Thanks for the correction Mike Jose Mike Orr wrote: > On 11/6/07, Jose Galvez <[EMAIL PROTECTED]> wrote: > >> you could add >> for k,v in request.params: >> locals()[k] = v >> to the top f your functions >> >> this would inject the variable names into your functions do you could >> use them directly. >> > > You can't modify local variables via locals(). Local variables are > implemented as an array with the names converted to subscripts at > compile time. The only exception is if the function contains an > 'eval', which is slow and insecure (if the arg is untrusted). > > ===x1,py=== > def test(): > locals()["k"] = "v" > print k > if __name__ == "__main__": test() > === > > $ python /tmp/x.py > Traceback (most recent call last): > File "/tmp/x.py", line 5, in <module> > if __name__ == "__main__": test() > File "/tmp/x.py", line 3, in test > print k > NameError: global name 'k' is not defined > > If you put "k = 2" before the locals() call, it will print 2. > > > >> I don't know what security risks this will bring up >> > > A user might override one of your variables like 'filename_to_delete'. > >
--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/pylons-discuss?hl=en -~----------~----~----~----~------~----~------~--~---
