use Friendica\App;
use Friendica\Content\ContactSelector;
-use Friendica\Content\Feature;
use Friendica\Content\Text\BBCode;
use Friendica\Content\Text\HTML;
use Friendica\Core\Hook;
use Friendica\Model\Mail;
use Friendica\Model\Notify;
use Friendica\Model\Photo;
-use Friendica\Model\Profile;
use Friendica\Model\User;
use Friendica\Model\UserItem;
use Friendica\Network\FKOAuth1;
$id = (!empty($_REQUEST['id']) ? intval($_REQUEST['id']) : 0);
try {
- $notify = DI::notify()->getByID($id);
+ $notify = DI::notify()->getByID($id, api_user());
DI::notify()->setSeen(true, $notify);
if ($notify->otype === Notify\ObjectType::ITEM) {
$request_id = $parameters['id'] ?? false;
if ($request_id) {
- $notify = DI::notify()->getByID($request_id);
+ $notify = DI::notify()->getByID($request_id, local_user());
DI::notify()->setSeen(true, $notify);
if (!empty($notify->link)) {
use Exception;
use Friendica\BaseRepository;
+use Friendica\Collection;
use Friendica\Core\Hook;
use Friendica\Model;
-use Friendica\Collection;
use Friendica\Network\HTTPException\InternalServerErrorException;
use Friendica\Network\HTTPException\NotFoundException;
use Friendica\Util\DateTimeFormat;
}
/**
- * {@inheritDoc}
+ * Return one notify instance based on ID / UID
+ *
+ * @param int $id The ID of the notify instance
+ * @param int $uid The user ID, bound to this notify instance (= security check)
*
* @return Model\Notify
* @throws NotFoundException
*/
- public function getByID(int $id)
+ public function getByID(int $id, int $uid)
{
- return $this->selectFirst(['id' => $id, 'uid' => local_user()]);
+ return $this->selectFirst(['id' => $id, 'uid' => $uid]);
}
/**
projects / friendica.git / commitdiff