[Seaside] Evaluate expression

Andres Fortier andres at lifia.info.unlp.edu.ar
Thu Aug 23 13:36:54 UTC 2007

Hi Oleg,
         as Lukas said it is dangerous to evaluate any expression that a 
user may enter in an input field. I can suggest two approaches that may 
help you:

1. If the expressions are simple, you can use a regular expression 
matcher to make sure the input matches some predefined set of valid 
expressions (In VW there is the regex11 parcel).

2. Use something like SmaCC to generate a parser and "objectify" the 
expression. Then you can be confident that the expression is well formed 
and you can just send it a message like #eval.


Lukas Renggli escribió:
>> In ruby i can write something like that: Sheet.eval("expression goes
>> there") and
>> define method method_missing to parse calls to sheet cells.
> Compiler evaluate: 'expression goes there'
>> Can somebody say me how to make such things work in smalltalk?
> The inspector (WAInspector) in the Halos also demonstrates it.
> Don't use this for strings you receive from unknown sources through
> the web. This is dangerous and people can do nasty things to your
> image and machine ...
> Lukas

More information about the seaside mailing list