X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;ds=sidebyside;f=mod%2Fdisplay.php;h=281ce1dd414140d5d4cb3402df8c30d6f4b912ca;hb=a9ec56ace1756726517650d96192df5320f445fe;hp=da4566dc4a4c5f549c47e1a56ddbb42638a8d61f;hpb=85f709320b588f3231875d097217bd9abd223c9f;p=friendica.git diff --git a/mod/display.php b/mod/display.php index da4566dc4a..281ce1dd41 100644 --- a/mod/display.php +++ b/mod/display.php @@ -3,6 +3,16 @@ function display_content(&$a) { + if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) { + notice( t('Public access denied.') . EOL); + return; + } + + require_once("include/bbcode.php"); + require_once('include/security.php'); + require_once('include/conversation.php'); + + $o = '
' . "\r\n"; $nick = (($a->argc > 1) ? $a->argv[1] : ''); @@ -16,10 +26,6 @@ function display_content(&$a) { return; } - require_once("include/bbcode.php"); - require_once('include/security.php'); - - $groups = array(); $contact = null; @@ -51,42 +57,14 @@ function display_content(&$a) { if(count($r)) $a->page_contact = $r[0]; - $sql_extra = " - AND `allow_cid` = '' - AND `allow_gid` = '' - AND `deny_cid` = '' - AND `deny_gid` = '' - "; - - - // Profile owner - everything is visible + $is_owner = ((local_user()) && (local_user() == $a->profile['profile_uid']) ? true : false); - if(local_user() && (local_user() == $a->profile['uid'])) { - $sql_extra = ''; + if($a->profile['hidewall'] && (! $is_owner) && (! $remote_contact)) { + notice( t('Access to this profile has been restricted.') . EOL); + return; } - // authenticated visitor - here lie dragons - // If $remotecontact is true, we know that not only is this a remotely authenticated - // person, but that it is *our* contact, which is important in multi-user mode. - - elseif($remote_contact) { - $gs = '<<>>'; // should be impossible to match - if(count($groups)) { - foreach($groups as $g) - $gs .= '|<' . intval($g) . '>'; - } - $sql_extra = sprintf( - " AND ( `allow_cid` = '' OR `allow_cid` REGEXP '<%d>' ) - AND ( `deny_cid` = '' OR NOT `deny_cid` REGEXP '<%d>' ) - AND ( `allow_gid` = '' OR `allow_gid` REGEXP '%s' ) - AND ( `deny_gid` = '' OR NOT `deny_gid` REGEXP '%s') ", - - intval($_SESSION['visitor_id']), - intval($_SESSION['visitor_id']), - dbesc($gs), - dbesc($gs) - ); - } + $sql_extra = permissions_sql($a->profile['uid'],$remote_contact,$groups); $r = q("SELECT `item`.*, `item`.`id` AS `item_id`, `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`, @@ -113,7 +91,6 @@ function display_content(&$a) { ); } - require_once('include/conversation.php'); $o .= conversation($a,$r,'display', false); @@ -137,8 +114,6 @@ function display_content(&$a) { } - $o .= '
' . t('Shared content is covered by the Creative Commons Attribution 3.0 license.') . '
'; - return $o; }