---------------------------------------- > To: python-list@python.org > From: fr...@chagford.com > Subject: Re: Question about ast.literal_eval > Date: Mon, 20 May 2013 09:50:02 +0200 > > [Corrected top-posting] > >>> To: python-list@python.org >>> From: fr...@chagford.com >>> Subject: Question about ast.literal_eval >>> Date: Mon, 20 May 2013 09:05:48 +0200 >>> >>> Hi all >>> >>> I am trying to emulate a SQL check constraint in Python. Quoting from >>> the PostgreSQL docs, "A check constraint is the most generic constraint >>> type. It allows you to specify that the value in a certain column must >>> satisfy a Boolean (truth-value) expression." >>> >>> The problem is that I want to store the constraint as a string, and I >>> was hoping to use ast.literal_eval to evaluate it, but it does not work. >>> > > On 20/05/2013 09:34, Carlos Nepomuceno wrote: > >> It seems to me you can't use ast.literal_eval()[1] to evaluate that kind of >> expression >> because it's just for literals[2]. >> >> Why don't you use eval()? >> > > Because users can create their own columns, with their own constraints. > Therefore the string is user-modifiable, so it cannot be trusted.
I understand your motivation but I don't know what protection ast.literal_eval() is offering that eval() doesn't. > Frank > > > -- > http://mail.python.org/mailman/listinfo/python-list > -- http://mail.python.org/mailman/listinfo/python-list
