in reply to Best practice for user-input in eval
Since this is clearly a dangerous idea, try to challenge the "it can't be avoided" assumption.
Taking one or two steps back, what are you trying to accomplish?
It might be possible to do the same thing in harmless client side JavaScript, or you may be able to break up the problem into harmless or less complex steps. And if you're lucky and we're all imaginative it might turn out you don't need to to this at all.
If you're lucky.
/J
|
|---|
In Section
Seekers of Perl Wisdom