[Seaside] Evaluate expression
andres at lifia.info.unlp.edu.ar
Thu Aug 23 13:36:54 UTC 2007
as Lukas said it is dangerous to evaluate any expression that a
user may enter in an input field. I can suggest two approaches that may
1. If the expressions are simple, you can use a regular expression
matcher to make sure the input matches some predefined set of valid
expressions (In VW there is the regex11 parcel).
2. Use something like SmaCC to generate a parser and "objectify" the
expression. Then you can be confident that the expression is well formed
and you can just send it a message like #eval.
Lukas Renggli escribió:
>> In ruby i can write something like that: Sheet.eval("expression goes
>> there") and
>> define method method_missing to parse calls to sheet cells.
> Compiler evaluate: 'expression goes there'
>> Can somebody say me how to make such things work in smalltalk?
> The inspector (WAInspector) in the Halos also demonstrates it.
> Don't use this for strings you receive from unknown sources through
> the web. This is dangerous and people can do nasty things to your
> image and machine ...
More information about the seaside