The app also has a scripting language for the *end user*. I was thinking if I could expose a very simple subset of PHP to them (foreach, if-then-else, variable assignments and comments) and then simply "eval" it. But I don't want them to use calls like system or do infinite loops etc. that will screw up the system.
I was thinking if I had a PHPparser that returns tokens, then I can eliminate the call to unwanted funtions, etc.
Any ideas on how I should proceed?
Thanks.
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
