On Wed, Aug 09, 2006 at 11:51:19AM -0400, Brendon Towle wrote: > On 9 Aug 2006, at 11:04 AM, Chris Lambacher wrote: > > How is your data stored? (site was not loading for me). > > In the original source HTML, it's like this (I've deleted all but the > beginning and the end of the list for clarity): > var table_body = [ > ["ATVI", "Activision, Inc.",12.75,0.150000,1.19,2013762,0.04,"N","N"] > ,["YHOO", "Yahoo! Inc.",27.7,0.260000,0.95,6348884,0.21,"N","N"] > ]; I didn't realize it was javascript syntax, a json implimentation would probably work for you: http://cheeseshop.python.org/pypi/simplejson
> > More sophisiticated situations (like nested lists) may require something > like pyparsing. > > I could do that, or I could do something like the re.* trick mentioned by > another poster. But, doesn't it offend anyone else that the only clean way > to access functionality that's already in Python is to write long > complicated Python code? Python already knows how to extract a list object > from a string; why should I have to rewrite that? I don't disagree with you. The problem is that the obvious way to do it (eval) is a big security hole. In this case you are trusting that no one inserts themselves between you and the website providing you with code to EXECUTE. I have heard of people attempting to use the parser provided with python and examining the AST to do this, but I think that approach is even more complicated. > B. > > On Wed, Aug 09, 2006 at 10:23:49AM -0400, Brendon Towle wrote: > > Slawomir Nowaczyk noted: > #> Heck, whenever *is* it OK to use eval() then? > eval is like optimisation. There are two rules: > Rule 1: Do not use it. > Rule 2 (for experts only): Do not use it (yet). > So, that brings up a question I have. I have some code that goes > out to a > website, grabs stock data, and sends out some reports based on the > data. > Turns out that the website in question stores its data in the > format of a > Python list > ([1][1]http://quotes.nasdaq.com/quote.dll?page=nasdaq100, search > the source for "var table_body"). So, the part of my code that > extracts > the data looks something like this: > START_MARKER = 'var table_body = ' > END_MARKER = '];' > def extractStockData(data): > pos1 = data.find(START_MARKER) > pos2 = data.find(END_MARKER, pos1) > return eval(data[pos1+len(START_MARKER):END_MARKER]) > (I may have an off-by-one error in there somewhere -- this is from > memory, > and the code actually works.) > My question is: what's the safe way to do this? > B. > -- > Brendon Towle, PhD > Cognitive Scientist > +1-412-690-2442x127 > Carnegie Learning, Inc. > The Cognitive Tutor Company ? > Helping over 375,000 students in 1000 school districts succeed in > math. > References > Visible links > 1. [2]http://quotes.nasdaq.com/quote.dll?page=nasdaq100 > > -- > [3]http://mail.python.org/mailman/listinfo/python-list > > -- > Brendon Towle, PhD > Cognitive Scientist > +1-412-690-2442x127 > Carnegie Learning, Inc. > The Cognitive Tutor Company ? > Helping over 375,000 students in 1000 school districts succeed in math. > > References > > Visible links > 1. http://quotes.nasdaq.com/quote.dll?page=nasdaq100 > 2. http://quotes.nasdaq.com/quote.dll?page=nasdaq100 > 3. http://mail.python.org/mailman/listinfo/python-list
-- http://mail.python.org/mailman/listinfo/python-list
