From 6b1dafc1cc3a610fc2aa5c4562fb19e3dd0798f8 Mon Sep 17 00:00:00 2001 From: Ugnich Anton Date: Sun, 30 Dec 2012 15:59:59 +0700 Subject: User blog privacy fix --- src/java/com/juick/http/www/User.java | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) (limited to 'src/java/com/juick/http') diff --git a/src/java/com/juick/http/www/User.java b/src/java/com/juick/http/www/User.java index 5a729a6b7..3ebbdc800 100644 --- a/src/java/com/juick/http/www/User.java +++ b/src/java/com/juick/http/www/User.java @@ -72,23 +72,32 @@ public class User { paramSearch = null; } + int privacy = 0; + if (visitor != null) { + if (user.UID == visitor.UID) { + privacy = -3; + } else if (UserQueries.isInWL(sql, user.UID, visitor.UID)) { + privacy = -2; + } + } + if (paramShow == null) { if (paramTag > 0) { title += "*" + Utils.encodeHTML(paramTagStr); - mids = MessagesQueries.getUserTag(sql, user.UID, paramTag, paramBefore); + mids = MessagesQueries.getUserTag(sql, user.UID, paramTag, privacy, paramBefore); } else if (paramSearch != null) { title += rb.getString("(Menu) Search") + ": " + Utils.encodeHTML(paramSearch); - mids = MessagesQueries.getUserSearch(sql, sqlSearch, user.UID, Utils.encodeSphinx(paramSearch), paramBefore); + mids = MessagesQueries.getUserSearch(sql, sqlSearch, user.UID, Utils.encodeSphinx(paramSearch), privacy, paramBefore); } else { title += rb.getString("(Menu) Blog"); - mids = MessagesQueries.getUserBlog(sql, user.UID, paramBefore); + mids = MessagesQueries.getUserBlog(sql, user.UID, privacy, paramBefore); } } else if (paramShow.equals("recomm")) { title += rb.getString("(Menu) Recommendations"); mids = MessagesQueries.getUserRecommendations(sql, user.UID, paramBefore); } else if (paramShow.equals("photos")) { title += rb.getString("(Menu) Photos"); - mids = MessagesQueries.getUserPhotos(sql, user.UID, paramBefore); + mids = MessagesQueries.getUserPhotos(sql, user.UID, privacy, paramBefore); } else { response.sendError(404); return; -- cgit v1.2.3