diff options
Diffstat (limited to 'Zotlabs/Module/Item.php')
| -rw-r--r-- | Zotlabs/Module/Item.php | 40 |
1 files changed, 5 insertions, 35 deletions
diff --git a/Zotlabs/Module/Item.php b/Zotlabs/Module/Item.php index 4725ecb38..71f410b2a 100644 --- a/Zotlabs/Module/Item.php +++ b/Zotlabs/Module/Item.php @@ -471,34 +471,16 @@ class Item extends \Zotlabs\Web\Controller { if(! $mimetype) $mimetype = 'text/bbcode'; + + $execflag = ((intval($uid) == intval($profile_uid) + && ($channel['channel_pageflags'] & PAGE_ALLOWCODE)) ? true : false); + if($preview) { - $body = z_input_filter($profile_uid,$body,$mimetype); + $body = z_input_filter($body,$mimetype,$execflag); } - // Verify ability to use html or php!!! - $execflag = false; - - if($mimetype !== 'text/bbcode') { - $z = q("select account_id, account_roles, channel_pageflags from account left join channel on channel_account_id = account_id where channel_id = %d limit 1", - intval($profile_uid) - ); - if($z && (($z[0]['account_roles'] & ACCOUNT_ROLE_ALLOWCODE) || ($z[0]['channel_pageflags'] & PAGE_ALLOWCODE))) { - if($uid && (get_account_id() == $z[0]['account_id'])) { - $execflag = true; - } - else { - notice( t('Executable content type not permitted to this channel.') . EOL); - if($api_source) - return ( [ 'success' => false, 'message' => 'forbidden content type' ] ); - if(x($_REQUEST,'return')) - goaway(z_root() . "/" . $return_path ); - killme(); - } - } - } - $gacl = $acl->get(); $str_contact_allow = $gacl['allow_cid']; $str_group_allow = $gacl['allow_gid']; @@ -862,18 +844,6 @@ class Item extends \Zotlabs\Web\Controller { if(mb_strlen($datarray['title']) > 255) $datarray['title'] = mb_substr($datarray['title'],0,255); - if(array_key_exists('item_private',$datarray) && $datarray['item_private']) { - - $datarray['body'] = trim(z_input_filter($datarray['uid'],$datarray['body'],$datarray['mimetype'])); - - if($uid) { - if($channel['channel_hash'] === $datarray['author_xchan']) { - $datarray['sig'] = base64url_encode(rsa_sign($datarray['body'],$channel['channel_prvkey'])); - $datarray['item_verified'] = 1; - } - } - } - if($webpage) { Zlib\IConfig::Set($datarray,'system', webpage_to_namespace($webpage), (($pagetitle) ? $pagetitle : substr($datarray['mid'],0,16)),true); |