Signing all database PHP code

From version 10.0, for security purposes any PHP code that is stored in the database and can be manipulated via the user interface must be signed using a command line utility. This is to prevent system compromise by a user that has gained administrator access.

Signing is done by executing the following:

php {path to resourcespace}/pages/tools/resign_all_code.php

This will need to be executed after changes to the following properties:

  • Resource type field - "Value filter"
  • Resource type field - "On change macro"
  • Resource type field - "Autocomplete macro"
  • Resource type field - "Exiftool filter"
  • Resource type - "Config options"
  • User group - "Config options"