Bill Campbell wrote:
On Thu, Feb 07, 2008, Stefano Guglia wrote:
hello!
I converted a dictionary in a string, and now I need to change back the
same string as a dictionary in a zope python script.
s = repr(d)
newdict = eval(s)
NO!
Never ever ever eval strings. At some point you will end up eval'ing an
user-supplied string and hey presto - instant massive security
vulnerability.
The original post is a bit crap, since no mention was made as to how the
dict was turned into a string. As to what he wants to do with this and
why he's doing it, that's likely the source of the real problem!
cheers,
Chris
--
Simplistix - Content Management, Zope & Python Consulting
- http://www.simplistix.co.uk
_______________________________________________
Zope maillist - [email protected]
http://mail.zope.org/mailman/listinfo/zope
** No cross posts or HTML encoding! **
(Related lists -
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope-dev )
