sure, try to hook it in with rg1024's new parser system so we could test it out, why not.
Jon On Thu, Feb 23, 2012 at 10:57 AM, Bassel Safadi <[email protected]> wrote: > eval is too dangerous unless we exclude every single bad script. using the > php parser that is written in php will enable us to to create parser trees > which will help aiki to understand what the custom php script written by the > user is trying to do > > > -- > Bassel Safadi | http://bassel.ws > Skype: i.know.sy | Global: +1-323-545-3855 > > > On Thu, Feb 23, 2012 at 3:09 AM, Jon Phillips <[email protected]> wrote: >> >> Might as well just allow an eval() then for php code in a widget, but >> I think we should allow for selection of a markup per-widget, so we >> can have more specific control over this. I still want to think thru, >> what are the real security considerations for just allowing php? >> >> Jon >> >> On Thu, Feb 23, 2012 at 8:10 AM, Bassel Safadi <[email protected]> >> wrote: >> > here is a cool project https://github.com/nikic/PHP-Parser >> > we can get inspired or use this for aiki markup. we should just >> > allow peaceful php code to be excuted inside the widgets instead of >> > inventing new markup. it's easier to just write php. >> > >> > -- >> > Bassel Safadi | http://bassel.ws >> > Skype: i.know.sy | Global: +1-323-545-3855 >> >> >> >> -- >> Jon Phillips 王✳爻气 http://fabricatorz.com ✳ skype: kidproto ✳ irc: rejon >> +1.415.830.3884 (global) ✳ +86-187-1003-9974 (beijing) > > -- Jon Phillips 王✳爻气 http://fabricatorz.com ✳ skype: kidproto ✳ irc: rejon +1.415.830.3884 (global) ✳ +86-187-1003-9974 (beijing) _______________________________________________ Mailing list: https://launchpad.net/~aikiframework-devel Post to : [email protected] Unsubscribe : https://launchpad.net/~aikiframework-devel More help : https://help.launchpad.net/ListHelp
