Security Check
Created by: dmorley
db/pull.php is open to the webserver/public, should be cli only. If we want podmins to have an "update" button that should be after they get a key and do that from their podmin area.
Are other files open that should not be?