add number calculation in number form fields

[mfinanz.git] / SL / Form.pm

diff --git a/SL/Form.pm b/SL/Form.pm
index cef5995ab8e4b8c7202d2defee98ae48648ea0d4..ad5f0a3cfa59d28b95134ee8ed0d9acc0c6761e2 100644 (file)
--- a/SL/Form.pm
+++ b/SL/Form.pm
@@ -1164,7 +1164,7 @@ sub parse_amount {
   if (   ($myconfig->{numberformat} eq '1.000,00')
       || ($myconfig->{numberformat} eq '1000,00')) {
     $amount =~ s/\.//g;
-    $amount =~ s/,/\./;
+    $amount =~ s/,/\./g;
   }
 
   if ($myconfig->{numberformat} eq "1'000.00") {
@@ -1172,10 +1172,17 @@ sub parse_amount {
   }
 
   $amount =~ s/,//g;
+  # make shure no code wich is not a math expression ends in eval()
+
+  $amount =~ s/\s//g; 
+
+  unless($amount =~ /^[-\+]?\d+\.?\d*([-\+\*\/][-\+]?\d+\.?\d*)*$/){
+    return 0;
+  }
 
   $main::lxdebug->leave_sub(2);
 
-  return ($amount * 1);
+  return (eval $amount) * 1 ;
 }
 
 sub round_amount {