X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=src%2FUtil%2FSecurity.php;h=42333821602d7b123d7da520c175d21ceb0eacea;hb=a98957eeb29cfb142dfc4cd3e03c5bdfbc373466;hp=929853c2f08b78924a6498ab9ed69b58f09cf47d;hpb=85dc9bb96b30819fcf544c9aa1013a8f380d6981;p=friendica.git

diff --git a/src/Util/Security.php b/src/Util/Security.php
index 929853c2f0..4233382160 100644
--- a/src/Util/Security.php
+++ b/src/Util/Security.php
@@ -87,20 +87,32 @@ class Security
 		return false;
 	}
 
-	public static function getPermissionsSQLByUserId($owner_id)
+	/**
+	 * Create a permission string for an element based on the visitor
+	 *
+	 * @param integer $owner_id   User ID of the owner of the element
+	 * @param boolean $accessible Should the element be accessible anyway?
+	 * @return string SQL permissions
+	 */
+	public static function getPermissionsSQLByUserId(int $owner_id, bool $accessible = false)
 	{
 		$local_user = local_user();
 		$remote_contact = Session::getRemoteContactID($owner_id);
+		$acc_sql = '';
+
+		if ($accessible) {
+			$acc_sql = ' OR `accessible`';
+		}
 
 		/*
 		 * Construct permissions
 		 *
 		 * default permissions - anonymous user
 		 */
-		$sql = " AND allow_cid = ''
+		$sql = " AND (allow_cid = ''
 			 AND allow_gid = ''
 			 AND deny_cid  = ''
-			 AND deny_gid  = '' ";
+			 AND deny_gid  = ''" . $acc_sql . ") ";
 
 		/*
 		 * Profile owner - everything is visible
@@ -123,7 +135,8 @@ class Security
 
 			$sql = sprintf(
 				" AND (NOT (deny_cid REGEXP '<%d>' OR deny_gid REGEXP '%s')
-				  AND (allow_cid REGEXP '<%d>' OR allow_gid REGEXP '%s' OR (allow_cid = '' AND allow_gid = ''))) ",
+				  AND (allow_cid REGEXP '<%d>' OR allow_gid REGEXP '%s'
+				  OR (allow_cid = '' AND allow_gid = ''))" . $acc_sql . ") ",
 				intval($remote_contact),
 				DBA::escape($gs),
 				intval($remote_contact),