View Issue Details

IDProjectCategoryView StatusLast Update
15286Bug reportsSecuritypublic2019-09-16 16:40
Reporterollehar Assigned To 
PrioritynoneSeverityminor 
Status newResolutionopen 
Product Version4.0.0-RC3 
Target Version4.0.0-RC4 
Summary15286: Don't use eval in JS
Description

We should probably discuss if eval is needed?

We also use it in PHP to create "dynamic" tables...

TagsNo tags attached.
Complete LimeSurvey version number (& build)latest
I will donate to the project if issue is resolvedNo
Browser-
Database & DB-Version-
Server OS (if known)-
Webserver software & version (if known)-
PHP Version-

Activities

DenisChenu

DenisChenu

2019-09-16 15:09

developer   ~53584

Yii use it for dynamic generation of cell data
https://www.yiiframework.com/doc/api/1.1/CComponent#evaluateExpression-detail
Used a lot on all gridview , you want to remove Yii grid ?

Same with Yii2 : https://www.yiiframework.com/doc/api/2.0/yii-grid-column#$content-detail

ollehar

ollehar

2019-09-16 15:28

administrator   ~53586

Can't find eval() in the Yii 2 link?

DenisChenu

DenisChenu

2019-09-16 15:49

developer   ~53587

Yes, you're right :).

But Yii2 still have https://www.yiiframework.com/doc/api/2.0/yiirequirementchecker#evaluateExpression()-detail , unsure where it used.

ollehar

ollehar

2019-09-16 16:40

administrator   ~53589

Bah.

Issue History

Date Modified Username Field Change
2019-09-16 14:46 ollehar New Issue
2019-09-16 15:09 DenisChenu Note Added: 53584
2019-09-16 15:28 ollehar Note Added: 53586
2019-09-16 15:49 DenisChenu Note Added: 53587
2019-09-16 16:40 ollehar Note Added: 53589