diff options
| author | Greg Roach <fisharebest@webtrees.net> | 2018-07-27 12:26:34 +0100 |
|---|---|---|
| committer | Greg Roach <fisharebest@webtrees.net> | 2018-07-27 12:26:34 +0100 |
| commit | 5809450f8c7aee50cbf34aa45eb24752d4ec0285 (patch) | |
| tree | 749f9e74e7a3deca749ed0c4d39d81b636710663 /app/Report/ReportParserGenerate.php | |
| parent | b646d0aa207ec67f8385350355eef400d32cbaec (diff) | |
| download | webtrees-5809450f8c7aee50cbf34aa45eb24752d4ec0285.tar.gz webtrees-5809450f8c7aee50cbf34aa45eb24752d4ec0285.tar.bz2 webtrees-5809450f8c7aee50cbf34aa45eb24752d4ec0285.zip | |
eval() is evil
Diffstat (limited to 'app/Report/ReportParserGenerate.php')
| -rw-r--r-- | app/Report/ReportParserGenerate.php | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/app/Report/ReportParserGenerate.php b/app/Report/ReportParserGenerate.php index aafba9a302..389b60cfac 100644 --- a/app/Report/ReportParserGenerate.php +++ b/app/Report/ReportParserGenerate.php @@ -31,6 +31,7 @@ use Fisharebest\Webtrees\Media; use Fisharebest\Webtrees\Note; use Fisharebest\Webtrees\Place; use Fisharebest\Webtrees\Tree; +use Symfony\Component\ExpressionLanguage\ExpressionLanguage; /** * Class ReportParserGenerate - parse a report.xml file and generate the report. @@ -1496,7 +1497,9 @@ class ReportParserGenerate extends ReportParserBase $condition = str_replace("@$id", $value, $condition); $i++; } - $ret = eval("return (bool) ($condition);"); + + $ret = (new ExpressionLanguage)->evaluate($condition); + if (!$ret) { $this->process_ifs++; } |
