[Tutor] reading stdin?

Danny Yoo dyoo@hkn.eecs.berkeley.edu
Sat, 17 Feb 2001 16:34:33 -0800 (PST)


On Sat, 17 Feb 2001, Doug Stanfield wrote:

> > | > ...     data = int( raw_input( "Enter a number: " ) )

> > | why not just

> > |      data = input("Enter number: ")

> In addition, please note the difference between 'raw_input' and
> 'input'. The use of 'input' is generally unsafe.  Using 'raw_input' is
> almost always what you want in this scenario of getting data from a
> user.

Clarification on what it means to be unsafe: sometimes, when we write
programs, we need to imagine a "worst case" scenario.  (Not that our users
are malevolant, but it's quite possible for them to make typing mistakes).  
For example, with the following program:

###
try:
   myint = input("Enter a number: ")
except:
   print "Error!"
###

What happens when the user enters this at our prompt? :

   open('really-important-file-would-be-clobbered-muhahaha', 'w')

This is evil, but it works.  *grin*

input() is really powerful... sometimes TOO powerful.  input() will accept
any Python expression, and this includes the file-opening functions.

Hope this helps!