From 56e408f4679862a0d7d9d8fa46a1875f2cbf3574 Mon Sep 17 00:00:00 2001
From: friendica <info@friendica.com>
Date: Mon, 2 Sep 2013 16:29:52 -0700
Subject: pass execflag - Working for preview but not yet executing on page
 render

---
 mod/item.php | 20 +++++++++++++++++++-
 1 file changed, 19 insertions(+), 1 deletion(-)

(limited to 'mod/item.php')

diff --git a/mod/item.php b/mod/item.php
index ce484999b..56fdda887 100644
--- a/mod/item.php
+++ b/mod/item.php
@@ -320,6 +320,24 @@ function item_post(&$a) {
 		$body = z_input_filter($profile_uid,$body,$mimetype);
 	}
 
+	$execflag = false;
+
+	if($mimetype === 'application/x-php') {
+		$z = q("select account_id, account_roles from account left join channel on channel_account_id = account_id where channel_id = %d limit 1",
+			intval($profile_uid)
+		);
+		if($z && ($z[0]['account_roles'] & ACCOUNT_ROLE_ALLOWCODE)) {
+			if(local_user() && (get_account_id() == $z[0]['account_id'])) {
+				$execflag = true;
+			}
+			else {
+				notice( t('Executable content type not permitted to this channel.') . EOL);
+				if(x($_REQUEST,'return')) 
+					goaway($a->get_baseurl() . "/" . $return_path );
+				killme();
+			}
+		}
+	}
 
 	if($mimetype === 'text/bbcode') {
 
@@ -655,7 +673,7 @@ function item_post(&$a) {
 		$post_id = 0;
 
 
-	$post_id = item_store($datarray);
+	$post_id = item_store($datarray,$execflag);
 
 	if($post_id) {
 		logger('mod_item: saved item ' . $post_id);
-- 
cgit v1.2.3