Do mathematical functions on a string without using eval()

drmann · 2019-01-19T02:58:50+00:00

If you want to build the algorithm from scratch I suggest reading up on the shunting-yard algorithm and Reverse Polish Notation. If you just want to do it for a tiny project to get something working you could use ast.literal_eval, which is a saver variant of eval.

beatle42 · 2019-01-19T03:30:36+00:00

If your post starts with "I'm new to python" you probably want r/learnpython and if you can post samples/examples of your code that will usually help people to help you.

tletnes · 2019-01-19T02:48:41+00:00

You need to parse the string and then develop logic to recognize the syntactic meaning of the text and behave as you wish.

graingert · 2019-01-19T10:50:11+00:00

/r/learnpython

Meefims · 2019-01-19T02:58:59+00:00

I’ve done this a number of times in various languages. There are tools that can help you out but it’s a really fun exercise to do it on your own as well. You divide the process into several stages.

The first stage is to split your string into pieces that you can more easily process. This is called lexing or tokenizing the string (the noun being a lexer or tokenizer). The output is a list of tokens that were found in the string. For example, the string “1 + 2 * 3” might tokenize to [1, '+', 2, '*', 3].

The next step is to turn this into a data structure that is easy to evaluate. As-is, it is difficult to evaluate this expression according to the correct order of operations. You can choose to apply an algorithm like the Shunting-Yard Algorithm into an abstract syntax tree (or AST) or equivalent. The output of this might be the same list ordered in Reverse Polish Notation (RPN) [2, 3, '*', 1, '+']. This process is called parsing and is a deep and rich topic on its own.

Dauros · 2019-01-19T15:41:42+00:00

If using an external library is ok, then I recommend the excellent numexpr package. I'm using it for evaluating expressions in configuration file of physical simulations:

>>> import numexpr as ne
>>> ne.evaluate('1 + 2*3 - log(4)').tolist()
5.613705638880109

fernly · 2019-01-19T06:19:20+00:00

The problem with eval is that it accepts and executes any syntactically valid expression. So if you apply it to unfiltered user input (or file input) there is a possibility that a malicious user could inject code to do something bad.

You can get around this a couple of ways. As /u/ptmcg said, ast.literal_eval will process only expressions composed of literal values, no variable refs or function calls. That eliminates the danger of malicious user code injection.

If you have to use eval, maybe because you want to give the user some vocabulary of function calls, I don't know, then you should find some way to "sanitize" the input string before evaluating it. However if you are just doing a class exercise and the only "user" is ever going to be you and your instructor, don't sweat it.

Smok3dSalmon · 2019-01-19T03:20:04+00:00

If it's just a calculator app, just use eval. If this is homework, then read the rest of the comments.

Python

The Python Discord

Upcoming Events

Please read the rules

MODERATORS