[development] security: people can no longer "administer" blocks.
drumm at delocalizedham.com
Thu Jan 5 20:53:55 UTC 2006
Bèr Kessels wrote:
> The reason is simple: PHP input.
> It is too late, sorry for that, but I only realize this now. allowing users
> to paste PHP is a security issue, a severe one.
I assume this is the PHP associated with block visibility. I'd
definately like to see that go away. I might have a chance to code up my
ideas after 4.7 is out, but I'm not going to touch it until then.
More information about the development