It will be as safe as you care about it. But, surely it is not a good
practice.
Even web2py's views having the power to use full python code, you should
separate your app in layers. You should place, as far as it is possible,
just presentation logic in views.
Exceptions happen. And full Python power are there for them. But, use it
with care.
--
Vinicius Assef
On 07/25/2012 07:33 PM, Babak wrote:
Of course *I* like Python code. But what about giving access to the
templates/views where we do not want to grant access to the internals of
the server via system calls. ie,
{{
import os
os.popen('...')
}}
Can this be safer?
--
--
