From 626fddc8f55268b9e0dd777002e76f4cf55db73d Mon Sep 17 00:00:00 2001
From: toyomoyo <toyomoyo>
Date: Tue, 18 Jul 2006 02:28:25 +0000
Subject: [PATCH] merged fix for a bug where user can view site blogs when not
 logged in

---
 blog/lib.php | 39 +++++++++++++++++++++++++--------------
 1 file changed, 25 insertions(+), 14 deletions(-)

diff --git a/blog/lib.php b/blog/lib.php
index f13f3e4f84..776f9028c3 100755
--- a/blog/lib.php
+++ b/blog/lib.php
@@ -408,8 +408,8 @@
 
             case 'site':
 
-                if (!isguest() && isloggedin()) {
-
+                if (isloggedin()) {
+					
                     $SQL = 'SELECT '.$requiredfields.' FROM '.$CFG->prefix.'post p, '.$tagtablesql
                             .$CFG->prefix.'user u
                             WHERE p.userid = u.id '.$tagquerysql.'
@@ -469,22 +469,33 @@
 
             case 'group':
 
-                $SQL = 'SELECT '.$requiredfields.' FROM '.$CFG->prefix.'post p, '.$tagtablesql
-                        .$CFG->prefix.'groups_members m, '.$CFG->prefix.'user u
-                        WHERE p.userid = m.userid '.$tagquerysql.'
-                        AND u.id = p.userid
-                        AND m.groupid = '.$filterselect.'
-                        AND (p.publishstate = \'site\' OR p.publishstate = \'public\' OR p.userid = '.$USER->id.')';
+				$SQL = 'SELECT '.$requiredfields.' FROM '.$CFG->prefix.'post p, '.$tagtablesql
+	                    .$CFG->prefix.'groups_members m, '.$CFG->prefix.'user u
+	                    WHERE p.userid = m.userid '.$tagquerysql.'
+	                    AND u.id = p.userid
+	                    AND m.groupid = '.$filterselect.'
+	                    AND (p.publishstate = \'site\' OR p.publishstate = \'public\' OR p.userid = '.$USER->id.')';
 
             break;
 
             case 'user':
-
-                $SQL = 'SELECT '.$requiredfields.' FROM '.$CFG->prefix.'post p, '.$tagtablesql
-                        .$CFG->prefix.'user u
-                        WHERE p.userid = u.id '.$tagquerysql.'
-                        AND u.id = '.$filterselect.'
-                        AND (p.publishstate = \'site\' OR p.publishstate = \'public\' OR p.userid = '.$USER->id.')';
+				
+				if (isloggedin()) {
+				  
+	                $SQL = 'SELECT '.$requiredfields.' FROM '.$CFG->prefix.'post p, '.$tagtablesql
+	                        .$CFG->prefix.'user u
+	                        WHERE p.userid = u.id '.$tagquerysql.'
+	                        AND u.id = '.$filterselect.'
+	                        AND (p.publishstate = \'site\' OR p.publishstate = \'public\' OR p.userid = '.$USER->id.')';
+	            } else {
+	                
+					$SQL = 'SELECT '.$requiredfields.' FROM '.$CFG->prefix.'post p, '.$tagtablesql
+	                        .$CFG->prefix.'user u
+	                        WHERE p.userid = u.id '.$tagquerysql.'
+	                        AND u.id = '.$filterselect.'
+	                        AND p.publishstate = \'public\'';	              
+	              
+	            }
 
             break;
 
-- 
2.39.5