aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs/Module/Editwebpage.php
diff options
context:
space:
mode:
Diffstat (limited to 'Zotlabs/Module/Editwebpage.php')
-rw-r--r--Zotlabs/Module/Editwebpage.php13
1 files changed, 4 insertions, 9 deletions
diff --git a/Zotlabs/Module/Editwebpage.php b/Zotlabs/Module/Editwebpage.php
index 03b2aeab9..db33cd1db 100644
--- a/Zotlabs/Module/Editwebpage.php
+++ b/Zotlabs/Module/Editwebpage.php
@@ -100,19 +100,14 @@ class Editwebpage extends \Zotlabs\Web\Controller {
intval($owner)
);
- if(! $itm) {
+ // don't allow web editing of potentially binary content (item_obscured = 1)
+ // @FIXME how do we do it instead?
+
+ if((! $itm) || intval($itm[0]['item_obscured'])) {
notice( t('Permission denied.') . EOL);
return;
}
- if(intval($itm[0]['item_obscured'])) {
- $key = get_config('system','prvkey');
- if($itm[0]['title'])
- $itm[0]['title'] = crypto_unencapsulate(json_decode($itm[0]['title'],true),$key);
- if($itm[0]['body'])
- $itm[0]['body'] = crypto_unencapsulate(json_decode($itm[0]['body'],true),$key);
- }
-
$item_id = q("select * from iconfig where cat = 'system' and k = 'WEBPAGE' and iid = %d limit 1",
intval($itm[0]['id'])
);
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-18 16:26:09 +0000