diff options
author | Ugnich Anton | 2012-12-30 15:59:59 +0700 |
---|---|---|
committer | Ugnich Anton | 2012-12-30 15:59:59 +0700 |
commit | 6b1dafc1cc3a610fc2aa5c4562fb19e3dd0798f8 (patch) | |
tree | 450da13040a4cd94be3c529318b68cadc0611705 /src/java | |
parent | 5b5bfc99bb7c17df265f9ed2d10b95bbbda864f6 (diff) |
User blog privacy fix
Diffstat (limited to 'src/java')
-rw-r--r-- | src/java/com/juick/http/www/User.java | 17 |
1 files changed, 13 insertions, 4 deletions
diff --git a/src/java/com/juick/http/www/User.java b/src/java/com/juick/http/www/User.java index 5a729a6b..3ebbdc80 100644 --- a/src/java/com/juick/http/www/User.java +++ b/src/java/com/juick/http/www/User.java @@ -72,23 +72,32 @@ public class User { paramSearch = null; } + int privacy = 0; + if (visitor != null) { + if (user.UID == visitor.UID) { + privacy = -3; + } else if (UserQueries.isInWL(sql, user.UID, visitor.UID)) { + privacy = -2; + } + } + if (paramShow == null) { if (paramTag > 0) { title += "*" + Utils.encodeHTML(paramTagStr); - mids = MessagesQueries.getUserTag(sql, user.UID, paramTag, paramBefore); + mids = MessagesQueries.getUserTag(sql, user.UID, paramTag, privacy, paramBefore); } else if (paramSearch != null) { title += rb.getString("(Menu) Search") + ": " + Utils.encodeHTML(paramSearch); - mids = MessagesQueries.getUserSearch(sql, sqlSearch, user.UID, Utils.encodeSphinx(paramSearch), paramBefore); + mids = MessagesQueries.getUserSearch(sql, sqlSearch, user.UID, Utils.encodeSphinx(paramSearch), privacy, paramBefore); } else { title += rb.getString("(Menu) Blog"); - mids = MessagesQueries.getUserBlog(sql, user.UID, paramBefore); + mids = MessagesQueries.getUserBlog(sql, user.UID, privacy, paramBefore); } } else if (paramShow.equals("recomm")) { title += rb.getString("(Menu) Recommendations"); mids = MessagesQueries.getUserRecommendations(sql, user.UID, paramBefore); } else if (paramShow.equals("photos")) { title += rb.getString("(Menu) Photos"); - mids = MessagesQueries.getUserPhotos(sql, user.UID, paramBefore); + mids = MessagesQueries.getUserPhotos(sql, user.UID, privacy, paramBefore); } else { response.sendError(404); return; |