X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=src%2FModel%2FPhoto.php;h=34a5acfc9f3694d4e35fce63587aa870b147bd1e;hb=1ddd2df4b89f397657cfe38b1154086d900cffa5;hp=11721c81fdb092dc21267e13ec6362215a1d3c2f;hpb=5f2028b657332c7dceb1e14dc0e1cd175fc61a7c;p=friendica.git

diff --git a/src/Model/Photo.php b/src/Model/Photo.php
index 11721c81fd..34a5acfc9f 100644
--- a/src/Model/Photo.php
+++ b/src/Model/Photo.php
@@ -131,31 +131,17 @@ class Photo extends BaseObject
 	 */
 	public static function getPhoto($resourceid, $scale = 0)
 	{
-		$r = self::selectFirst(["uid", "allow_cid", "allow_gid", "deny_cid", "deny_gid"], ["resource-id" => $resourceid]);
-		if ($r === false) {
+		$r = self::selectFirst(["uid"], ["resource-id" => $resourceid]);
+		if (!DBA::isResult($r)) {
 			return false;
 		}
-		$uid = $r["uid"];
 
-		// This is the first place, when retrieving just a photo, that we know who owns the photo.
-		// Check if the photo is public (empty allow and deny means public), if so, skip auth attempt, if not
-		// make sure that the requester's session is appropriately authenticated to that user
-		// otherwise permissions checks done by getPermissionsSQLByUserId() won't work correctly
-		if (!empty($r["allow_cid"]) || !empty($r["allow_gid"]) || !empty($r["deny_cid"]) || !empty($r["deny_gid"])) {
-			$r = DBA::selectFirst("user", ["nickname"], ["uid" => $uid], []);
-			// this will either just return (if auth all ok) or will redirect and exit (starting over)
-			DFRN::autoRedir(self::getApp(), $r["nickname"]);
-		}
+		$uid = $r["uid"];
 
 		$sql_acl = Security::getPermissionsSQLByUserId($uid);
 
-		$conditions = [
-			"`resource-id` = ? AND `scale` <= ? " . $sql_acl,
-			$resourceid, $scale
-		];
-
+		$conditions = ["`resource-id` = ? AND `scale` <= ? " . $sql_acl, $resourceid, $scale];
 		$params = ["order" => ["scale" => true]];
-
 		$photo = self::selectFirst([], $conditions, $params);
 
 		return $photo;