($allowcid)) {
- q("UPDATE `photo` SET allow_cid = '%s' WHERE resource_id = '%s'",dbesc($allowcid),dbesc($resource_id));
+ q("UPDATE `photo` SET allow_cid = '%s' WHERE resource_id = '%s' AND uid = %d",dbesc($allowcid),dbesc($resource_id),intval($profile['id']));
}
}
}
diff --git a/mod/profperm.php b/mod/profperm.php
index 4a52447b8..a91523805 100644
--- a/mod/profperm.php
+++ b/mod/profperm.php
@@ -61,9 +61,9 @@ function profperm_content(&$a) {
$profile = $r[0];
- $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d AND abook_profile = %d",
+ $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d AND abook_profile = '%s'",
intval(local_user()),
- intval(argv(1))
+ dbesc($profile['profile_guid'])
);
$ingroup = array();
@@ -75,27 +75,29 @@ function profperm_content(&$a) {
if($change) {
if(in_array($change,$ingroup)) {
- q("UPDATE abook SET abook_profile = 0 WHERE abook_id = %d AND abook_channel = %d LIMIT 1",
+ q("UPDATE abook SET abook_profile = '' WHERE abook_id = %d AND abook_channel = %d LIMIT 1",
intval($change),
intval(local_user())
);
}
else {
- q("UPDATE abook SET abook_profile = %d WHERE abook_id = %d AND abook_channel = %d LIMIT 1",
- intval(argv(1)),
+ q("UPDATE abook SET abook_profile = '%s' WHERE abook_id = %d AND abook_channel = %d LIMIT 1",
+ dbesc($profile['profile_guid']),
intval($change),
intval(local_user())
);
}
+
//Time to update the permissions on the profile-pictures as well
require_once('mod/profile_photo.php');
profile_photo_set_profile_perms($profile['id']);
- $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d AND abook_profile = %d",
+ $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash WHERE abook_channel = %d AND abook_profile = '%s'",
+
intval(local_user()),
- intval(argv(1))
+ dbesc($profile['profile_guid'])
);
$members = $r;
diff --git a/mod/viewconnections.php b/mod/viewconnections.php
index a9fb967f7..f5e7ab213 100644
--- a/mod/viewconnections.php
+++ b/mod/viewconnections.php
@@ -29,21 +29,19 @@ function viewconnections_content(&$a) {
}
- $r = q("SELECT count(*) as total FROM abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d and abook_flags = 0 and not ( xchan_flags & %d ) and not ( xchan_flags & %d ) and not ( xchan_flags & %d ) ",
+ $r = q("SELECT count(*) as total FROM abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d and not (abook_flags & %d ) and not ( xchan_flags & %d ) ",
intval($a->profile['uid']),
- intval(XCHAN_FLAGS_HIDDEN),
- intval(XCHAN_FLAGS_ORPHAN),
- intval(XCHAN_FLAGS_DELETED)
+ intval(ABOOK_FLAG_HIDDEN|ABOOK_FLAG_PENDING|ABOOK_FLAG_SELF),
+ intval(XCHAN_FLAGS_HIDDEN|XCHAN_FLAGS_ORPHAN|XCHAN_FLAGS_DELETED)
);
if($r) {
$a->set_pager_total($r[0]['total']);
}
- $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d and abook_flags = 0 and not ( xchan_flags & %d ) and not ( xchan_flags & %d ) and not ( xchan_flags & %d ) order by xchan_name LIMIT %d , %d ",
+ $r = q("SELECT * FROM abook left join xchan on abook_xchan = xchan_hash where abook_channel = %d and not ( abook_flags & %d ) and not ( xchan_flags & %d ) order by xchan_name LIMIT %d , %d ",
intval($a->profile['uid']),
- intval(XCHAN_FLAGS_HIDDEN),
- intval(XCHAN_FLAGS_ORPHAN),
- intval(XCHAN_FLAGS_DELETED),
+ intval(ABOOK_FLAG_HIDDEN|ABOOK_FLAG_PENDING|ABOOK_FLAG_SELF),
+ intval(XCHAN_FLAGS_HIDDEN|XCHAN_FLAGS_ORPHAN|XCHAN_FLAGS_DELETED),
intval($a->pager['start']),
intval($a->pager['itemspage'])
);