[Tutor] dangers of input() (original) (raw)
Jeff Shannon jeff at ccvcorp.com
Tue Jul 20 22:43:40 CEST 2004
- Previous message: [Tutor] dangers of input()
- Next message: [Tutor] dangers of input()
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Dick Moores wrote:
I was thinking of using input() instead of rawinput in my Frac.py (posted yesterday). This would enable the user to enter things such as "4**-3". Am I correct in assuming that this would be impossible to do without using input()? If so, I may go ahead with input()--I'm the only user, after all.
Well, it's not impossible to do it without input() -- input() itself is equivalent to eval(raw_input()). You can use this equivalence to limit things a bit, by providing some dictionaries to eval() to use in place of globals() and locals(), which will provide some degree of safety.
You could also, if you were really ambitious, parse the input string yourself and thus have complete control over what operations were allowed and not allowed. This is rather overkill for the project at hand, though. ;)
But, given that you're the only user and you presumably have some idea of the consequences of your actions (and nobody to blame but yourself if something does go wrong ;) ), then using input() is a reasonable solution.
Jeff Shannon Technician/Programmer Credit International
- Previous message: [Tutor] dangers of input()
- Next message: [Tutor] dangers of input()
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]