From 1c07880c0178bbda875bbe2cda5d19ae7fb5e1c4 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Wed, 28 Feb 2018 18:01:51 -0800 Subject: important bugfix: if logged in locally and mod_display returns nothing owned by your uid, retry with known public uids rather than issue 'permission denied'. Affects the ability to view search results for otherwise public posts 'in context'. --- Zotlabs/Module/Display.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'Zotlabs/Module/Display.php') diff --git a/Zotlabs/Module/Display.php b/Zotlabs/Module/Display.php index 11dd0d174..8e8a1ed24 100644 --- a/Zotlabs/Module/Display.php +++ b/Zotlabs/Module/Display.php @@ -215,6 +215,7 @@ class Display extends \Zotlabs\Web\Controller { $pager_sql = sprintf(" LIMIT %d OFFSET %d ", intval(\App::$pager['itemspage']),intval(\App::$pager['start'])); if($load || ($checkjs->disabled()) || ($module_format !== 'html')) { + $r = null; require_once('include/channel.php'); @@ -235,7 +236,7 @@ class Display extends \Zotlabs\Web\Controller { } } - if($r === null) { + if(! $r) { // in case somebody turned off public access to sys channel content using permissions // make that content unsearchable by ensuring the owner uid can't match @@ -281,7 +282,7 @@ class Display extends \Zotlabs\Web\Controller { } } - if($r === null) { + if(! $r) { // in case somebody turned off public access to sys channel content using permissions // make that content unsearchable by ensuring the owner_xchan can't match if(! perm_is_allowed($sysid,$observer_hash,'view_stream')) -- cgit v1.2.3