better handling of mimetype security

Zotlabs/Lib/System.php

@@ -54,8 +54,6 @@ class System {
 		return 'https://github.com/redmatrix/hubzilla';
 	}
 
-
-
 	static public function get_server_role() {
 		return 'pro';
 	}

Zotlabs/Module/Editwebpage.php

@@ -130,8 +130,6 @@ class Editwebpage extends \Zotlabs\Web\Controller {
 	
 		$layout = $itm[0]['layout_mid'];
 	
-		$tpl = get_markup_template("jot.tpl");
-
 		$rp = 'webpages/' . $which;
 
 		$x = array(

Zotlabs/Module/Item.php

@@ -480,23 +480,14 @@ class Item extends \Zotlabs\Web\Controller {
 	
 		$execflag = false;
 	
-		if($mimetype !== 'text/bbcode') {
+		$z = q("select account_id, account_roles, channel_pageflags from account left join channel on channel_account_id = account_id 
-			$z = q("select account_id, account_roles, channel_pageflags from account left join channel on channel_account_id = account_id where channel_id = %d limit 1",
+			where channel_id = %d limit 1",
 			intval($profile_uid)
 		);
 		if($z && (($z[0]['account_roles'] & ACCOUNT_ROLE_ALLOWCODE) || ($z[0]['channel_pageflags'] & PAGE_ALLOWCODE))) {
-				if($uid && (get_account_id() == $z[0]['account_id'])) {
+			if($uid && (intval(get_account_id()) == intval($z[0]['account_id']))) {
 				$execflag = true;
 			}
-				else {
-					notice( t('Executable content type not permitted to this channel.') . EOL);
-					if($api_source)
-						return ( [ 'success' => false, 'message' => 'forbidden content type' ] );	
-					if(x($_REQUEST,'return')) 
-						goaway(z_root() . "/" . $return_path );
-					killme();
-				}
-			}
 		}
 	
 		$gacl = $acl->get();