MOO-cows Mailing List Archive



> How about comparing
>   call_function("notify", player, foo);
> with
>   eval("notify(player, " + FOO + ");");
> ...?  The latter leaves you wide-open for people to slip in nasties, while using call_function() makes you safer.

I'm sorry, I don't follow you.. how could the later pose a threat?

Follow-Ups: References:

Home | Subject Index | Thread Index