diff options
Diffstat (limited to 'lib/blog')
-rw-r--r-- | lib/blog/edcom.php | 2 | ||||
-rw-r--r-- | lib/blog/index.php | 4 |
2 files changed, 3 insertions, 3 deletions
diff --git a/lib/blog/edcom.php b/lib/blog/edcom.php index 2b96ff9..ca8fd7e 100644 --- a/lib/blog/edcom.php +++ b/lib/blog/edcom.php @@ -9,7 +9,7 @@ $com = mysql_fetch_assoc(sql( "SELECT blog_comments.owner AS owner, blog_comments.text AS text, blog_comments.post AS post ". "FROM blog_comments WHERE id = $comid" )); -assert_error($com && $com['owner'] == $user['id'], +assert_error($com && ($com['owner'] == $user['id'] || $user['priv'] >= $priv_mod), "This comment does not exist, or you are not allowed to edit it."); $com_text = $com['text']; diff --git a/lib/blog/index.php b/lib/blog/index.php index 08aa630..99c7bbe 100644 --- a/lib/blog/index.php +++ b/lib/blog/index.php @@ -39,7 +39,7 @@ function count_in($fat, $v, $d) { } $q = - "SELECT blog_posts.id AS id, blog_posts.title AS title, blog_posts.date AS date, ". + "SELECT blog_posts.id AS id, blog_posts.title AS title, DATE_fORMAT(blog_posts.date, '%Y-%m-%d') AS date, ". "UNIX_TIMESTAMP(blog_posts.date) AS date_ts, ". "DATE_FORMAT(blog_posts.date, '%Y-%m') AS month, ". "blog_posts.text_html AS text_html, GROUP_CONCAT(DISTINCT ba.tag SEPARATOR ', ') AS tags, ". @@ -70,7 +70,7 @@ while ($pp = mysql_fetch_assoc($n)) { count_in('date', str_replace('-', '_', $pp['month']), $pp['month']); } -$can_post = ($user['priv'] >= $apps['blog']['drafts'] && $user['id'] != 0); +$can_post = (($user['priv'] >= $apps['blog']['drafts'] && $user['id'] != 0)); $can_edit = ($user['priv'] >= $apps['blog']['edit'] && $user['id'] != 0); $can_delete = ($user['priv'] >= $apps['blog']['delete'] && $user['id'] != 0); |