Merge pull request #7237 from deantownsley/multiremotefix
expand permission check to remote array
This commit is contained in:
commit
f5606fb211
1 changed files with 13 additions and 4 deletions
|
@ -120,9 +120,18 @@ class Security extends BaseObject
|
|||
*/
|
||||
|
||||
if (!$remote_verified) {
|
||||
if (DBA::exists('contact', ['id' => $remote_user, 'uid' => $owner_id, 'blocked' => false])) {
|
||||
$cid = 0;
|
||||
|
||||
foreach (\Friendica\Core\Session::get('remote', []) as $visitor) {
|
||||
if ($visitor['uid'] == $owner_id) {
|
||||
$cid = $visitor['cid'];
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
if ($cid && DBA::exists('contact', ['id' => $cid, 'uid' => $owner_id, 'blocked' => false])) {
|
||||
$remote_verified = true;
|
||||
$groups = Group::getIdsByContactId($remote_user);
|
||||
$groups = Group::getIdsByContactId($cid);
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -140,9 +149,9 @@ class Security extends BaseObject
|
|||
AND ( allow_cid REGEXP '<%d>' OR allow_gid REGEXP '%s' OR ( allow_cid = '' AND allow_gid = '') )
|
||||
)
|
||||
",
|
||||
intval($remote_user),
|
||||
intval($cid),
|
||||
DBA::escape($gs),
|
||||
intval($remote_user),
|
||||
intval($cid),
|
||||
DBA::escape($gs)
|
||||
);
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue