[drupal-devel] Let's accept more interim solutions

Gabor Hojtsy gabor at hojtsy.hu
Wed Apr 27 20:11:25 UTC 2005

This only works, if you provide a layer of parsing on top of the Drupal 
API. Look what bbcode does, to prevent you from doing HTML mistakes. If 
you made a bbcode mistake, it will show up in the output, but will not 
break the whole HTML page. If you provide a layer to protect Drupal from 
the user, the user will be safe. Otherwise, he will easily break the 
whole system, and will have a very hard time to recover (get to know 
that what is broken, remove broken code from database/file system, etc).

But, providing a layer is not a simple task, if you are about to help 
people edit themes, or even modules as you suggested. Smarty is a layer 
of this kind, which shows you how complex it gets. Plus then the user 
needs to learn to use that syntax, instead of properly learning PHP, 
with hand editing stuff around the file system, which needs a bit more 
time in the first place, but then gives tremendously more power at the end.


> I'm terribly confused by what you mean... are you against this feature
> because it's "dangerous"?
> Perhaps we could provide better safeguards to prevent again "breaking
> the whole thing outright".
> I mean, if you don't like this idea, what kind of alternatives might
> you suggest?
>>And break the whole thing outright quite easily. If a single module is
>>broken, then all you receive is a blank page, or even worse an error

More information about the drupal-devel mailing list