util::potentially_unsafe_eval_p (public)

 util::potentially_unsafe_eval_p [ -warn ] string

Defined in packages/acs-tcl/tcl/utilities-procs.tcl

Check content of the string to identify potentially unsafe content in the provided string. The content is unsafe, when it contains externally provided content, which might be provided e.g. via query variables, or via user values stored in the database. When such content contains square braces, a "subst" command on it can evaluate arbitrary commands, which is dangerous.

Switches:
-warn (optional, boolean)
Parameters:
string (required)

Partial Call Graph (max 5 caller/called nodes):
%3 ad_log ad_log (public) util::potentially_unsafe_eval_p util::potentially_unsafe_eval_p util::potentially_unsafe_eval_p->ad_log

Testcases:
No testcase defined.
[ show source ]
Show another procedure: