Don't use builtin eval to compute the value, as it is definitively too

risky, and the result can be achieved with a TALES expression. git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@5760 20353a03-c40f-0410-a6d1-a30d3c3de9de

Don't use builtin eval to compute the value, as it is definitively too
risky, and the result can be achieved with a TALES expression. git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@5760 20353a03-c40f-0410-a6d1-a30d3c3de9de
b2e73525 · Jérome Perrin · ee99a292 · b2e73525
Commit b2e73525 authored Feb 20, 2006 by Jérome Perrin
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 9 deletions

product/ERP5Form/ListBox.py product/ERP5Form/ListBox.py +1 -9

No files found.
--- a/product/ERP5Form/ListBox.py
+++ b/product/ERP5Form/ListBox.py
@@ -708,15 +708,7 @@ class ListBoxWidget(Widget.Widget):
          for (k,v) in default_params:
            if REQUEST.form.has_key(k):
              params[k] = REQUEST.form[k]
-            elif not params.has_key(k):
+            params.setdefault(k, v)
-              # Probalby eval must be removed, we have tales
-              # expressions instead
-              try:
-                params[k] = eval(v)
-              except (ConflictError, RuntimeError):
-                raise
-              except:
-                params[k] = v
        # Allow overriding list_method, count_method and stat_method by params
        if params.has_key('list_method_id'):