commenting out if expression branch in template parser pending rewrite in 1.3

git-svn-id: https://ledger-smb.svn.sourceforge.net/svnroot/ledger-smb/branches/1.2@846 4979c152-3d1c-0410-bac9-87ea11338e46
author: einhverfr <einhverfr@4979c152-3d1c-0410-bac9-87ea11338e46> 2007-03-05 00:53:54 +0000
committer: einhverfr <einhverfr@4979c152-3d1c-0410-bac9-87ea11338e46> 2007-03-05 00:53:54 +0000
commit: bec9f48a02fad545ed9af677182fa2a8bf78bbbe (patch)
tree: ada5fdd064e9166f575ac0c33e4b8bfc881f5b93 /LedgerSMB/Form.pm
parent: 46094fc8b565875cde623d5da9a13f78fdd95965 (diff)
1 files changed, 11 insertions, 8 deletions
diff --git a/LedgerSMB/Form.pm b/LedgerSMB/Form.pm
index af8deae5..7c4cdc23 100755
--- a/LedgerSMB/Form.pm
+++ b/LedgerSMB/Form.pm
@@ -760,15 +760,18 @@ sub parse_template {
 			chop;
 			s/.*?<\?lsmb if (.+?) \?>/$1/;
 
-			if (/\s/) {
-				@args = split;
-				if ($args[1] !~ /^(==|eq|>|gt|>|lt|>=|ge|le|<=|ne|!=)$/){
-					$self->error("Unknown/forbidden operator");
-				}
-				$ok = eval "$self->{$args[0]} $args[1] $args[2]";
-			} else {
+			# commenting this out for security reasons.  If needed,
+			# please uncomment.  Functionality below will be in 1.3
+			# Chris Travers
+			#if (/\s/) {
+			#	@args = split;
+			#	if ($args[1] !~ /^(==|eq|>|gt|>|lt|>=|ge|le|<=|ne|!=)$/){
+			#		$self->error("Unknown/forbidden operator");
+			#	}
+			#	$ok = eval "$self->{$args[0]} $args[1] $args[2]";
+			#} else {
 				$ok = $self->{$_};
-			}
+			#}
 
 			if ($ok) {
 				while ($_ = shift) {
author	einhverfr <einhverfr@4979c152-3d1c-0410-bac9-87ea11338e46>	2007-03-05 00:53:54 +0000
committer	einhverfr <einhverfr@4979c152-3d1c-0410-bac9-87ea11338e46>	2007-03-05 00:53:54 +0000
commit	bec9f48a02fad545ed9af677182fa2a8bf78bbbe (patch)
tree	ada5fdd064e9166f575ac0c33e4b8bfc881f5b93 /LedgerSMB/Form.pm
parent	46094fc8b565875cde623d5da9a13f78fdd95965 (diff)