harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

SECURITY: edited comment to private post loses privacy info. Not visible in stream but may be visible in feeds

Browse Source
This commit is contained in:
redmatrix
2016-05-12 16:51:20 -07:00
parent 9f57bfb5df
commit 2d79e75788
2 changed files with 11 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
boot.php
View File

@@ -46,7 +46,7 @@ require_once('include/account.php');
define ( 'PLATFORM_NAME', 'hubzilla' );
define ( 'STD_VERSION', '1.6.1' );
define ( 'STD_VERSION', '1.6.2' );
define ( 'ZOT_REVISION', 1 );
define ( 'DB_UPDATE_VERSION', 1168 );

10
include/zot.php
View File

@@ -1953,6 +1953,16 @@ function remove_community_tag($sender, $arr, $uid) {
*/
function update_imported_item($sender, $item, $orig, $uid) {
// If this is a comment being updated, remove any privacy information
// so that item_store_update will set it from the original.
if($item['mid'] !== $item['parent_mid']) {
unset($item['allow_cid']);
unset($item['allow_gid']);
unset($item['deny_cid']);
unset($item['deny_gid']);
unset($item['item_private']);
}
$x = item_store_update($item);