diff options
author | friendica <redmatrix@redmatrix.me> | 2015-04-08 23:05:36 -0700 |
---|---|---|
committer | friendica <redmatrix@redmatrix.me> | 2015-04-08 23:05:36 -0700 |
commit | 7bec4b313a7a553e6df3e24289cf894f3d70a94e (patch) | |
tree | ab5050089f10ca739c89d2794b1c50816cfba79a | |
parent | 184f8d42eac7ee05828297f88cccac59f0cb5895 (diff) | |
download | volse-hubzilla-7bec4b313a7a553e6df3e24289cf894f3d70a94e.tar.gz volse-hubzilla-7bec4b313a7a553e6df3e24289cf894f3d70a94e.tar.bz2 volse-hubzilla-7bec4b313a7a553e6df3e24289cf894f3d70a94e.zip |
system channel always has allow_code privileges
-rw-r--r-- | include/text.php | 25 | ||||
-rw-r--r-- | mod/webpages.php | 2 |
2 files changed, 20 insertions, 7 deletions
diff --git a/include/text.php b/include/text.php index fefe67c4e..1f383d8b3 100644 --- a/include/text.php +++ b/include/text.php @@ -101,12 +101,18 @@ function z_input_filter($channel_id,$s,$type = 'text/bbcode') { $r = q("select account_id, account_roles, channel_pageflags from account left join channel on channel_account_id = account_id where channel_id = %d limit 1", intval($channel_id) ); - if($r && (($r[0]['account_roles'] & ACCOUNT_ROLE_ALLOWCODE) || ($r[0]['channel_pageflags'] & PAGE_ALLOWCODE))) { - if(local_channel() && (get_account_id() == $r[0]['account_id'])) { + if($r) { + if($r[0]['channel_pageflags'] & PAGE_SYSTEM) { return $s; } + else { + if(($r[0]['account_roles'] & ACCOUNT_ROLE_ALLOWCODE) || ($r[0]['channel_pageflags'] & PAGE_ALLOWCODE)) { + if(local_channel() && (get_account_id() == $r[0]['account_id'])) { + return $s; + } + } + } } - if($type === 'text/html') return purify_html($s); @@ -1618,10 +1624,17 @@ function mimetype_select($channel_id, $current = 'text/bbcode') { ); if($r) { - if(($r[0]['account_roles'] & ACCOUNT_ROLE_ALLOWCODE) || ($r[0]['channel_pageflags'] & PAGE_ALLOWCODE)) { - if(local_channel() && get_account_id() == $r[0]['account_id']) - $x[] = 'application/x-php'; + if($r[0]['channel_pageflags'] & PAGE_SYSTEM) { + $x[] = 'application/x-php'; } + else { + if(($r[0]['account_roles'] & ACCOUNT_ROLE_ALLOWCODE) || ($r[0]['channel_pageflags'] & PAGE_ALLOWCODE)) { + if(local_channel() && get_account_id() == $r[0]['account_id']) { + $x[] = 'application/x-php'; + } + } + } + } $o = t('Page content type: '); diff --git a/mod/webpages.php b/mod/webpages.php index a2a0ebf7b..c5fdda89b 100644 --- a/mod/webpages.php +++ b/mod/webpages.php @@ -68,7 +68,7 @@ function webpages_content(&$a) { return; } - if(feature_enabled($owner,'expert')) { + if(feature_enabled($owner,'expert') || $a->is_sys) { $mimetype = (($_REQUEST['mimetype']) ? $_REQUEST['mimetype'] : get_pconfig($owner,'system','page_mimetype')); if(! $mimetype) $mimetype = 'choose'; |