diff options
| author | spiderr <spider@viovio.com> | 2014-02-05 14:01:55 -0500 |
|---|---|---|
| committer | spiderr <spider@viovio.com> | 2014-02-05 14:01:55 -0500 |
| commit | 2454f3743a7446b63b43f5c632957d3b44998861 (patch) | |
| tree | 83db82447969c7dc28a04ac71d2969eddcab59e3 | |
| parent | 9dd71cd347a6e6267c7ff04901cf54bb06098348 (diff) | |
| parent | b4685356007d18f4cfe5fd57eb7a32f5ecdbad72 (diff) | |
| download | users-2454f3743a7446b63b43f5c632957d3b44998861.tar.gz users-2454f3743a7446b63b43f5c632957d3b44998861.tar.bz2 users-2454f3743a7446b63b43f5c632957d3b44998861.zip | |
change code to HTTP_UNAUTHORIZED
| -rw-r--r-- | BitUser.php | 5 | ||||
| -rw-r--r-- | lookup_user_inc.php | 1 |
2 files changed, 5 insertions, 1 deletions
diff --git a/BitUser.php b/BitUser.php index 177786b..9a38c0a 100644 --- a/BitUser.php +++ b/BitUser.php @@ -2373,8 +2373,11 @@ class BitUser extends LibertyMime { // this won't work right now, we need to alter userslib::interpret_home() to interpret a real name $iHomepage = $pHash['real_name']; } + if( empty( $pHash['users_information'] ) ) { + $pHash['users_information'] = $gBitSystem->mDb->getOne( "SELECT pref_value FROM liberty_content_prefs lcp INNER JOIN users_users uu ON (lcp.content_id=uu.content_id) WHERE uu.login=? AND pref_name='users_information'", array( $pHash['login'] ), 1, NULL, 86400 ); + } - if( $pUseLink && $gBitUser->hasPermission( 'p_users_view_user_homepage' )) { + if( $pUseLink && $gBitUser->hasPermission( 'p_users_view_user_homepage' ) && (empty( $pHash['users_information'] ) || $pHash['users_information'] == 'public') ) { $ret = '<a class="username" title="'.( !empty( $pHash['link_title'] ) ? $pHash['link_title'] : tra( 'Profile for' ).' '.htmlspecialchars( $displayName )) .'" href="'.BitUser::getDisplayUrlFromHash( $pHash ).'">' . htmlspecialchars( isset( $pHash['link_label'] ) ? $pHash['link_label'] : $displayName ) diff --git a/lookup_user_inc.php b/lookup_user_inc.php index a9dfe83..a774f13 100644 --- a/lookup_user_inc.php +++ b/lookup_user_inc.php @@ -39,6 +39,7 @@ if( isset( $_REQUEST['home'] )) { if( !$gBitUser->hasPermission( 'p_users_admin' ) ) { if( $gQueryUser->mUserId != $gBitUser->mUserId && $gQueryUser->getPreference( 'users_information' ) == 'private' ) { // don't spit error for SEO reasons + $gBitSmarty->assign( 'metaNoIndex', TRUE ); $gBitSystem->fatalError( tra( "This information is private" ) , NULL, NULL, HttpStatusCodes::HTTP_UNAUTHORIZED ); } } |
