From b67c8ec8b99f5a552c08afaedf022b088e55ef47 Mon Sep 17 00:00:00 2001
From: friendica <info@friendica.com>
Date: Sat, 14 Jun 2014 16:35:38 -0700
Subject: webpage permissions weirdness

---
 mod/item.php | 23 ++++++++++++++---------
 1 file changed, 14 insertions(+), 9 deletions(-)

(limited to 'mod/item.php')

diff --git a/mod/item.php b/mod/item.php
index 68582e580..7b105ee65 100644
--- a/mod/item.php
+++ b/mod/item.php
@@ -46,7 +46,7 @@ function item_post(&$a) {
 
 	call_hooks('post_local_start', $_REQUEST);
 
-//	 logger('postvars ' . print_r($_REQUEST,true), LOGGER_DATA);
+	 logger('postvars ' . print_r($_REQUEST,true), LOGGER_DATA);
 
 	$api_source = ((x($_REQUEST,'api_source') && $_REQUEST['api_source']) ? true : false);
 
@@ -262,14 +262,19 @@ function item_post(&$a) {
 
 
 	if($orig_post) {
-		$str_group_allow   = ((array_key_exists('group_allow',$_REQUEST)) 
-			? perms2str($_REQUEST['group_allow']) : $orig_post['allow_gid']);
-		$str_contact_allow = ((array_key_exists('contact_allow',$_REQUEST)) 
-			? perms2str($_REQUEST['contact_allow']) : $orig_post['allow_cid']);
-		$str_group_deny    = ((array_key_exists('group_deny',$_REQUEST)) 
-			? perms2str($_REQUEST['group_deny']) : $orig_post['deny_gid']);
-		$str_contact_deny  = ((array_key_exists('contact_deny',$_REQUEST)) 
-			? perms2str($_REQUEST['contact_deny']) : $orig_post['deny_cid']);
+		// webpages are allowed to change ACLs after the fact. Normal conversation items aren't. 
+		if($webpage) {
+			$str_group_allow   = perms2str($_REQUEST['group_allow']); 
+			$str_contact_allow = perms2str($_REQUEST['contact_allow']);
+			$str_group_deny    = perms2str($_REQUEST['group_deny']);
+			$str_contact_deny  = perms2str($_REQUEST['contact_deny']);
+		}
+		else {
+			$str_group_allow   = $orig_post['allow_gid'];
+			$str_contact_allow = $orig_post['allow_cid'];
+			$str_group_deny    = $orig_post['deny_gid'];
+			$str_contact_deny  = $orig_post['deny_cid'];
+		}
 		$location          = $orig_post['location'];
 		$coord             = $orig_post['coord'];
 		$verb              = $orig_post['verb'];
-- 
cgit v1.2.3