Is it possible to execute code within a post ?

[#12345]

Hi all,
First, sorry for my poor language's quality, english is not my first language ...

Well, I know that had been asked two years ago here, but I want to have an answer that hadn't been given ...
So, there's a code editor option in XenForo's forums :

In Java, by example it gives :

class HelloWorld {
    public static void main(String[] args) {
        System.out.println("Hello, World!");
    }
}

But, is it possible to compile that code, like in a code editor, to have something like that :

Hello, World!

Thanks by advance for your answers !!

 

[briansol]

The code bbcode is for displaying code in a space-preserved syntax/highlighting. It does not execute.

You don't want it to execute.

 

[#12345]

The code bbcode is for displaying code in a space-preserved syntax/highlighting. It does not execute.

You don't want it to execute.

Ok, thanks for your answer !!
It loses a few interest in my mind now ...

 

[MySiteGuy]

Being able to execute code in a post would be a dangerous security problem. Any software that allows such a thing is not something anyone who cares about the security of their system would want installed on their server.

 

[#12345]

Being able to execute code in a post would be a dangerous security problem.

You'll surely think I'm dumb but I don't see how .... But that's XenForo decided and we can't change it

Thanks both .. this subject can be closed

 

[briansol]

you can change it with an addon.

If you're thinking about creating something like stackoverflow or jsfiddle with inline execution, you can make an addon call an iframe in a similar fashion and host the code externally via that iframe domain.

anything is possible, but it's not standard out of the box.

 

[MySiteGuy]

You'll surely think I'm dumb but I don't see how .... But that's XenForo decided and we can't change it

Thanks both .. this subject can be closed

No, I do not think you are dumb. I do think you are either naïve or ignorant about good security practices.

Someone putting code in a post could allow them access to the database, private email addresses, and password hashes. Even if it's only client side code like Javascript, it could be used for cookie hi-jacking.

 

[Kirby]

You'll surely think I'm dumb but I don't see how ....

Don't you think executing the following PHP code in XenForo context would be somewhat ... destructive?

\XF::db()->query('DROP TABLE xf_post');

 

[Paul B]

 

[#12345]

Ok, many thanks to all, especially @MySiteGuy I wasn't considering this aspect .... Now I better understand why XenForo choosed to prohibit that ....

@briansol : I expected more something like Jupyter Notebook, with compilators directly in the thread ..