/timer switch to prevent parameter evaluation - 15/07/10 09:38 AM
I'd like to suggest a switch for /timer that will prevent the timer's parameters from being evaluated when it performs its action. This feature would make it simple to avoid security problems related to the undesired double evaluation of parameters passed through timers.
For example:
//timer 1 1 echo -s I have $!100 to spend.
//timer -n 1 1 echo -s I have $!100 to spend.
In addition, the switch should treat all text as plain text (vertical bars, braces, etc.). For example:
//timer 1 1 echo -s a $chr(124) echo -s b
//timer -n 1 1 echo -s a $chr(124) echo -s b
Essentially the distinction would be the same as performing a command in the editbox using one or two slashes.
There are already some scripting-based workarounds to solve these issues, but they add unnecessary complexity and can often be confusing.
For example:
//timer 1 1 echo -s I have $!100 to spend.
Quote:
I have to spend.
//timer -n 1 1 echo -s I have $!100 to spend.
Quote:
I have $100 to spend.
In addition, the switch should treat all text as plain text (vertical bars, braces, etc.). For example:
//timer 1 1 echo -s a $chr(124) echo -s b
Quote:
a
b
b
//timer -n 1 1 echo -s a $chr(124) echo -s b
Quote:
a | echo -s b
Essentially the distinction would be the same as performing a command in the editbox using one or two slashes.
There are already some scripting-based workarounds to solve these issues, but they add unnecessary complexity and can often be confusing.