neubert
Reputation: 16792
using laravel blade templates without php
I want to let people upload template files but I don't want them to be able to run PHP code (and looking at the blade docs it looks like people can). Any ideas? Or if I should be looking at another solution what would be a good one?
Thanks.
Upvotes: 0
Views: 530
Answers (1)
ceejayoz
Reputation: 180024
Blade is not a good solution for this - it's basically an alternative syntax for PHP.
Something like Twig is a better option - it doesn't allow raw PHP code, and you can additionally whitelist only specific functions/attributes/etc. in its sandbox mode. Users have access only to the stuff you want them to have.
Upvotes: 2
Related Questions
- Can I use blade templating engine (laravel) with symfony?
- Can I use the Blade templating engine outside of Laravel?
- The blade template engine can be used with codeigniter?
- Laravel's blade template
- Real php form of blade templates
- How to write PHP code inside of Laravel Blade template?
- Blade template vs plain php in Laravel
- Template System With Laravel
- Using Blade Laravel php template?
- Displaying Content with laravel template without blade