a question from a newcomer to this language
Steve Horsley
steve.horsley at gmail.com
Fri Jun 10 18:44:31 EDT 2005
Michael Chermside wrote:
> Shankar writes:
>
>>Is there any way to convert a string into an instruction that will be
>>executed?
>
>
> Short answer:
> Yes. The exec statement does what you want:
>
>
>>>>x = 3
>>>>y = 4
>>>>exec "z = x * y"
>>>>print z
>
> 12
>
Ooh! I didn't know that one. I have to admit that it gives me an
uneasy feeling. How woud the author of "z = x * y" know that z
was safe to assign to?
To Shankar:
An intermediate is eval:
z = eval("x * y")
but even this is unsafe if you do not vet the input strings:
String s = "system('format c: /y')"
z = eval(s)
Steve
More information about the Python-list
mailing list