bug #38 posts and photos only visible to friends if so configured

diff --git a/include/event.php b/include/event.php
index d7071bd1f90aea5d084e5aaeb1cccc01e4ebc203..06239b2abb89c4dcba063ee17639e8e559bd52ce 100644 (file)
--- a/include/event.php
+++ b/include/event.php
@@ -14,14 +14,14 @@ function format_event_html($ev) {
                . datetime_convert('UTC','UTC',$ev['start'], ATOM_TIME)
                . '" >' 
                . datetime_convert('UTC', date_default_timezone_get(), 
-                       $ev['start'] /*, format /*) 
+                       $ev['start'] /*, format */ ) 
                . '</abbr></p>';
 
        $o .= '<p>' . t('Ends: ') . '<abbr class="dtend" title="'
                . datetime_convert('UTC','UTC',$ev['finish'], ATOM_TIME)
                . '" >' 
                . datetime_convert('UTC', date_default_timezone_get(), 
-                       $ev['finish'] /*, format /*) 
+                       $ev['finish'] /*, format */ ) 
                . '</abbr></p>';
 
        $o .= '<p> ' . t('Location:') . '<span class="location">' 

diff --git a/mod/photos.php b/mod/photos.php
index 89fef2ee8652f26d432c9867c9c14743de1daf0b..1fb6ee5817266bd3c8d43c49ec6f41c935eda8ba 100644 (file)
--- a/mod/photos.php
+++ b/mod/photos.php
@@ -722,6 +722,8 @@ function photos_content(&$a) {
 
        $owner_uid = $a->data['user']['uid'];
 
+
+
        $community_page = (($a->data['user']['page-flags'] == PAGE_COMMUNITY) ? true : false);
 
        if((local_user()) && (local_user() == $owner_uid))
@@ -763,6 +765,15 @@ function photos_content(&$a) {
                }
        }
 
+       $r = q("SELECT `hidewall` FROM `profile` WHERE `uid` = %d AND `is-default` = 1 LIMIT 1",
+               intval($owner_uid)
+       );
+
+       if(count($r) && $r[0]['hidewall'] && (local_user() !== $owner_uid) && (! remote_contact)) {
+               notice( t('Access to this item is restricted.') . EOL);
+               return;
+       }
+
        // default permissions - anonymous user
 
        $sql_extra = " AND `allow_cid` = '' AND `allow_gid` = '' AND `deny_cid` = '' AND `deny_gid` = '' ";

diff --git a/mod/profile.php b/mod/profile.php
index 8d46d6c5ba5fb0a7dff07a9ce2b7c6c8aea00031..4db5485770f770fe8374b6184d42b2263bd314de 100644 (file)
--- a/mod/profile.php
+++ b/mod/profile.php
@@ -55,11 +55,6 @@ function profile_content(&$a, $update = 0) {
                return login();
        }
 
-       if($a->profile['hidewall'] && (! local_user()) && (! remote_user())) {
-               notice( t('Access to this profile has been restricted.') . EOL);
-               return;
-       }
-
        require_once("include/bbcode.php");
        require_once('include/security.php');
        require_once('include/conversation.php');
@@ -102,6 +97,12 @@ function profile_content(&$a, $update = 0) {
        }
 
        $is_owner = ((local_user()) && (local_user() == $a->profile['profile_uid']) ? true : false);
+
+       if($a->profile['hidewall'] && (! $is_owner) && (! remote_contact)) {
+               notice( t('Access to this profile has been restricted.') . EOL);
+               return;
+       }
+
        
        if(! $update) {
                if(x($_GET,'tab'))