On Thursday 07 February 2008 11:25:07 Chris Withers wrote:
> Bill Campbell wrote:
> > On Thu, Feb 07, 2008, Stefano Guglia wrote:
> >> hello!
> >>
> >> I converted a dictionary in a string, and now I need to change back the
> >> same string as a dictionary in a zope python script.
> >
> > s = repr(d)
> > newdict = eval(s)
> NO!
> Never ever ever eval strings. At some point you will end up eval'ing an
> user-supplied string and hey presto - instant massive security
> vulnerability.
> The original post is a bit crap, since no mention was made as to how the
> dict was turned into a string. As to what he wants to do with this and
> why he's doing it, that's likely the source of the real problem!
> cheers,
> Chris

I 'serialized' mysql data in order to flat one-to-many related tables. the 
resulting dictionaries (one per record) are i.e. as:

mydict [ brandcode ] =
'itemcode': 'some value',
'keythree': '',
'keyfour': [ ],

now then I can index the whole content in order to get it searchable from the 
Plone quick search form.
mydict [ ] records are then saved as strings in a DB table records.

I need now to pass again from string to dict, to access key/values and print 
detailed reports.

could you have much better ideas on how to, pls let us know. I handle python, 
zope etc. at a very basic level now, so surely I've missed some features

I'm sorry if I wasn't clear, and thanks!

Zope maillist  -  Zope@zope.org
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-dev )

Reply via email to