[Seaside] Evaluate expression
Andres Fortier
andres at lifia.info.unlp.edu.ar
Thu Aug 23 13:36:54 UTC 2007
Hi Oleg,
as Lukas said it is dangerous to evaluate any expression that a
user may enter in an input field. I can suggest two approaches that may
help you:
1. If the expressions are simple, you can use a regular expression
matcher to make sure the input matches some predefined set of valid
expressions (In VW there is the regex11 parcel).
2. Use something like SmaCC to generate a parser and "objectify" the
expression. Then you can be confident that the expression is well formed
and you can just send it a message like #eval.
HTH,
Andrés
Lukas Renggli escribió:
>> In ruby i can write something like that: Sheet.eval("expression goes
>> there") and
>> define method method_missing to parse calls to sheet cells.
>
> Compiler evaluate: 'expression goes there'
>
>> Can somebody say me how to make such things work in smalltalk?
>
> The inspector (WAInspector) in the Halos also demonstrates it.
>
> Don't use this for strings you receive from unknown sources through
> the web. This is dangerous and people can do nasty things to your
> image and machine ...
>
> Lukas
>
More information about the seaside
mailing list