Index: profile_permission.module =================================================================== RCS file: /cvs/drupal-contrib/contributions/modules/profile_permission/profile_permission.module,v retrieving revision 1.3 diff -u -r1.3 profile_permission.module --- profile_permission.module 8 Feb 2009 05:15:43 -0000 1.3 +++ profile_permission.module 9 Feb 2009 18:53:09 -0000 @@ -89,7 +89,7 @@ */ function profile_permission_user($op, &$edit, &$account, $category = NULL) { if ($op == 'view') { - profile_permission_user_view_field($account->content); + profile_permission_user_view_field($account, $account->content); } } @@ -97,16 +97,17 @@ * Recursively loop through user content items looking for restricted fields. * When a field is found check the view permission. * + * @param object $account The acount whos page is being viewed. * @param array $element Page element to check children of. * @return boolean Remove scanned element. */ -function profile_permission_user_view_field(&$element) { +function profile_permission_user_view_field($account, &$element) { $fields = variable_get('profile_permission_fields', array()); foreach (element_children($element) as $key) { if (in_array($key, $fields)) { // Found restricted field. if (!user_access(profile_permission_generate_perm_view($key)) && - !user_access(profile_permission_generate_perm_view_own($key))) { + ($GLOBALS['user']->uid != $account->uid || !user_access(profile_permission_generate_perm_view_own($key)))) { unset($element[$key]); } } @@ -114,7 +115,7 @@ // Search the array recursively for restricted fields. $children = element_children($element[$key]); if ($children) { - if (profile_permission_user_view_field($element[$key])) { + if (profile_permission_user_view_field($account, $element[$key])) { // No children, remove empty element. unset($element[$key]); } @@ -129,6 +130,7 @@ * Implementation of hook_form_alter(): user_profile_form. */ function profile_permission_form_user_profile_form_alter($form, &$form_state) { + $account = $form['_account']['#value']; $result = db_query('SELECT DISTINCT(category) FROM {profile_fields}'); @@ -141,7 +143,7 @@ // If field is restricted and current user does not have privilege to edit field then remove. if (in_array($key, $permissions) && !user_access(profile_permission_generate_perm_edit($key)) && - !user_access(profile_permission_generate_perm_edit_own($key))) { + ($GLOBALS['user']->uid != $account->uid || !user_access(profile_permission_generate_perm_edit_own($key)))) { unset($form[$category][$key]); } }