X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=include%2Fsecurity.php;h=768d7c82d45934310a7122b1ca94e56c2e437f0c;hb=0b38f1c58b822ac1ec5a199de00f0a0631c01a61;hp=dbba09172e7159200b1faf1e1f6b8ab41cd95041;hpb=3eec97aa6e84961c8d2ce2ea3f47d92f0e4bdb4f;p=friendica.git

diff --git a/include/security.php b/include/security.php
index dbba09172e..768d7c82d4 100644
--- a/include/security.php
+++ b/include/security.php
@@ -171,12 +171,14 @@ function authenticate_success($user_record, $login_initial = false, $interactive
 	}
 
 	if ($login_initial) {
-		// If the user specified to remember the authentication, then set a cookie
-		// that expires after one week (the default is when the browser is closed).
-		// The cookie will be renewed automatically.
-		// The week ensures that sessions will expire after some inactivity.
+		/*
+		 * If the user specified to remember the authentication, then set a cookie
+		 * that expires after one week (the default is when the browser is closed).
+		 * The cookie will be renewed automatically.
+		 * The week ensures that sessions will expire after some inactivity.
+		 */
 		if ($_SESSION['remember']) {
-			logger('Injecting cookie for remembered user ' . $_SESSION['remember_user']['nickname']);
+			logger('Injecting cookie for remembered user ' . $a->user['nickname']);
 			new_cookie(604800, $user_record);
 			unset($_SESSION['remember']);
 		}
@@ -204,6 +206,10 @@ function can_write_wall($owner)
 		return true;
 	}
 
+	if (local_user() && ($owner == 0)) {
+		return true;
+	}
+
 	if (remote_user()) {
 		// use remembered decision and avoid a DB lookup for each and every display item
 		// DO NOT use this function if there are going to be multiple owners
@@ -339,7 +345,7 @@ function item_permissions_sql($owner_id, $remote_verified = false, $groups = nul
 			 AND `item`.allow_gid = ''
 			 AND `item`.deny_cid  = ''
 			 AND `item`.deny_gid  = ''
-			 AND `item`.private = 0
+			 AND `item`.private != 1
 	";
 
 	// Profile owner - everything is visible