From a8ae1b9a74b19a3b18f47ae0b260a668ebcf41b5 Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <fox@bah.spb.su>
Date: Sun, 26 Aug 2007 05:18:41 +0100
Subject: clear_feed_articles: check caller UID

---
 functions.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/functions.php b/functions.php
index cf5d421c9..d82cb38ea 100644
--- a/functions.php
+++ b/functions.php
@@ -4698,7 +4698,7 @@
 
 	function clear_feed_articles($link, $id) {
 		$result = db_query($link, "DELETE FROM ttrss_user_entries
-			WHERE feed_id = '$id' AND marked = false");
+			WHERE feed_id = '$id' AND marked = false AND owner_uid = " . $_SESSION["uid"]);
 
 		$result = db_query($link, "DELETE FROM ttrss_entries WHERE 
 			(SELECT COUNT(int_id) FROM ttrss_user_entries WHERE ref_id = id) = 0");
-- 
cgit v1.2.3