summaryrefslogtreecommitdiff
path: root/app/Report/ReportParserGenerate.php
diff options
context:
space:
mode:
authorGreg Roach <fisharebest@webtrees.net>2018-07-27 12:26:34 +0100
committerGreg Roach <fisharebest@webtrees.net>2018-07-27 12:26:34 +0100
commit5809450f8c7aee50cbf34aa45eb24752d4ec0285 (patch)
tree749f9e74e7a3deca749ed0c4d39d81b636710663 /app/Report/ReportParserGenerate.php
parentb646d0aa207ec67f8385350355eef400d32cbaec (diff)
downloadwebtrees-5809450f8c7aee50cbf34aa45eb24752d4ec0285.tar.gz
webtrees-5809450f8c7aee50cbf34aa45eb24752d4ec0285.tar.bz2
webtrees-5809450f8c7aee50cbf34aa45eb24752d4ec0285.zip
eval() is evil
Diffstat (limited to 'app/Report/ReportParserGenerate.php')
-rw-r--r--app/Report/ReportParserGenerate.php5
1 files changed, 4 insertions, 1 deletions
diff --git a/app/Report/ReportParserGenerate.php b/app/Report/ReportParserGenerate.php
index aafba9a302..389b60cfac 100644
--- a/app/Report/ReportParserGenerate.php
+++ b/app/Report/ReportParserGenerate.php
@@ -31,6 +31,7 @@ use Fisharebest\Webtrees\Media;
use Fisharebest\Webtrees\Note;
use Fisharebest\Webtrees\Place;
use Fisharebest\Webtrees\Tree;
+use Symfony\Component\ExpressionLanguage\ExpressionLanguage;
/**
* Class ReportParserGenerate - parse a report.xml file and generate the report.
@@ -1496,7 +1497,9 @@ class ReportParserGenerate extends ReportParserBase
$condition = str_replace("@$id", $value, $condition);
$i++;
}
- $ret = eval("return (bool) ($condition);");
+
+ $ret = (new ExpressionLanguage)->evaluate($condition);
+
if (!$ret) {
$this->process_ifs++;
}