[added] frappe.safe_eval
diff --git a/erpnext/controllers/status_updater.py b/erpnext/controllers/status_updater.py
index 55bcaf3..0421580 100644
--- a/erpnext/controllers/status_updater.py
+++ b/erpnext/controllers/status_updater.py
@@ -3,7 +3,7 @@
from __future__ import unicode_literals
import frappe
-from frappe.utils import flt, comma_or, nowdate, getdate
+from frappe.utils import flt, comma_or
from frappe import _
from frappe.model.document import Document
@@ -119,7 +119,7 @@
self.status = s[0]
break
elif s[1].startswith("eval:"):
- if eval(s[1][5:]):
+ if frappe.safe_eval(s[1][5:]):
self.status = s[0]
break
elif getattr(self, s[1])():
diff --git a/erpnext/hr/doctype/salary_slip/salary_slip.py b/erpnext/hr/doctype/salary_slip/salary_slip.py
index 6840f25..afd45b5 100644
--- a/erpnext/hr/doctype/salary_slip/salary_slip.py
+++ b/erpnext/hr/doctype/salary_slip/salary_slip.py
@@ -76,12 +76,12 @@
def eval_condition_and_formula(self, d, data):
try:
if d.condition:
- if not eval(d.condition, {}, data):
+ if not frappe.safe_eval(d.condition, None, data):
return None
amount = d.amount
if d.amount_based_on_formula:
if d.formula:
- amount = eval(d.formula, None, data)
+ amount = frappe.safe_eval(d.formula, None, data)
if amount:
data[d.abbr] = amount
diff --git a/erpnext/stock/doctype/stock_entry/test_stock_entry.py b/erpnext/stock/doctype/stock_entry/test_stock_entry.py
index 79df591..b16dee9 100644
--- a/erpnext/stock/doctype/stock_entry/test_stock_entry.py
+++ b/erpnext/stock/doctype/stock_entry/test_stock_entry.py
@@ -44,30 +44,30 @@
make_stock_entry(item_code=item_code, target=warehouse, qty=1, basic_rate=10)
sle = get_sle(item_code = item_code, warehouse = warehouse)[0]
- self.assertEqual([[1, 10]], eval(sle.stock_queue))
+ self.assertEqual([[1, 10]], frappe.safe_eval(sle.stock_queue))
# negative qty
make_stock_entry(item_code=item_code, source=warehouse, qty=2, basic_rate=10)
sle = get_sle(item_code = item_code, warehouse = warehouse)[0]
- self.assertEqual([[-1, 10]], eval(sle.stock_queue))
+ self.assertEqual([[-1, 10]], frappe.safe_eval(sle.stock_queue))
# further negative
make_stock_entry(item_code=item_code, source=warehouse, qty=1)
sle = get_sle(item_code = item_code, warehouse = warehouse)[0]
- self.assertEqual([[-2, 10]], eval(sle.stock_queue))
+ self.assertEqual([[-2, 10]], frappe.safe_eval(sle.stock_queue))
# move stock to positive
make_stock_entry(item_code=item_code, target=warehouse, qty=3, basic_rate=20)
sle = get_sle(item_code = item_code, warehouse = warehouse)[0]
- self.assertEqual([[1, 20]], eval(sle.stock_queue))
+ self.assertEqual([[1, 20]], frappe.safe_eval(sle.stock_queue))
# incoming entry with diff rate
make_stock_entry(item_code=item_code, target=warehouse, qty=1, basic_rate=30)
sle = get_sle(item_code = item_code, warehouse = warehouse)[0]
- self.assertEqual([[1, 20],[1, 30]], eval(sle.stock_queue))
+ self.assertEqual([[1, 20],[1, 30]], frappe.safe_eval(sle.stock_queue))
frappe.db.set_default("allow_negative_stock", 0)
diff --git a/erpnext/templates/pages/demo.html b/erpnext/templates/pages/demo.html
index 108319f..f94a7c4 100644
--- a/erpnext/templates/pages/demo.html
+++ b/erpnext/templates/pages/demo.html
@@ -44,7 +44,7 @@
{% endblock %}
{% block title %}
-{{ _("Login") }}
+{{ _("ERPNext Demo") }}
{% endblock %}
{% block page_content %}