From c37ffd2999453de17bd6b0c98b708a0f55bacdc7 Mon Sep 17 00:00:00 2001 From: friendica Date: Mon, 5 Mar 2012 15:04:43 -0800 Subject: [PATCH] can_write_wall documentation --- include/security.php | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/include/security.php b/include/security.php index bc2c9f0bf8..6b8128bdd8 100755 --- a/include/security.php +++ b/include/security.php @@ -108,14 +108,18 @@ function can_write_wall(&$a,$owner) { if(remote_user()) { - // user remembered decision and avoid a DB lookup for each and every display item + // use remembered decision and avoid a DB lookup for each and every display item // DO NOT use this function if there are going to be multiple owners + // We have a contact-id for an authenticated remote user, this block determines if the contact + // belongs to this page owner, and has the necessary permissions to post content + if($verified === 2) return true; elseif($verified === 1) return false; else { + $r = q("SELECT `contact`.*, `user`.`page-flags` FROM `contact` LEFT JOIN `user` on `user`.`uid` = `contact`.`uid` WHERE `contact`.`uid` = %d AND `contact`.`id` = %d AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 AND `user`.`blockwall` = 0 AND `readonly` = 0 AND ( `contact`.`rel` IN ( %d , %d ) OR `user`.`page-flags` = %d ) LIMIT 1", @@ -125,6 +129,7 @@ function can_write_wall(&$a,$owner) { intval(CONTACT_IS_FRIEND), intval(PAGE_COMMUNITY) ); + if(count($r)) { $verified = 2; return true; -- 2.39.5