From 3ebb4a3dc7a369e7a716ab93d02b44b20522080f Mon Sep 17 00:00:00 2001
From: friendica <info@friendica.com>
Date: Sun, 9 Sep 2012 21:17:06 -0700
Subject: updates

---
 include/security.php | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

(limited to 'include/security.php')

diff --git a/include/security.php b/include/security.php
index 497166ec4..bc1e97059 100644
--- a/include/security.php
+++ b/include/security.php
@@ -181,12 +181,26 @@ function can_write_wall(&$a,$owner) {
 		elseif($verified === 1)
 			return false;
 		else {
+			$cid = 0;
+
+			if(is_array($_SESSION['remote'])) {
+				foreach($_SESSION['remote'] as $visitor) {
+					if($visitor['uid'] == $owner) {
+						$cid = $visitor['cid'];
+						break;
+					}
+				}
+			}
+
+			if(! $cid)
+				return false;
+
 
 			$r = q("SELECT `contact`.*, `user`.`page-flags` FROM `contact` LEFT JOIN `user` on `user`.`uid` = `contact`.`uid` 
 				WHERE `contact`.`uid` = %d AND `contact`.`id` = %d AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 
 				AND `user`.`blockwall` = 0 AND `readonly` = 0  AND ( `contact`.`rel` IN ( %d , %d ) OR `user`.`page-flags` = %d ) LIMIT 1",
 				intval($owner),
-				intval(remote_user()),
+				intval($cid),
 				intval(CONTACT_IS_SHARING),
 				intval(CONTACT_IS_FRIEND),
 				intval(PAGE_COMMUNITY)
-- 
cgit v1.2.3