projects
/
kivitendo-erp.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Framework für after/before-Hooks bei load/save/delete
[kivitendo-erp.git]
/
SL
/
Form.pm
diff --git
a/SL/Form.pm
b/SL/Form.pm
index
4db9e4b
..
582d2af
100644
(file)
--- a/
SL/Form.pm
+++ b/
SL/Form.pm
@@
-1172,17
+1172,12
@@
sub parse_amount {
}
$amount =~ s/,//g;
}
$amount =~ s/,//g;
- # make shure no code wich is not a math expression ends in eval()
-
- $amount =~ s/\s//g;
-
- unless($amount =~ /^[-\+]?\d+\.?\d*([-\+\*\/][-\+]?\d+\.?\d*)*$/){
- return 0;
- }
$main::lxdebug->leave_sub(2);
$main::lxdebug->leave_sub(2);
- return (eval $amount) * 1 ;
+ # Make sure no code wich is not a math expression ends up in eval().
+ return 0 unless $amount =~ /^ [\s \d \( \) \- \+ \* \/ \. ]* $/x;
+ return scalar(eval($amount)) * 1 ;
}
sub round_amount {
}
sub round_amount {