From 846a9813b23911ae2a87d87fb6fd9f188ed84dc0 Mon Sep 17 00:00:00 2001
From: friendica <info@friendica.com>
Date: Mon, 1 Oct 2012 18:02:11 -0700
Subject: here's where the heavy lifting begins - everything is likely to be
 broken for quite some time as we add location and db independence to items
 and conversations and work through the rest of the permissions and how to
 federate the buggers.

---
 include/security.php | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

(limited to 'include/security.php')

diff --git a/include/security.php b/include/security.php
index f5e829e47..e221ad59b 100644
--- a/include/security.php
+++ b/include/security.php
@@ -274,7 +274,7 @@ function permissions_sql($owner_id,$remote_verified = false,$groups = null) {
 					$gs .= '|<' . intval($g) . '>';
 			} 
 
-			$sql = sprintf(
+			/*$sql = sprintf(
 				" AND ( allow_cid = '' OR allow_cid REGEXP '<%d>' ) 
 				  AND ( deny_cid  = '' OR  NOT deny_cid REGEXP '<%d>' ) 
 				  AND ( allow_gid = '' OR allow_gid REGEXP '%s' )
@@ -284,6 +284,16 @@ function permissions_sql($owner_id,$remote_verified = false,$groups = null) {
 				intval($remote_user),
 				dbesc($gs),
 				dbesc($gs)
+			);*/
+			$sql = sprintf(
+				" AND ( NOT (deny_cid REGEXP '<%d>' OR deny_gid REGEXP '%s')
+				  AND ( allow_cid REGEXP '<%d>' OR allow_gid REGEXP '%s' OR ( allow_cid = '' AND allow_gid = '') )
+				  )
+				",
+				intval($remote_user),
+				dbesc($gs),
+				intval($remote_user),
+				dbesc($gs)
 			);
 		}
 	}
-- 
cgit v1.2.3