code_allowed is a real mess. Start the cleanup by remving the account level code allow and limiting to specific channels only. This reduces the possibility of cross channel security issues coming into play. Then provide a single function for checking the code permission. This is only partially done as we often need to check against the observer or logged in channel as well as the resource owner to ensure that this only returns true for local channels which also own the requested resource.

7 files changed, 28 insertions, 79 deletions

diff --git a/Zotlabs/Module/Impel.php b/Zotlabs/Module/Impel.php
index 197d9f859..77f488d26 100644
--- a/Zotlabs/Module/Impel.php
+++ b/Zotlabs/Module/Impel.php
@@ -144,18 +144,8 @@ class Impel extends \Zotlabs\Web\Controller {
 		
 			// Verify ability to use html or php!!!
 	
-		    $execflag = false;
-	
-			if($arr['mimetype'] === 'application/x-php') {
-				$z = q("select account_id, account_roles, channel_pageflags from account left join channel on channel_account_id = account_id where channel_id = %d limit 1",
-					intval(local_channel())
-				);
-	
-				if($z && (($z[0]['account_roles'] & ACCOUNT_ROLE_ALLOWCODE) || ($z[0]['channel_pageflags'] & PAGE_ALLOWCODE))) {
-					$execflag = true;
-				}
-			}
-	
+			$execflag = ((intval($channel['channel_id']) == intval(local_channel()) && ($channel['channel_pageflags'] & PAGE_ALLOWCODE)) ? true : false);
+
 			$i = q("select id, edited, item_deleted from item where mid = '%s' and uid = %d limit 1",
 				dbesc($arr['mid']),
 				intval(local_channel())
diff --git a/Zotlabs/Module/Item.php b/Zotlabs/Module/Item.php
index afac1542d..43cf535a4 100644
--- a/Zotlabs/Module/Item.php
+++ b/Zotlabs/Module/Item.php
@@ -478,18 +478,8 @@ class Item extends \Zotlabs\Web\Controller {
 	
 		// Verify ability to use html or php!!!
 	
-		$execflag = false;
-	
-		$z = q("select account_id, account_roles, channel_pageflags from account left join channel on channel_account_id = account_id 
-			where channel_id = %d limit 1",
-			intval($profile_uid)
-		);
-		if($z && (($z[0]['account_roles'] & ACCOUNT_ROLE_ALLOWCODE) || ($z[0]['channel_pageflags'] & PAGE_ALLOWCODE))) {
-			if($uid && (intval(get_account_id()) == intval($z[0]['account_id']))) {
-				$execflag = true;
-			}
-		}
-	
+		$execflag = ((intval($channel['channel_id']) == intval($profile_uid) && ($channel['channel_pageflags'] & PAGE_ALLOWCODE)) ? true : false);
+
 		$gacl = $acl->get();
 		$str_contact_allow = $gacl['allow_cid'];
 		$str_group_allow   = $gacl['allow_gid'];
diff --git a/boot.php b/boot.php
index a80bfbed3..e19ffddb0 100755
--- a/boot.php
+++ b/boot.php
@@ -541,7 +541,6 @@ define ( 'ACCOUNT_PENDING',      0x0010 );
  * Account roles
  */
 
-define ( 'ACCOUNT_ROLE_ALLOWCODE', 0x0001 );
 define ( 'ACCOUNT_ROLE_SYSTEM',    0x0002 );
 define ( 'ACCOUNT_ROLE_DEVELOPER', 0x0004 );
 define ( 'ACCOUNT_ROLE_ADMIN',     0x1000 );
diff --git a/doc/database/db_account.bb b/doc/database/db_account.bb
index 354f2d3a8..35d7a9eb3 100644
--- a/doc/database/db_account.bb
+++ b/doc/database/db_account.bb
@@ -58,7 +58,6 @@ define ( 'ACCOUNT_PENDING',      0x0010 );
  * Account roles
  */
 
-define ( 'ACCOUNT_ROLE_ALLOWCODE', 0x0001 ); // 1 - this account can create content with PHP/Javascript
 define ( 'ACCOUNT_ROLE_SYSTEM',    0x0002 ); // 2 - this is the special system account
 define ( 'ACCOUNT_ROLE_DEVELOPER', 0x0004 );
 define ( 'ACCOUNT_ROLE_ADMIN',     0x1000 ); // 4096 - this account is an administrator
diff --git a/include/channel.php b/include/channel.php
index b838f8393..ceb5eeb7a 100644
--- a/include/channel.php
+++ b/include/channel.php
@@ -2252,3 +2252,20 @@ function channel_remove($channel_id, $local = true, $unset_session=false) {
 	}
 
