[Tutor] Suggestions for cleaner code

Magnus Lyckå magnus@thinkware.se
Wed Jul 9 12:59:01 2003


At 04:05 2003-07-09 -0400, Jared W wrote:
>After I had sent my response to cleaner code, I noticed people talking 
>about input not being used because of security problems.  Three questions 
>come to mind.  How does input create these problems?  Does raw_input also 
>have these problems?  What is the alternate to input?

Jeff Shannon and Raymond Hettinger already answered this.
As Lee Harr suggested somewhat implicitly, the answer is
in the Python library reference chapter 2.1. Please read!
The manual doesn't quite explain all the possible dangers
though.

raw_input is safe, unless you run eval() on the string it
returns.

I don't know how input is defined, but it *could* be written
like this:

def input(text):
     return eval(raw_input(text))

That's basically what it does: Reads a string entered by the user,
and evaluates it.


--
Magnus Lycka (It's really Lyckå), magnus@thinkware.se
Thinkware AB, Sweden, www.thinkware.se
I code Python ~ The Agile Programming Language