diff --git a/player/js/player.js b/player/js/player.js index 436bbe5..57109ed 100644 --- a/player/js/player.js +++ b/player/js/player.js @@ -506,11 +506,6 @@ eidogo.Player.prototype = { me.load(this.root, target); completeFn && completeFn(); }); - } else if (data.charAt(0) == '{') { - // JSON - data = eval("(" + data + ")"); - this.load(data, target); - completeFn && completeFn(); } else { this.croak(t['invalid data']); } @@ -972,7 +967,7 @@ eidogo.Player.prototype = { contBranch.C = moveNum > 1 ? "" + t['show games'] + "" : ""; var cont, - conts = eval('(' + req.responseText + ')'); + conts = JSON.parse(req.responseText); if (conts.length) { conts.sort(function(a, b) { return parseInt(b.count, 10) - parseInt(a.count, 10); }); var highCount = parseInt(conts[0].count, 10); @@ -1474,7 +1469,7 @@ eidogo.Player.prototype = { this.dom.searchCount.innerHTML = "No"; return; } - var ret = eval("(" + req.responseText + ")"); + var ret = JSON.parse(req.responseText); var results = ret.results, result, html = "", diff --git a/player/js/sgf.js b/player/js/sgf.js index b630f3c..a5d4a48 100644 --- a/player/js/sgf.js +++ b/player/js/sgf.js @@ -74,7 +74,15 @@ eidogo.SgfParser.prototype = { this.index++; } } - values[i] += this.curChar(); + if (this.curChar() === '<') { + values[i] += '<'; + } else if (this.curChar() === '>') { + values[i] += '>'; + } else if (this.curChar() === '&') { + values[i] += '&'; + } else { + values[i] += this.curChar(); + } this.index++; } i++; @@ -105,4 +113,4 @@ eidogo.SgfParser.prototype = { curChar: function() { return this.sgf.charAt(this.index); } -}; \ No newline at end of file +};