good chemistry is complicated,
and a little bit messy -LW
Re: Test regex compileby SavannahLion (Pilgrim)
|on May 14, 2004 at 02:51 UTC
I'm just asking for two cents here, since I don't really know the full circumstances of this situation. But I'm writing because someone mentioned accepting regexs through a database.
In a worst case scenario, isn't this kind of asking for trouble? What if someone wanted to insert malicious code into this running script? Granted, I really don't know the full implications of using an Eval block to run unknown code, but wouldn't using Reval be a bit more desirable with something like this? I'm just thinking in terms of reducing the amount of risk present to a computer.
If I'm way off base here, I'd appreciate some clarification on this. Whenever I thought I had an excuse to use an Eval, I always found a much better way through refactoring. :)