On Sat, Dec 11, 2010 at 10:39 PM, Steven D'Aprano <st...@pearwood.info> wrote: > David Hutto wrote: >> >> On Sat, Dec 11, 2010 at 11:54 AM, Lie Ryan <lie.1...@gmail.com> wrote: >>> >>> On 12/07/10 23:37, Robert Sjöblom wrote: >>>> >>>> I've been told to use input() if I know that I'll only get integers, >>>> and raw_input() for "everything." >>> >>> That is a bad piece of advice. You should only use input() when you can >>> fully trust whoever doing the input (i.e. you). >> >> Who uses the crap we, as noobies produce? It's pie in the sky >> mentality. We design it because WE want it and WE(individually) use >> it. > > Do you want to learn good habits or learn bad habits? I think we've seen > plenty of evidence on this mailing list that you have little interest in > learning good habits, but actively defend your right learn bad habits.
You define a good habit as making the code impossible for someone just learning to use, and you call my habits bad.. I recall you making a habit of being an asshole(pystats should ring a bell, thanks for giving me the credit for inspiration...bitch) > > There are plenty of people who do the same. They're harmless and even > pathetically amusing as newbies, and then they get a job working as a > professional programmer, and end up writing crappy, bug-addled code filled > with the sort of n00b errors that we've been warning about. Bug-addled code > with *real* consequences. Yeah, we call that YOUR mistakes being pointed out later in life due to experience. 20/20 hindsight is great ain't it poindexter? > > Command injection bugs are hugely common in the real world. At least four of > the 25 most common security bugs in *professional* software are in my > opinion varieties of the command injection flaw, and one of those is the > SECOND most common flaw: > > SQL injection attack #2 most common > Unrestricted upload of dangerous files #8 most common > OS command injection #9 most common > PHP file inclusion attack #13 most common Injection is only relevant in non-personal code. > > http://cwe.mitre.org/top25/ > > OS command injection is *exactly* the sort of thing we're warning about. > > Feel free to continue learning bad habits, but please stop trying to > encourage others to do the same. I didn't encourage a bad habit, I encouraged development of a problem defined by the client and a solution developed byu the programmer. The only bad habit around here, is your condescending nature. > > > -- > Steven > _______________________________________________ > Tutor maillist - tu...@python.org > To unsubscribe or change subscription options: > http://mail.python.org/mailman/listinfo/tutor > _______________________________________________ Tutor maillist - Tutor@python.org To unsubscribe or change subscription options: http://mail.python.org/mailman/listinfo/tutor