From ae3d4c2c0f541b17a02decb9872220b8121cf16d Mon Sep 17 00:00:00 2001 From: Moritz Bunkus Date: Tue, 17 May 2011 12:34:33 +0200 Subject: [PATCH] Berechnung in Zahlenfelder: Erlaubte Zeichen auf Klammern ausgeweitet --- SL/Form.pm | 11 +++-------- js/common.js | 2 +- 2 files changed, 4 insertions(+), 9 deletions(-) diff --git a/SL/Form.pm b/SL/Form.pm index 4db9e4bd4..582d2aff8 100644 --- a/SL/Form.pm +++ b/SL/Form.pm @@ -1172,17 +1172,12 @@ sub parse_amount { } $amount =~ s/,//g; - # make shure no code wich is not a math expression ends in eval() - - $amount =~ s/\s//g; - - unless($amount =~ /^[-\+]?\d+\.?\d*([-\+\*\/][-\+]?\d+\.?\d*)*$/){ - return 0; - } $main::lxdebug->leave_sub(2); - return (eval $amount) * 1 ; + # Make sure no code wich is not a math expression ends up in eval(). + return 0 unless $amount =~ /^ [\s \d \( \) \- \+ \* \/ \. ]* $/x; + return scalar(eval($amount)) * 1 ; } sub round_amount { diff --git a/js/common.js b/js/common.js index 279ff8dae..298d5a2cb 100644 --- a/js/common.js +++ b/js/common.js @@ -58,7 +58,7 @@ function check_right_number_format(input_name) { if(decpoint && decpoint == ','){ test_val = test_val.replace(/,/g, '.'); } - var forbidden = test_val.match(/[^-\+\/\*\.0-9\ ]/g ); + var forbidden = test_val.match(/[^\s\d\(\)\-\+\*\/\.]/g); if (forbidden && forbidden.length > 0 ){ return show_alert_and_focus(input_name, wrongNumberFormat); } -- 2.20.1