Even will be not so simple to do, the same as php parser because php
code can be slit onto separated <? tags like this:
<?php for($i=0; $i<100; ++$i) { ?>
<li><?=$i ?></li>
<?php } ?>
(I don't know if that parser handle php tags)
and you can't just eval it, you need to construct the code that you
will eval or the only way to actually evaluate that code as it is, is
to include it in other code and intercept output.
On Thu, 23 Feb 2012 09:09:00 +0800
Jon Phillips <j...@fabricatorz.com> wrote:
> Might as well just allow an eval() then for php code in a widget, but
> I think we should allow for selection of a markup per-widget, so we
> can have more specific control over this. I still want to think thru,
> what are the real security considerations for just allowing php?
>
> Jon
>
> On Thu, Feb 23, 2012 at 8:10 AM, Bassel Safadi
> <bassel.saf...@gmail.com> wrote:
> > here is a cool project https://github.com/nikic/PHP-Parser
> > we can get inspired or use this for aiki markup. we should just
> > allow peaceful php code to be excuted inside the widgets instead of
> > inventing new markup. it's easier to just write php.
> >
> > --
> > Bassel Safadi | http://bassel.ws
> > Skype: i.know.sy | Global: +1-323-545-3855
>
>
>
--
Jakub Jankiewicz
twitter: @jcubic
www: http://jcubic.pl
_______________________________________________
Mailing list: https://launchpad.net/~aikiframework-devel
Post to : aikiframework-devel@lists.launchpad.net
Unsubscribe : https://launchpad.net/~aikiframework-devel
More help : https://help.launchpad.net/ListHelp
