@EVAL not working

Question

@EVAL not working

Sitethief opened this issue 13 years ago · 1 comments

When I create a single-selectbox TV, and try to include it in newspublisher it won't execute the input @eval
@eval return $modx->runSnippet('snippetname',array());
This snippet/eval combo works in the backend and simply creates a dropdown list for the TV. Why doesn't this work in Newspublisher?

Answer 1 · 2011-06-22T17:29:29.000Z

@eval TV's are a huge security risk in the front end. Someone could enter
code that would delete your entire site and it would execute immediately
when they're forwarded to that page on submission of the NewPublisher form.

Because of that, NewsPublisher disallows editing them. You can alter the
NewsPublisher code to allow it if you really want to, but I don't recommend
it.
On Jun 22, 2011 6:04 AM, "Sitethief" <
reply@reply.github.com>
wrote:

When I create a single-selectbox TV, and try to include it in
newspublisher it won't execute the input @eval
@eval return $modx->runSnippet('snippetname',array());
This snippet/eval combo works in the backend and simply creates a dropdown
list for the TV. Why doesn't this work in Newspublisher?

Reply to this email directly or view it on GitHub:
#8