clear_feed_articles: check caller UID

master
Andrew Dolgov 17 years ago
parent b02bbd13ae
commit a8ae1b9a74

@ -4698,7 +4698,7 @@
function clear_feed_articles($link, $id) { function clear_feed_articles($link, $id) {
$result = db_query($link, "DELETE FROM ttrss_user_entries $result = db_query($link, "DELETE FROM ttrss_user_entries
WHERE feed_id = '$id' AND marked = false"); WHERE feed_id = '$id' AND marked = false AND owner_uid = " . $_SESSION["uid"]);
$result = db_query($link, "DELETE FROM ttrss_entries WHERE $result = db_query($link, "DELETE FROM ttrss_entries WHERE
(SELECT COUNT(int_id) FROM ttrss_user_entries WHERE ref_id = id) = 0"); (SELECT COUNT(int_id) FROM ttrss_user_entries WHERE ref_id = id) = 0");

Loading…
Cancel
Save