[Tutor] modification
dman
dsh8290@rit.edu
Mon, 20 Aug 2001 13:57:18 -0400
On Mon, Aug 20, 2001 at 11:25:42AM -0500, Rob Andrews wrote:
# use input instead of raw_input
Rob, why do you suggest using input() instead of raw_input()?
Using input() can be potentially harmful if the user is knowledgeable
and malicious. Suppose, for example, instead of entering a number the
user enters in
open( "some_file" , "w" )
In this case the file will be opened in write mode (which truncates
its contents to nothing) and the file handle returned. The program
will not operate correctly because it still expects an int, not a
file.
The best technique, IMO, is to use raw_input() for the input, and then
use the proper conversion function (in this case int()) inside a
try-except block to handle any errors.
HTH,
-D