I cannot figure out the correct way to de-serialize a string passed via xml-rpc. If I print out the string I get

{'params': ['123', 3], 'methodName': 'function'}

I could split the string, and then drop unwanted characters. But, that seems like the wrong way.

Any help would be appreciated.

I'm mostly ignorant of these matters, but it looks to me like your string is just a dictionary. So:

>>> s = "{'params': ['123', 3], 'methodName': 'function'}"

>>> result = eval(s)
>>> result
{'methodName': 'function', 'params': "('123', 3)"}
>>> print result['params']
['123', 3]
>>> print result['methodName']

So now you've deserialized it to a dictionary containing the function call and the parameters. To make the call, you could then do:

def function(a,b):
    print a,b  # setup for testing only

>>> result["params"] = '(' + str(result["params"])[1:-1] + ')'
>>> result["params"] # just to see
"('123', 3)"
>>> result["methodName"] + result["params"]
"function('123', 3)"
>>> return_val = eval(result["methodName"]+result["params"])
123 3

So we turn the function call into a string and then evaluate it.

HOWEVER, comma,

I am 99.9% certain that the xmlrpclib already has some function to execute the return string for you, probably with appropriate safety measures to keep malicious remote function calls from occurring. Poke around the xmlrpclib file and see.


Thank you for the help. It will come in handy.

I was luckily enough to be the one working on both the xmlrpc call and the parsing. I was able to found a short cut around it though.

I was using c++ and the XmlRpc++ library. I assigned each variable each own parameter ( param1, param2, param3, etc. It ended up sending a string that looked just like a data list type.

{'param1': '123', 'param2': '3' , 'methodName': 'function'}

I thought was cool, because all I had to do was declare a new data list and call out the variables.

def subtractCredit(self, arg):
  d2 = arg[0]
  print "Recieved Arg:", arg[0]
  print "methodName:", d2['methodName']
  print "pin:", d2['param1']
  print "amount:", d2['param2']

I will have to look into securing the xmlrpc server. I was thinking about using twisted.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.