From 15ae108832aa94fdc098703de183bbf61baba58a Mon Sep 17 00:00:00 2001 From: friendica Date: Fri, 20 Sep 2013 18:41:15 -0700 Subject: missing uid check on comanche_block to ensure we get the block with that name that we own --- include/comanche.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'include/comanche.php') diff --git a/include/comanche.php b/include/comanche.php index 56a16fd3b..eb0de96c7 100644 --- a/include/comanche.php +++ b/include/comanche.php @@ -86,7 +86,8 @@ function comanche_replace_region($match) { function comanche_block($name) { $o = ''; - $r = q("select * from item left join item_id on iid = item_id and item_id.uid = item.uid and service = 'BUILDBLOCK' and sid = '%s' limit 1", + $r = q("select * from item left join item_id on iid = item_id and item_id.uid = item.uid and item.uid = %d and service = 'BUILDBLOCK' and sid = '%s' limit 1", + intval($a->profile['profile_uid']), dbesc($name) ); if($r) { -- cgit v1.2.3