[development] security: people can no longer "administer" blocks.

Neil Drumm drumm at delocalizedham.com
Thu Jan 5 20:53:55 UTC 2006

Bèr Kessels wrote:
> The reason is simple: PHP input. 
> It is too late, sorry for that, but I only realize this now[1]. allowing users 
> to paste PHP is a security issue, a severe one. 

I assume this is the PHP associated with block visibility. I'd 
definately like to see that go away. I might have a chance to code up my 
ideas after 4.7 is out, but I'm not going to touch it until then.

Neil Drumm

More information about the development mailing list