X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=include%2Fsecurity.php;h=6e722d673bb7b664b9eddb4bbafd1a8c99af0bc2;hb=b0df06dd726a9b287f3ea87e151dd6823a69cb75;hp=7c2e2d47c3f95bd35d5a393bcbce6d59fa2093b4;hpb=6b8585d48d67d109102e33a32311d76a45762667;p=friendica.git diff --git a/include/security.php b/include/security.php index 7c2e2d47c3..6e722d673b 100644 --- a/include/security.php +++ b/include/security.php @@ -36,7 +36,7 @@ function authenticate_success($user_record, $login_initial = false, $interactive $a->timezone = $a->user['timezone']; } - $master_record = $a->user; + $master_record = $a->user; if((x($_SESSION,'submanage')) && intval($_SESSION['submanage'])) { $r = q("select * from user where uid = %d limit 1", @@ -81,7 +81,7 @@ function authenticate_success($user_record, $login_initial = false, $interactive if($login_initial || $login_refresh) { $l = get_browser_language(); - q("UPDATE `user` SET `login_date` = '%s', `language` = '%s' WHERE `uid` = %d LIMIT 1", + q("UPDATE `user` SET `login_date` = '%s', `language` = '%s' WHERE `uid` = %d", dbesc(datetime_convert()), dbesc($l), intval($_SESSION['uid']) @@ -209,7 +209,7 @@ function permissions_sql($owner_id,$remote_verified = false,$groups = null) { } } if($remote_verified) { - + $gs = '<<>>'; // should be impossible to match if(is_array($groups) && count($groups)) { @@ -310,9 +310,9 @@ function item_permissions_sql($owner_id,$remote_verified = false,$groups = null) dbesc($gs), dbesc($gs) */ - " AND ( `item`.private = 0 OR ( `item`.private in (1,2) AND wall = 1 + " AND ( `item`.private = 0 OR ( `item`.private in (1,2) AND `item`.`wall` = 1 AND ( NOT (`item`.deny_cid REGEXP '<%d>' OR `item`.deny_gid REGEXP '%s') - AND ( `item`.allow_cid REGEXP '<%d>' OR `item`.allow_gid REGEXP '%s' OR ( allow_cid = '' AND allow_gid = ''))))) + AND ( `item`.allow_cid REGEXP '<%d>' OR `item`.allow_gid REGEXP '%s' OR ( `item`.allow_cid = '' AND `item`.allow_gid = ''))))) ", intval($remote_user), dbesc($gs),