On Thu, Feb 16, 2012 at 10:37 PM, Marc Guay <marc.guay@xxxxxxxxx> wrote: >> It shouldn't be that hard to parse this type of expressions. > > I appreciate your concern, and will do my best to validate the input, > but there are two things: > > 1) The application will only be used by selected users. > and Even selected users can not be trusted, or it could be 'by accident', though that seems unlikely. > 2) The range of possibilities are broader than I indicated. They > would like to be able to enter conditions of all sorts. i.e. > > ($x / $y) > 0.5 > (($a+$b+$c) / $d) < .75 > > etc. > > If you have any suggestions on how to increase the security while > maintaning the flexibility, I'd be happy to hear it. > > Marc A simple recursive PHP parser would work. You can find an example here[1], though it handles probably more than you would like. - Matijn [1] http://aragon-online.net/forums/showthread.php?t=530 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
