As I see it, just as a matter of common sense, there will be no way to match the performance of the backend eval() with any interpreted code. At best, performance-wise, a preprocessor for the built-in eval() would be in order, filtering out the "unsafe" cases and passing the rest through. But what do I know, I could be dead wrong. :) Regards, Jordan