diff options
author | einhverfr <einhverfr@4979c152-3d1c-0410-bac9-87ea11338e46> | 2007-03-05 00:53:54 +0000 |
---|---|---|
committer | einhverfr <einhverfr@4979c152-3d1c-0410-bac9-87ea11338e46> | 2007-03-05 00:53:54 +0000 |
commit | bec9f48a02fad545ed9af677182fa2a8bf78bbbe (patch) | |
tree | ada5fdd064e9166f575ac0c33e4b8bfc881f5b93 | |
parent | 46094fc8b565875cde623d5da9a13f78fdd95965 (diff) |
commenting out if expression branch in template parser pending rewrite in 1.3
git-svn-id: https://ledger-smb.svn.sourceforge.net/svnroot/ledger-smb/branches/1.2@846 4979c152-3d1c-0410-bac9-87ea11338e46
-rwxr-xr-x | LedgerSMB/Form.pm | 19 |
1 files changed, 11 insertions, 8 deletions
diff --git a/LedgerSMB/Form.pm b/LedgerSMB/Form.pm index af8deae5..7c4cdc23 100755 --- a/LedgerSMB/Form.pm +++ b/LedgerSMB/Form.pm @@ -760,15 +760,18 @@ sub parse_template { chop; s/.*?<\?lsmb if (.+?) \?>/$1/; - if (/\s/) { - @args = split; - if ($args[1] !~ /^(==|eq|>|gt|>|lt|>=|ge|le|<=|ne|!=)$/){ - $self->error("Unknown/forbidden operator"); - } - $ok = eval "$self->{$args[0]} $args[1] $args[2]"; - } else { + # commenting this out for security reasons. If needed, + # please uncomment. Functionality below will be in 1.3 + # Chris Travers + #if (/\s/) { + # @args = split; + # if ($args[1] !~ /^(==|eq|>|gt|>|lt|>=|ge|le|<=|ne|!=)$/){ + # $self->error("Unknown/forbidden operator"); + # } + # $ok = eval "$self->{$args[0]} $args[1] $args[2]"; + #} else { $ok = $self->{$_}; - } + #} if ($ok) { while ($_ = shift) { |