Converting string to python code
Hi all. Is there any way that if I give python a string, it can convert it into code? Example, say I am given this string:
string = "Class( 0,100 )"
Now I want to convert it into code:
Class( 0,100 )
Any ideas?
Thanks.
besktrap
Junior Poster in Training
58 posts since Jul 2008
Reputation Points: 10
Solved Threads: 1
How are you giving the strings?
If you are giving a complete python program in the string, you do a trick:
Write all the string into a file and execute it with the interpreter by using a execv or system command.
siddhant3s
Practically a Posting Shark
816 posts since Oct 2007
Reputation Points: 1,486
Solved Threads: 140
I would be getting the string from a text file, but i'll try what you recommended
besktrap
Junior Poster in Training
58 posts since Jul 2008
Reputation Points: 10
Solved Threads: 1
Please know that this is a security risk. Use the exec function:
>>> exec("print('df')")
df
scru
Posting Virtuoso
1,629 posts since Feb 2007
Reputation Points: 975
Solved Threads: 140
Thanks! but, why is the exec function is a risk?
besktrap
Junior Poster in Training
58 posts since Jul 2008
Reputation Points: 10
Solved Threads: 1
You are loading code from a string into your application and running it. Unless you have compete and absolute control over the string (you create it yourself, and no part of it comes from outside our program), there is always a way for someone to inject some malicious code into your program.
scru
Posting Virtuoso
1,629 posts since Feb 2007
Reputation Points: 975
Solved Threads: 140
oh I see. lol with the stuff i'm working on, I won't need to worry about that, but thanks for the tip!
besktrap
Junior Poster in Training
58 posts since Jul 2008
Reputation Points: 10
Solved Threads: 1
Hate to bother you, but I have one more question. I have this string:
temp_string = "Vent( Screen, 100, 484, 'Vent' )"
and when I do exec:
exec(temp_string)
python doesn't return anything (like init values that have been printed and returned statements). What could be the problem?
besktrap
Junior Poster in Training
58 posts since Jul 2008
Reputation Points: 10
Solved Threads: 1
What does it return, an error message? exec() will work on things like print statements or 1+2-3, but if you call a function or class then you must already have that function defined, otherwise an error message. Perhaps if you explained what you are trying to do, there would be an easier way, like a generic class that you would pass the strings in the file to as parameters --> some_class( the_string ).
woooee
Nearly a Posting Maven
2,454 posts since Dec 2006
Reputation Points: 777
Solved Threads: 714
Well, I have a class imported from a file:
from lib.class import *
in the main program, I read a text file which outputs:
Vent( 100,300, 'Vent' )
I assign that string from the text file to a var called 'temp_string', and then I go:
exec(my_string)
It doesn't work, but I write up some code that (based of the strings from the text file) recognizes the first four characters in a line, a.k.a 'Vent', and then gets the string(s) from in between the characters '(' and ',' and then ',' and ','. The last argument just stays a string. I then pass a new instance with those new given values. It's no big deal if the exec thing doesn't work, but thanks any ways
besktrap
Junior Poster in Training
58 posts since Jul 2008
Reputation Points: 10
Solved Threads: 1
The function exec() does not know where class Vent is coming from.
You could try something like:
exec(mystring, globals())
Now you are putzing around with the global dictionary, dangerous territory indeed!
sneekula
Nearly a Posting Maven
2,427 posts since Oct 2006
Reputation Points: 961
Solved Threads: 212
