diff --git a/ServiceAPI/Notes.php b/ServiceAPI/Notes.php index 5268b342..ea76267e 100644 --- a/ServiceAPI/Notes.php +++ b/ServiceAPI/Notes.php @@ -27,7 +27,7 @@ class Notes implements Handler $reject(160, "You don't have permission to access this note"); if(!$note->canBeViewedBy($this->user)) - $reject(15, "Happy new year"); + $reject(15, "Access to note denied"); $resolve([ "title" => $note->getName(), diff --git a/ServiceAPI/Wall.php b/ServiceAPI/Wall.php index 52c61701..a48adb3c 100644 --- a/ServiceAPI/Wall.php +++ b/ServiceAPI/Wall.php @@ -24,7 +24,7 @@ class Wall implements Handler $reject("No post with id=$id"); if(!$post->canBeViewedBy($this->user)) - $reject(12, "Aces denid,"); + $reject(12, "Access denied"); $res = (object) []; $res->id = $post->getId(); diff --git a/VKAPI/Handlers/Users.php b/VKAPI/Handlers/Users.php index 36bf77f9..34737e1e 100644 --- a/VKAPI/Handlers/Users.php +++ b/VKAPI/Handlers/Users.php @@ -48,8 +48,8 @@ final class Users extends VKAPIRequestHandler "id" => $usr->getId(), "first_name" => $usr->getFirstName(), "last_name" => $usr->getLastName(), - "is_closed" => false, - "can_access_closed" => true, + "is_closed" => $usr->isClosed(), + "can_access_closed" => (bool)$usr->canBeViewedBy($this->getUser()), ]; $flds = explode(',', $fields); @@ -315,7 +315,7 @@ final class Users extends VKAPIRequestHandler "fav_shows" => !empty($fav_shows) ? $fav_shows : NULL, "fav_books" => !empty($fav_books) ? $fav_books : NULL, "fav_quotes" => !empty($fav_quotes) ? $fav_quotes : NULL, - "doNotSearchPrivate" => true, + "doNotSearchPrivate" => true, ]; $find = $users->find($q, $parameters, $sortg); diff --git a/VKAPI/Handlers/Wall.php b/VKAPI/Handlers/Wall.php index 02f2fe9f..ae5c3473 100644 --- a/VKAPI/Handlers/Wall.php +++ b/VKAPI/Handlers/Wall.php @@ -168,8 +168,8 @@ final class Wall extends VKAPIRequestHandler "first_name" => $user->getFirstName(), "id" => $user->getId(), "last_name" => $user->getLastName(), - "can_access_closed" => false, - "is_closed" => false, + "can_access_closed" => (bool)$user->canBeViewedBy($this->getUser()), + "is_closed" => $user->isClosed(), "sex" => $user->isFemale() ? 1 : 2, "screen_name" => $user->getShortCode(), "photo_50" => $user->getAvatarUrl(), @@ -349,8 +349,8 @@ final class Wall extends VKAPIRequestHandler "first_name" => $user->getFirstName(), "id" => $user->getId(), "last_name" => $user->getLastName(), - "can_access_closed" => false, - "is_closed" => false, + "can_access_closed" => (bool)$user->canBeViewedBy($this->getUser()), + "is_closed" => $user->isClosed(), "sex" => $user->isFemale() ? 1 : 2, "screen_name" => $user->getShortCode(), "photo_50" => $user->getAvatarUrl(), diff --git a/Web/Presenters/UserPresenter.php b/Web/Presenters/UserPresenter.php index 876a5827..7d6984df 100644 --- a/Web/Presenters/UserPresenter.php +++ b/Web/Presenters/UserPresenter.php @@ -442,7 +442,6 @@ final class UserPresenter extends OpenVKPresenter $prof = $this->postParam("profile_type") == 1 || $this->postParam("profile_type") == 0 ? (int)$this->postParam("profile_type") : 0; $user->setProfile_type($prof); - $user->save(); } else if($_GET['act'] === "finance.top-up") { $token = $this->postParam("key0") . $this->postParam("key1") . $this->postParam("key2") . $this->postParam("key3"); diff --git a/Web/Presenters/VideosPresenter.php b/Web/Presenters/VideosPresenter.php index c1655bfd..dfee06ae 100644 --- a/Web/Presenters/VideosPresenter.php +++ b/Web/Presenters/VideosPresenter.php @@ -39,13 +39,13 @@ final class VideosPresenter extends OpenVKPresenter function renderView(int $owner, int $vId): void { $user = $this->users->get($owner); + $video = $this->videos->getByOwnerAndVID($owner, $vId); + if(!$user) $this->notFound(); + if(!$video || $video->isDeleted()) $this->notFound(); if(!$user->getPrivacyPermission('videos.read', $this->user->identity ?? NULL) || !$video->canBeViewedBy($this->user->identity)) $this->flashFail("err", tr("forbidden"), tr("forbidden_comment")); - $video = $this->videos->getByOwnerAndVID($owner, $vId); - if($this->videos->getByOwnerAndVID($owner, $vId)->isDeleted()) $this->notFound(); - $this->template->user = $user; $this->template->video = $this->videos->getByOwnerAndVID($owner, $vId); $this->template->cCount = $this->template->video->getCommentsCount(); diff --git a/Web/Presenters/templates/User/private.xml b/Web/Presenters/templates/User/private.xml index 300e2862..a2520a07 100644 --- a/Web/Presenters/templates/User/private.xml +++ b/Web/Presenters/templates/User/private.xml @@ -16,7 +16,7 @@ alt="{$user->getCanonicalName()}" style="width: 100%; image-rendering: -webkit-optimize-contrast;" /> -