How to call dynamicly string operations in Python?

Question

//func_to_exec parameter is coming from database dynamically.
func_to_exec='split("\|")[0].split(",")[1]'

pl='mancity,manunited,arsenal|2|3|4|5'

is there anyway to call

pl.func_to_exec

I saw exec and eval functions are only for integers. I cant find any solution for strings. Thx for suggestions.

examples for integers only, i tried many times but not working. — nebuchadnezzar, Dec 23 '22 at 08:13
I really hope this isn't some remote database, otherwise you open a big breach in your security by executing externally provided code. Somebody can reverse engineer your system and delete/acquire your data — Alexey S. Larionov, Dec 23 '22 at 08:13

score 1 · Accepted Answer · answered Dec 23 '22 at 08:12

1

You can use the exec function for that:

pl = 'mancity,manunited,arsenal|2|3|4|5'
func_to_exec = 'split("\|")[0].split(",")[1]'

exec(f'result = pl.{func_to_exec}')
print(result)  # Output: 'manunited'

answered Dec 23 '22 at 08:12

kalzso

502
2
6
27

2

And yes, as someone said above, better to avoid using exec and eval whenever possible, as they can be vulnerable to injection attacks – kalzso Dec 23 '22 at 08:14
1

i know, its not remote db and its console app. And its works! Thank you for your suggestion. Regards – nebuchadnezzar Dec 23 '22 at 08:18

How to call dynamicly string operations in Python?

1 Answers1