Index: openacs-4/packages/acs-tcl/tcl/utilities-procs.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-tcl/tcl/utilities-procs.tcl,v
diff -u -N -r1.189.2.155 -r1.189.2.156
--- openacs-4/packages/acs-tcl/tcl/utilities-procs.tcl	8 Nov 2022 09:55:39 -0000	1.189.2.155
+++ openacs-4/packages/acs-tcl/tcl/utilities-procs.tcl	8 Nov 2022 13:59:52 -0000	1.189.2.156
@@ -733,6 +733,9 @@
 
                     if { [llength $var_spec] > 1 } {
                         if { $precedence_type ne "noprocessing_vars" } {
+                            if {[util::potentially_unsafe_eval_p -- [lindex $var_spec 1]]} {
+                                ad_log warning "potentially_unsafe_eval in variable/value pair $var_spec"
+                            }
                             set value [uplevel subst \{[lindex $var_spec 1]\}]
                         } else {
                             set value [lindex $var_spec 1]
@@ -3613,6 +3616,7 @@
     theses can evaluate arbitrary commands, which is dangerous.
 
 } {
+    #ns_log notice "util::potentially_unsafe_eval_p '$string'"
     set unsafe_p 0
     set original_string $string
     while {1} {
@@ -3624,14 +3628,17 @@
                 continue
             }
         }
+        #ns_log notice "util::potentially_unsafe_eval_p '$string' $p"        
         if {$p < 0 || [string length $string] < 2} {
             break
         }
         set unsafe_p 1
         if {$warn_p} {
             ad_log warning "potentially unsafe eval on '$original_string'"
         }
+        break
     }
+    #ns_log notice "util::potentially_unsafe_eval_p '$string' ->  $unsafe_p"    
     return $unsafe_p
 }