Converting python string into bytes directly without eval()
yes, with ast.literal_eval which is safe since it only evaluates literals. >>> import ast >>> stringAsByte = “b’a'” >>> ast.literal_eval(stringAsByte) b’a’
yes, with ast.literal_eval which is safe since it only evaluates literals. >>> import ast >>> stringAsByte = “b’a'” >>> ast.literal_eval(stringAsByte) b’a’
By using list comprehension, you actually define a new scope. Indeed if we alter the list comprehension to: out2 = [print(globals()) or print(locals()) or eval(cmd) for cmd in [‘self.b’]] we force Python to print the local and global variables before making the eval(..) call, and we obtain something like: {‘__builtins__’: <module ‘builtins’ (built-in)>, ‘__name__’: ‘__main__’, … Read more
Well, safe or not, when you are using jQuery, you’re better to use the $.getJSON() method, not $.ajax(): $.getJSON(url, function(data){ alert(data.exampleType); }); eval() is usually considered safe for JSON parsing when you are only communicating with your own server and especially when you use a good JSON library on server side that guarantees that generated … Read more
You can test to see if an error is indeed a SyntaxError. try { eval(code); } catch (e) { if (e instanceof SyntaxError) { alert(e.message); } }
The article you linked contains a crazy approach that actally works: during each eval() call, we create a new closure inside that eval scope and export it so that to we can use it evaluate the next statement. var __EVAL = s => eval(`void (__EVAL = ${__EVAL.toString()}); ${s}`); function evaluate(expr) { try { const result … Read more
For a simple calculator with only 5 operators (^, *, /, +, -) and no parentheses, you can do something like this. First, it is convenient to turn the string into an array of numbers and operators. Then, we go through the array looking for each operator in order of precedence, and applying the operator … Read more
function StrippedExample(i1, i2, i3, i4, i5, i6, i7, i8) { var args = [i1, i2, i3, i4, i5, i6, i7, i8]; // put values in an array this.i = []; for (var i=0,j=0 ;i<8;i++) { // now i goes from 0-7 also var k = args[i]; // get values out if (k > 0) { … Read more
Needless to say you should find another solution ASAP. In the meantime you can eval the code like this: $str=”<h1>Welcome</h1><?php echo $motto?><br/>”; // Your DB content eval(“?> $str <?php “); Demo: http://codepad.org/ao2PPHN7 I can’t stress that enough: eval is dangerous, and application code shouldn’t be in the database. Try a template parser like Smarty, Dwoo, … Read more
There are two different issues: First: Dynamic binding as a bug Not sure what he means, but generally in McCarthy’s EVAL the use of dynamic binding can be seen as a bug. He does not implement lexical scope for variables. The bug shows up for example here: http://www-formal.stanford.edu/jmc/recursive/node3.html See the functions maplist and diff. Both … Read more
1.: The reason this doesn’t work is (more or less) given on the page you linked: It is an error if there is no global var named by the symbol […] And: […] A lookup is done in the current namespace to see if there is a mapping from the symbol to a var. If … Read more