From 4e97fb0e587eed6875b1d3a2615b0997a7f13c63 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Sun, 10 Mar 2019 22:32:37 -0700 Subject: testing init_groups_visitor changes - also add virtual groups for both zot identities --- include/security.php | 24 +++++++++++------------- 1 file changed, 11 insertions(+), 13 deletions(-) diff --git a/include/security.php b/include/security.php index 4af46c257..44cd605dc 100644 --- a/include/security.php +++ b/include/security.php @@ -564,17 +564,6 @@ function check_form_security_token_ForbiddenOnErr($typename = '', $formname = 'f function init_groups_visitor($contact_id) { $groups = []; - // private profiles are treated as a virtual group - - $r = q("SELECT abook_profile from abook where abook_xchan = '%s' and abook_profile != '' ", - dbesc($contact_id) - ); - if($r) { - foreach($r as $rv) { - $groups[] = 'vp.' . $rv['abook_profile']; - } - } - $x = q("select * from xchan where xchan_hash = '%s'", dbesc($contact_id) ); @@ -594,10 +583,19 @@ function init_groups_visitor($contact_id) { if($xchans) { $hashes = ids_to_querystr($xchans,'xchan_hash',true); } - + + // private profiles are treated as a virtual group + + $r = q("SELECT abook_profile from abook where abook_xchan in ( " . protect_sprintf($hashes) . " ) and abook_profile != '' "); + if($r) { + foreach($r as $rv) { + $groups[] = 'vp.' . $rv['abook_profile']; + } + } + // physical groups this identity is a member of - $r = q("SELECT hash FROM pgrp left join pgrp_member on pgrp.id = pgrp_member.gid WHERE xchan in ( " . protect_sprintf($hashes) . " ) " ); + $r = q("SELECT hash FROM pgrp left join pgrp_member on pgrp.id = pgrp_member.gid WHERE xchan in ( " . protect_sprintf($hashes) . " ) "); if($r) { foreach($r as $rr) $groups[] = $rr['hash']; -- cgit v1.2.3