I noticed that the 6.x-2.x version allows an admin to execute php. Does the 7.x-1.x branch also have this feature?

I ask because of #2006500: block bueditor execute php feature.

Comments

ufku’s picture

ufku commented

Yes it does

greggles’s picture

greggles
he/him
Primary language English
Location Denver, Colorado, USA
commented

Which permission does it use?

ufku’s picture

ufku commented

'administer bueditor' which has 'restrict access' flag set to true

greggles’s picture

greggles
he/him
Primary language English
Location Denver, Colorado, USA
commented
Status: Active » Fixed

Great thanks.

In general, I'd say it would be great if there were a way to achieve the same goal without allowing users to execute PHP. On sites that use suhosin to disable execution of php this feature will fail to work.

greggles’s picture

greggles
he/him
Primary language English
Location Denver, Colorado, USA
commented

EDIT: On sites that use suhosin to disable execution of php via evail this feature will fail to work.

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.