Respecting privacy of members

I have noticed that there are a LOT of instances where Dolphin and developers do not pay attention to the `Profiles`.`allow_view_to` flag in their thus making profiles that want to be hidden from public view visible.

Now, I am in now way a MYSQL guru but.. I have come up with this nifty little snippet that respects the privacy flag anytime you read a profile

                $iId   = getLoggedId() ;                  
                $sJoinClause = ' LEFT JOIN  `sys_friend_list` Friend ON
                (`owner_id` =  Friend.`Profile` AND Friend.`ID` = "' .
                $iId. '" AND Friend.`Check` = "1") LEFT JOIN  `sys_friend_list` Profile
                ON (`owner_id` = Profile.`ID`  AND Profile.`Profile` = "' .
                $iId . '"  AND Profile.`Check` = "1") ';

                $sWhereClause = ' (`owner_id`  = "' . $iId. '" OR (Friend.`Profile` AND Friend.`ID` = "' .
                $iId . '") OR (Profile.`ID`     AND Profile.`Profile` = "' . $iId. '")) OR `Profiles`.`allow_view_to` != '2' ';
             
This ONLY read profiles that are in your friends list OR the profile is a public profile, thus hiding any member that has their profile set to private.

Like I said, I am NO MYSQL guru, but this works on my end.

If anyone has a much better or cleaner way to handle this, please toss it in here. 

:)

Interesting... though I can only vaguely understand the code.  Please provide an example of when you've had to use it and where in the module code you added it.  I'm very concerned with member privacy and want to fix any issues.

 Yeah, it took me about week working on it from work and at home to come up with that solution.

I posted this bit because it can be used ANYWHERE you access member profile data to make sure you are not displaying an avatar (on spy/wall/forum posts/online members etc..) that is marked private to anyone other than friends.

This is in the wall module BxDbWall.php in the getEvents function.

I have a wall mod (for the index page) that does some fantastic things that I will release as soon as I work out a couple of things that are bothering me.

This mod only shows you your friends events and your own events on the site wall, and it properly paginates.

When I get an answer to this issue and work out 1 more issue, I'll release the mod.  IDK what/if I'll charge for it but I've been working on it for about 3 months now.  l would love to just trade it for a template or 2 that I desperately need!

I figured it was a "use it where you need it" code-block... that's was makes it so interesting... and potentially powerful.  Thank you for sharing!  

To charge or not to charge?  If it was me, I'd charge $10 and support the clients.  Then use the money to pay for a good template plus whatever custom changes you deem necessary to make your site truly unique and impressive looking.   

I'm not using a Wall on my #1 project but my next one might... so I'm looking forward to seeing what you've been creating for the last 3 months.  

8^)