Merge pull request #9711 from MrPetovan/bug/fatal-errors

[friendica.git] / mod / events.php

diff --git a/mod/events.php b/mod/events.php
index 9706980afea741f63db3375688722658fc2ba372..d4a902c725bb5aefc6232660ffbf1d7e1f9c0bc6 100644 (file)
--- a/mod/events.php
+++ b/mod/events.php
@@ -163,27 +163,26 @@ function events_post(App $a)
 
 
        if ($share) {
-               $str_contact_allow = '';
-               $str_group_allow   = '';
-               $str_contact_deny  = '';
-               $str_group_deny    = '';
-
-               if (($_REQUEST['visibility'] ?? '') !== 'public') {
-                       $user = User::getById($uid, ['allow_cid', 'allow_gid', 'deny_cid', 'deny_gid']);
-                       if (!DBA::isResult($user)) {
-                               return;
-                       }
-
-                       $aclFormatter = DI::aclFormatter();
-                       $str_contact_allow = isset($_REQUEST['contact_allow']) ? $aclFormatter->toString($_REQUEST['contact_allow']) : $user['allow_cid'] ?? '';
-                       $str_group_allow   = isset($_REQUEST['group_allow'])   ? $aclFormatter->toString($_REQUEST['group_allow'])   : $user['allow_gid'] ?? '';
-                       $str_contact_deny  = isset($_REQUEST['contact_deny'])  ? $aclFormatter->toString($_REQUEST['contact_deny'])  : $user['deny_cid']  ?? '';
-                       $str_group_deny    = isset($_REQUEST['group_deny'])    ? $aclFormatter->toString($_REQUEST['group_deny'])    : $user['deny_gid']  ?? '';
+               $user = User::getById($uid, ['allow_cid', 'allow_gid', 'deny_cid', 'deny_gid']);
+               if (!DBA::isResult($user)) {
+                       return;
+               }
 
-                       // Since we know from the visibility parameter it should be private, we have to prevent the empty ACL case
-                       // that would make the item public. So we always append the author's contact id to the allowed contacts.
+               $aclFormatter = DI::aclFormatter();
+               $str_contact_allow = isset($_REQUEST['contact_allow']) ? $aclFormatter->toString($_REQUEST['contact_allow']) : $user['allow_cid'] ?? '';
+               $str_group_allow   = isset($_REQUEST['group_allow'])   ? $aclFormatter->toString($_REQUEST['group_allow'])   : $user['allow_gid'] ?? '';
+               $str_contact_deny  = isset($_REQUEST['contact_deny'])  ? $aclFormatter->toString($_REQUEST['contact_deny'])  : $user['deny_cid']  ?? '';
+               $str_group_deny    = isset($_REQUEST['group_deny'])    ? $aclFormatter->toString($_REQUEST['group_deny'])    : $user['deny_gid']  ?? '';
+
+               $visibility = $_REQUEST['visibility'] ?? '';
+               if ($visibility === 'public') {
+                       // The ACL selector introduced in version 2019.12 sends ACL input data even when the Public visibility is selected
+                       $str_contact_allow = $str_group_allow = $str_contact_deny = $str_group_deny = '';
+               } else if ($visibility === 'custom') {
+                       // Since we know from the visibility parameter the item should be private, we have to prevent the empty ACL
+                       // case that would make it public. So we always append the author's contact id to the allowed contacts.
                        // See https://github.com/friendica/friendica/issues/9672
-                       $str_contact_allow .= $aclFormatter->toString(\Friendica\Model\Contact::getPublicIdByUserId($uid));
+                       $str_contact_allow .= $aclFormatter->toString(Contact::getPublicIdByUserId($uid));
                }
        } else {
                $str_contact_allow = '<' . $self . '>';