[privacy] rework latest fix

diff --git a/include/security.php b/include/security.php
index 6b8128bdd8516cf406c13492a711cedda999b505..c0449157096bdbf94ab0aebc8458d267ee7ae44c 100755 (executable)
--- a/include/security.php
+++ b/include/security.php
@@ -159,6 +159,7 @@ function permissions_sql($owner_id,$remote_verified = false,$groups = null) {
                         AND allow_gid = '' 
                         AND deny_cid  = '' 
                         AND deny_gid  = '' 
+                        AND private = 0
        ";
 
        /**
@@ -199,10 +200,11 @@ function permissions_sql($owner_id,$remote_verified = false,$groups = null) {
                        } 
 
                        $sql = sprintf(
-                               " AND ( allow_cid = '' OR allow_cid REGEXP '<%d>' ) 
+                               " AND (( allow_cid = '' OR allow_cid REGEXP '<%d>' ) 
                                  AND ( deny_cid  = '' OR  NOT deny_cid REGEXP '<%d>' ) 
                                  AND ( allow_gid = '' OR allow_gid REGEXP '%s' )
                                  AND ( deny_gid  = '' OR NOT deny_gid REGEXP '%s') 
+                                       OR private = 0 )
                                ",
                                intval($remote_user),
                                intval($remote_user),

diff --git a/mod/display.php b/mod/display.php
index 00f8b503a721dc5e3e8a3756bcd5e5e4c0508497..f510f793df9d98b2e05356ab6c0b387da0b5a515 100755 (executable)
--- a/mod/display.php
+++ b/mod/display.php
@@ -87,9 +87,6 @@ function display_content(&$a) {
 
        $sql_extra = permissions_sql($a->profile['uid'],$remote_contact,$groups);
 
-       if(! local_user() && ! remote_user())
-               $sql_extra .= " and `item`.`private` = 0 ";
-
        $r = q("SELECT `item`.*, `item`.`id` AS `item_id`, 
                `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
                `contact`.`network`, `contact`.`thumb`, `contact`.`self`, `contact`.`writable`,