aboutsummaryrefslogtreecommitdiffstats
path: root/boot.php
diff options
context:
space:
mode:
authorfriendica <info@friendica.com>2013-08-11 16:56:06 -0700
committerfriendica <info@friendica.com>2013-08-11 16:56:06 -0700
commitd7a9db10881b8d9de1b5f7e2a2dfae3df396fb45 (patch)
tree1687d18e67706b14acc31d38cfabcf39e5bbc501 /boot.php
parent5aa508dba77ed69e1aa8810623e75d15ad15c2ad (diff)
downloadvolse-hubzilla-d7a9db10881b8d9de1b5f7e2a2dfae3df396fb45.tar.gz
volse-hubzilla-d7a9db10881b8d9de1b5f7e2a2dfae3df396fb45.tar.bz2
volse-hubzilla-d7a9db10881b8d9de1b5f7e2a2dfae3df396fb45.zip
important bits we need to allow php executable content. These must be explicitly allowed - but only if the account has ACCOUNT_ROLE_ALLOWCODE and *only* for web pages and profile fields. This content cannot be transmitted to other sites.
Diffstat (limited to 'boot.php')
-rwxr-xr-xboot.php4
1 files changed, 2 insertions, 2 deletions
diff --git a/boot.php b/boot.php
index 4868046c6..1fd0d2172 100755
--- a/boot.php
+++ b/boot.php
@@ -434,8 +434,8 @@ define ( 'ACCOUNT_PENDING', 0x0010 );
* Account roles
*/
-define ( 'ACCOUNT_ROLE_ADMIN', 0x1000 );
-
+define ( 'ACCOUNT_ROLE_ADMIN', 0x1000 );
+define ( 'ACCOUNT_ROLE_ALLOWCODE', 0x0001 );
/**
* Item visibility