Furry stuff, oekaki stuff, and other stuff.
You are not logged in.
I'm sort of concerned that the notice and banner allow PHP to be used. Is there any sort of security risk in this? I'm worried that an admin could add PHP to exploit my site through this. Obviously, we should pick our admins carefully, but I'd still like to know if Wacintaki has any safeguards for this.
Offline
If you trust your admins, there's not much to worry about. However, I did include a new hack to disable PHP code in the notice, banner, and rules. This will be part of 1.3.0. I'm not sure I want to add yet another Control Panel option, so this requires the hacks file to be updated.
I have a patch for 1.2.5 here.
Offline