[Zope-PTK] Wizards and Form data types

[Tiago Antão]

Hi!

itamar> VERY BAD idea. People can send you any arbitary python expression and it
itamar> will be evaluated, e.g. "__import__('os').system('rm -rf /')". Never ever do
itamar> eval() or open() on data passed from the user.

  You're 200% right obviously.
  I've found yet another horrible hack to solve the problem (this one, I
believe, not so bad): Putting everything using :list in the last page of
the wizard.

Tiago