Revision 0cd51f70
Von Moritz Bunkus vor fast 8 Jahren hinzugefügt
| js/kivi.js | ||
|---|---|---|
| 61 | 61 |
|
| 62 | 62 |
amount = amount.replace(/[\',]/g, "") |
| 63 | 63 |
|
| 64 |
// Make sure no code wich is not a math expression ends up in eval(). |
|
| 65 |
if (!amount.match(/^[0-9 ()\-+*/.]*$/)) |
|
| 66 |
return 0; |
|
| 67 |
|
|
| 64 | 68 |
/* jshint -W061 */ |
| 65 | 69 |
return eval(amount); |
| 66 | 70 |
}; |
| js/t/kivi/parse_amount.js | ||
|---|---|---|
| 109 | 109 |
assert.equal(kivi.parse_amount('0123456789'), 123456789, '0123456789');
|
| 110 | 110 |
assert.equal(kivi.parse_amount('000123456789'), 123456789, '000123456789');
|
| 111 | 111 |
}); |
| 112 |
|
|
| 113 |
QUnit.test("kivi.parse_amount function German number style with thousand separator & contains invalid characters", function( assert ) {
|
|
| 114 |
kivi.setup_formats({ numbers: '1.000,00' });
|
|
| 115 |
|
|
| 116 |
assert.equal(kivi.parse_amount('iuh !@#$% 10,00'), 0, 'iuh !@#$% 10,00');
|
|
| 117 |
}); |
|
Auch abrufbar als: Unified diff
kivi.parse_amount: bei ungültigen Zeichen 0 zurückgeben
Es werden nun nur noch mathematische Zeichen erlaubt.