diff --git a/mod/lockview.php b/mod/lockview.php index a886effeb7..9e64e2608b 100644 --- a/mod/lockview.php +++ b/mod/lockview.php @@ -2,12 +2,23 @@ function lockview_content(&$a) { - - $item_id = (($a->argc > 1) ? intval($a->argv[1]) : 0); + + $type = (($a->argc > 1) ? $a->argv[1] : 0); + if (is_numeric($type)) { + $item_id = intval($type); + $type='item'; + } else { + $item_id = (($a->argc > 2) ? intval($a->argv[2]) : 0); + } + if(! $item_id) killme(); - $r = q("SELECT * FROM `item` WHERE `id` = %d LIMIT 1", + if (!in_array($type, array('item','photo','event'))) + killme(); + + $r = q("SELECT * FROM `%s` WHERE `id` = %d LIMIT 1", + dbesc($type), intval($item_id) ); if(! count($r)) diff --git a/mod/photos.php b/mod/photos.php index f892e2ce28..52cc66eae1 100644 --- a/mod/photos.php +++ b/mod/photos.php @@ -913,7 +913,15 @@ function photos_content(&$a) { $o .= '