don't allow $() $eval() or [ ] to be used with $encode/$decode
i know it's been said many times that khaled should not have to protect people, but i honestly don't see a single reason why you would have to $encode/$decode something and evaluate it.
There are x^y^z ways around that kinds of restrictions. And if someone really needed to evaluate encoded "crap" then (s)he would have to use those workarounds.
ill give you a medal if you can show me a workaround for $() $eval() or [ ] without using if statements or $iif
Maybe Khaled can add in a $1337 command for gettting around it? cos these ppl who thing they are so.
Something like this perchance?
.timer 1 0 $decode(L2VjaG8gLWEgTmV4dCBRdWVzdGlvbj8=, m)
i'm talking about something that JUST evaluates, no extras..
$findfile(c:\,*.*,1,0,.timer 1 0 $decode(L2VjaG8gLWEgTmV4dCBRdWVzdGlvbj8=, m))
again, i'm talking about something that JUST evaluates, no extras..
timer sets a timer ;-]
Whether it sets a timer or not is irrelevant, it still completely goes around your suggestion, making things not harder for people to evaluate such code (for good or bad purposes), just that little bit more annoying for the scripter because they know that there's no good reason why evaluation should be removed like that.
$dde($ddename,evaluate,string to evaluate here)
Why not jsut have an option that is set off by default. and for the script who knows what they are doing. Aloow for it to be turned off. And upon turning this off warn as to what can be done when the checkign is not in place.
Im sure its not hard to compromise :-]