- $self = q("SELECT `id` FROM `contact` WHERE `uid` = %d AND `self`", intval($_SESSION['uid']));
- if (count($self))
- $contact_str_self = ",".$self[0]["id"];
- }
- else {
- $contact_str = ' 0 ';
+ $gcontact_str = implode(',',$gcontacts);
+ $self = q("SELECT `contact`.`id`, `gcontact`.`id` AS `gid` FROM `contact`
+ INNER JOIN `gcontact` ON `gcontact`.`nurl` = `contact`.`nurl`
+ WHERE `uid` = %d AND `self`", intval($_SESSION['uid']));
+ if (count($self)) {
+ $contact_str_self = $self[0]["id"];
+ $gcontact_str_self = $self[0]["gid"];
+ }
+
+ $sql_post_table = " INNER JOIN `item` AS `temp1` ON `temp1`.`id` = ".$sql_table.".".$sql_parent;
+ $sql_extra3 .= " AND ($sql_table.`contact-id` IN ($contact_str) ";
+ $sql_extra3 .= " OR ($sql_table.`contact-id` = '$contact_str_self' AND `temp1`.`allow_gid` LIKE '".protect_sprintf('%<'.intval($group).'>%')."' AND `temp1`.`private`))";
+ } else {
+ $sql_extra3 .= " AND false ";