in exercise 52 i’m trying to figure this out, still feel like a lot of this is going straight over my head sometimes
def load_room(name):
"""
There is a potential security problem here.
Who gets to set name? Can that expose a variable?
"""
return globals().get(name)
def name_room(room):
"""
Same possible security problem. Can you trust room?
What's a better solution than this globals lookup?
"""
for key, value in globals().items():
if value == room:
return key
globals was something i hadn’t seen before, if i print globals i can see every global variable in a dictionary format including functions.
first question
would loading the rooms in their own dictionary fix the security issue, by making the only variables accessible, the rooms you have created?
dict = {'a': Room('room 1', 'disc 1'),
'b': Room('room 2', 'disc 2')}
def load_room(name):
"""
There is a potential security problem here.
Who gets to set name? Can that expose a variable?
"""
return dict.get(name)
def name_room(room):
for key, value in dict.items():
if value == room:
return key
second question
I’m really not putting this together how could i do something with those exposed variables?
so the first function returns the module associated with the key(name), in the context of the game, you would then use that module to get the data to display in your site/engine. wouldn’t this automatically throw an error as that data wouldn’t be available?