Privilege changesadnab.me-site

2 files changed, 3 insertions, 3 deletions

diff --git a/lib/blog/edcom.php b/lib/blog/edcom.php
index 2b96ff9..ca8fd7e 100644
--- a/lib/blog/edcom.php
+++ b/lib/blog/edcom.php
@@ -9,7 +9,7 @@ $com = mysql_fetch_assoc(sql(
 	"SELECT blog_comments.owner AS owner, blog_comments.text AS text, blog_comments.post AS post ".
 	"FROM blog_comments WHERE id = $comid"
 	));
-assert_error($com && $com['owner'] == $user['id'],
+assert_error($com && ($com['owner'] == $user['id'] || $user['priv'] >= $priv_mod),
 	"This comment does not exist, or you are not allowed to edit it.");
 
 $com_text = $com['text'];
diff --git a/lib/blog/index.php b/lib/blog/index.php
index 08aa630..99c7bbe 100644
--- a/lib/blog/index.php
+++ b/lib/blog/index.php
@@ -39,7 +39,7 @@ function count_in($fat, $v, $d) {
 }
 
 $q =
-	"SELECT blog_posts.id AS id, blog_posts.title AS title, blog_posts.date AS date, ".
+	"SELECT blog_posts.id AS id, blog_posts.title AS title, DATE_fORMAT(blog_posts.date, '%Y-%m-%d') AS date, ".
 	"UNIX_TIMESTAMP(blog_posts.date) AS date_ts, ".
 	"DATE_FORMAT(blog_posts.date, '%Y-%m') AS month, ".
 	"blog_posts.text_html AS text_html, GROUP_CONCAT(DISTINCT ba.tag SEPARATOR ',  ') AS tags, ".
@@ -70,7 +70,7 @@ while ($pp = mysql_fetch_assoc($n)) {
 	count_in('date', str_replace('-', '_', $pp['month']), $pp['month']);
 }
 
-$can_post = ($user['priv'] >= $apps['blog']['drafts'] && $user['id'] != 0);
+$can_post = (($user['priv'] >= $apps['blog']['drafts'] && $user['id'] != 0));
 $can_edit = ($user['priv'] >= $apps['blog']['edit'] && $user['id'] != 0);
 $can_delete = ($user['priv'] >= $apps['blog']['delete'] && $user['id'] != 0);