 }
+
+/*
+ * This checks if a channel is allowed to publish executable code.
+ * It is up to the caller to determine if the observer or local_channel 
+ * is in fact the resource owner whose channel_id is being checked
+ */
+
+function channel_codeallowed($channel_id) {
+
+	if(! intval($channel_id))
+		return false;
+
+	$x = channelx_by_n($channel_id);
+	if(($x) && ($x['channel_pageflags'] & PAGE_ALLOWCODE))
+		return true;
+	return false;
+}
\ No newline at end of file
diff --git a/include/import.php b/include/import.php
index 5c73b7ca3..bbe930864 100644
--- a/include/import.php
+++ b/include/import.php
@@ -534,16 +534,8 @@ function sync_chatrooms($channel,$chatrooms) {
 function import_items($channel,$items,$sync = false,$relocate = null) {
 
 	if($channel && $items) {
-		$allow_code = false;
-		$r = q("select account_id, account_roles, channel_pageflags from account left join channel on channel_account_id = account_id 
-			where channel_id = %d limit 1",
-			intval($channel['channel_id'])
-		);
-		if($r) {
-			if(($r[0]['account_roles'] & ACCOUNT_ROLE_ALLOWCODE) || ($r[0]['channel_pageflags'] & PAGE_ALLOWCODE)) {
-				$allow_code = true;
-			}
-		}
+		
+		$allow_code = channel_codeallowed($channel['channel_id']);
 
 		$deliver = false;  // Don't deliver any messages or notifications when importing
 
@@ -1358,28 +1350,8 @@ function import_webpage_element($element, $channel, $type) {
 	}
 
 	// Verify ability to use html or php!!!
-	$execflag = false;
-	if($arr['mimetype'] === 'application/x-php' || $arr['mimetype'] === 'text/html') {
-		$z = q("select account_id, account_roles, channel_pageflags from account "
-			. "left join channel on channel_account_id = account_id where channel_id = %d limit 1", 
-			intval(local_channel())
-		);
 
-		if($z && (($z[0]['account_roles'] & ACCOUNT_ROLE_ALLOWCODE) || ($z[0]['channel_pageflags'] & PAGE_ALLOWCODE))) {
-			$execflag = true;
-		}
-		else {
-			logger('Unable to import element "' . $name .'" because AllowCode permission is denied.');
-			notice( t('Unable to import element "' . $name .'" because AllowCode permission is denied.') . EOL);
-			$element['import_success'] = 0;
-			return $element;
-		}
-	}
-		
-//	$z = q("select * from iconfig where v = '%s' and k = '%s' and cat = 'system' limit 1", 
-//		dbesc($name), 
-//		dbesc($namespace)
-//	);
+	$execflag = channel_codeallowed(local_channel());
 
 	$i = q("select id, edited, item_deleted from item where mid = '%s' and uid = %d limit 1", 
 		dbesc($arr['mid']), 
diff --git a/include/text.php b/include/text.php
index fe3206b32..6715eca22 100644
--- a/include/text.php
+++ b/include/text.php
@@ -104,15 +104,11 @@ function z_input_filter($channel_id,$s,$type = 'text/bbcode') {
 		return $s;
 	}
 
-	$r = q("select account_id, account_roles, channel_pageflags from account left join channel on channel_account_id = account_id where channel_id = %d limit 1",
+	$r = q("select channel_pageflags from channel where channel_id = %d limit 1",
 		intval($channel_id)
 	);
-	if($r) {
-		if(($r[0]['account_roles'] & ACCOUNT_ROLE_ALLOWCODE) || ($r[0]['channel_pageflags'] & PAGE_ALLOWCODE)) {
-			if(local_channel() && (get_account_id() == $r[0]['account_id'])) {
-				return $s;
-			}
-		}
+	if(($r) && (local_channel() == $channel_id) && ($r[0]['channel_pageflags'] & PAGE_ALLOWCODE)) {
+		return $s;
 	}
 
 	if($type === 'text/html')
@@ -1795,23 +1791,9 @@ function mimetype_select($channel_id, $current = 'text/bbcode') {
 	);
 
 
-	if(App::$is_sys) {
+	if((App::$is_sys) || (channel_codeallowed($channel_id) && $channel_id == local_channel())){
 		$x[] = 'application/x-php';
 	}
-	else {
-		$r = q("select account_id, account_roles, channel_pageflags from account left join channel on account_id = channel_account_id where
-			channel_id = %d limit 1",
-			intval($channel_id)
-		);
-
-		if($r) {
-			if(($r[0]['account_roles'] & ACCOUNT_ROLE_ALLOWCODE) || ($r[0]['channel_pageflags'] & PAGE_ALLOWCODE)) {
-				if(local_channel() && get_account_id() == $r[0]['account_id']) {
-					$x[] = 'application/x-php';
-				}
-			}
-		}
-	}
 
 	foreach($x as $y) {
 		$selected = (($y == $current) ? ' selected="selected" ' : '');