Hi,
I'm tinkering with the idea of providing a client of mine with the ability to edit pages, using erb. I've setup a couple of nice helpers and things actually work surprisingly well. I'm using render_to_string mainly.
Questions:
Does this seem totally insane, even if my client and I are the only onces editing the pages?
Is it possible to limit what classes and methods are called within a template?
Does anyone know of a set of regexp's that would filter out nasty things like bacticks etc.?
Thank you!
Matt