Fairly new to elixir and phoenix, but am really enjoying how it all fits together. I have a question about templates, is there a way to run a render function from a string rather than a file? Say I have a string that includes <%= function_call() %> and have it generate the html that I can send to another render function that uses a template?
Obviously this would have security issues, because I would be taking strings from a database that I entered into an admin input, and if someone got access they could do a <%= destroy_database() %> like command. So a second question is can I limit the modules that can be called from a template? Then the template would only be able to run functions I have supplied.
So two questions, can I limit modules to a template, and can I generate code from a string from a database rather than a template, and also limit modules to that string?
If not I think it would be a nice feature if security issues are sorted out.