Simon Brunning wrote:
> On 5/26/05, flyaflya <[EMAIL PROTECTED]> wrote:
> > a = "(1,2,3)"
> > I want convert a to tuple:(1,2,3),but tuple(a) return ('(', '1', ',',
> > '2', ',', '3', ')') not (1,2,3)
>
> Short answer - use eval().
>
> Long answer - *don't* use eval unless you are in control of the source
> of the string that you are evaluating.
Or if you do use eval, don't give it access to any names.
>>> import os
>>> eval(raw_input(), {})
os.system("rm -rf *")
Traceback (most recent call last):
File "<stdin>", line 1, in ?
File "<string>", line 0, in ?
NameError: name 'os' is not defined
--
http://mail.python.org/mailman/listinfo/python-list
