Closed rochecompaan closed 9 years ago
nvernooy
commented
9 years ago @rochecompaan I used eval() for calculating the formulas but apparently there are some security risks, should I rather use something like mathjs? Also the user is able to use formulas in the percentage column in the valuations slickgrid, is that fine?
rochecompaan
commented
9 years ago I thought that we can evaluate the formula in javascript without a roundtrip to the server:
nvernooy
commented
9 years ago Yes I actually read that question as well. They discuss it and say while eval() is simpler there are other and more secure ways to do it, so should I rather implement the more secure solutions?
rochecompaan
commented
9 years ago I think the mathjs eval method should be safe to use.
One should be able to enter a formula in a quantity or rate cell. At this point it is not necessary to store the formula, calculate the result client side when the user presses enter and store the resulting value in the field.