From 3ec07d58b7e4f7d33cfe896e8d5911829f58bcbe Mon Sep 17 00:00:00 2001
From: Andreas Gohr <gohr@cosmocode.de>
Date: Thu, 12 Jan 2017 09:25:13 +0100
Subject: [PATCH] fixed auth check

---
 svg.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/svg.php b/svg.php
index 10da30f..684b811 100644
--- a/svg.php
+++ b/svg.php
@@ -49,7 +49,7 @@ class SVG {
         $file = self::IMGDIR . $svg;
         if(!file_exists($file)) {
             // media files are ACL protected
-            if(auth_quickaclcheck($svg)) $this->abort(403);
+            if(auth_quickaclcheck($svg) < AUTH_READ) $this->abort(403);
             $file = mediaFN($svg);
         }
         // check if media exists