Hi, The config file for ZF form seems to be a great way to allow untrusted users to upload their forms. It just seems a bit too powerful for that :)
Any idea what are the things I should disallow on such uploaded forms? E.g. - setting paths: addElementPrefixPath, addPrefixPath - accessing functions: Zend_Validate_Callback - accessing the db: Db_RecordExists and Db_NoRecordExists Thx. SWK -- View this message in context: http://www.nabble.com/external-or-untrusted-authors-for-zend-form-config-tp25799496p25799496.html Sent from the Zend Framework mailing list archive at Nabble.com.