Amit Khemka <[EMAIL PROTECTED]> writes:
> Well actually the problem is I have a list of tuples which i cast as
> string and then
> put in a html page as the value of a hidden variable. And when i get
> the string again,
> i want to cast it back as list of tuples:
> ex:
> input: "('foo', 1, 'foobar', (3, 0)), ('foo1', 2, 'foobar1', (3, 1)),
> ('foo2', 2, 'foobar2', (3, 2))"
> output: [('foo', 1, 'foobar', (3, 0)), ('foo1', 2, 'foobar1', (3, 1)),
> ('foo2', 2, 'foobar2', (3, 2))]
>
> I hope that explains it better...
This is a serious security risk, as you can't trust the data not to do
arbitrary things to your system when eval'ed.
I'd look into pickling the list of tuples to get the string. You'll
want to use mode 0, and may need to encode the string in any
case. You'll also want to investigate the seecurity implications of
using pickle.
<mike
--
Mike Meyer <[EMAIL PROTECTED]> http://www.mired.org/home/mwm/
Independent WWW/Perforce/FreeBSD/Unix consultant, email for more information.
--
http://mail.python.org/mailman/listinfo/python-list
