On Thursday 07 February 2008 11:25:07 Chris Withers wrote: > Bill Campbell wrote: > > On Thu, Feb 07, 2008, Stefano Guglia wrote: > >> hello! > >> > >> I converted a dictionary in a string, and now I need to change back the > >> same string as a dictionary in a zope python script. > > > > s = repr(d) > > newdict = eval(s) > > NO! > > Never ever ever eval strings. At some point you will end up eval'ing an > user-supplied string and hey presto - instant massive security > vulnerability. > > The original post is a bit crap, since no mention was made as to how the > dict was turned into a string. As to what he wants to do with this and > why he's doing it, that's likely the source of the real problem! > > cheers, > > Chris
I 'serialized' mysql data in order to flat one-to-many related tables. the resulting dictionaries (one per record) are i.e. as: mydict [ brandcode ] = { 'itemcode': 'some value', 'itemsizeavail': [ ('XL',), ('XXL',), ('S',) ], 'keythree': '', 'keyfour': [ ], ... } now then I can index the whole content in order to get it searchable from the Plone quick search form. mydict [ ] records are then saved as strings in a DB table records. I need now to pass again from string to dict, to access key/values and print detailed reports. could you have much better ideas on how to, pls let us know. I handle python, zope etc. at a very basic level now, so surely I've missed some features I'm sorry if I wasn't clear, and thanks! Stefano. _______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )