[drupal-devel] Let's accept more interim solutions
gabor at hojtsy.hu
Wed Apr 27 20:11:25 UTC 2005
This only works, if you provide a layer of parsing on top of the Drupal
API. Look what bbcode does, to prevent you from doing HTML mistakes. If
you made a bbcode mistake, it will show up in the output, but will not
break the whole HTML page. If you provide a layer to protect Drupal from
the user, the user will be safe. Otherwise, he will easily break the
whole system, and will have a very hard time to recover (get to know
that what is broken, remove broken code from database/file system, etc).
But, providing a layer is not a simple task, if you are about to help
people edit themes, or even modules as you suggested. Smarty is a layer
of this kind, which shows you how complex it gets. Plus then the user
needs to learn to use that syntax, instead of properly learning PHP,
with hand editing stuff around the file system, which needs a bit more
time in the first place, but then gives tremendously more power at the end.
> I'm terribly confused by what you mean... are you against this feature
> because it's "dangerous"?
> Perhaps we could provide better safeguards to prevent again "breaking
> the whole thing outright".
> I mean, if you don't like this idea, what kind of alternatives might
> you suggest?
>>And break the whole thing outright quite easily. If a single module is
>>broken, then all you receive is a blank page, or even worse an error
More information about the drupal-devel