Forum: Ruby Convert String to Hash

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
91308e9bc88cb069fd1bcf88e910d042?d=identicon&s=25 Nick Snels (nicksnels)
on 2006-03-09 12:52
Hi,

I get a string inputted in my program, which I convert to a hash-like
string, like:

sql = '"table_alias" => [],"original_string" => "select * from table"'

The string has the form of a hash, now I would like to convert this
string to an actual hash. I tried it like:

test = Hash[sql]
or
test = Hash.[](sql)

but I get the following error:
test2.rb:2:in `[]': odd number of arguments for Hash (ArgumentError)
from test2.rb:2

When I do it like,

test = Hash.new
test = sql

test becomes a String and is no longer a Hash.

Is there an easy way to convert my hash-like string to an actual hash?
Thanks for any help.

Kind regards,

Nick
F1653a5cad4e1859403491de917f8f49?d=identicon&s=25 Bernhard 'elven' Stoeckner (Guest)
on 2006-03-09 13:01
(Received via mailing list)
Nick Snels scribbled on Thursday 09 Mar 2006 12:52:
> test = Hash[sql]
> test = sql
>
> test becomes a String and is no longer a Hash.
>
> Is there an easy way to convert my hash-like string to an actual hash?
> Thanks for any help.
>
> Kind regards,
>
> Nick

Hi Nick,

no, you can't pass it to Hash.new directly, you'd have to write a parser
for
it yourself. If you're feeling lucky, you can use eval() to do that.

*takes cover from flying bananas and such*

Bernhard
4ab06a38273fa1f5f14bbbca592ee031?d=identicon&s=25 Rob Pitt (Guest)
on 2006-03-09 13:01
(Received via mailing list)
Use YAML.
4ab06a38273fa1f5f14bbbca592ee031?d=identicon&s=25 Rob Pitt (Guest)
on 2006-03-09 13:04
(Received via mailing list)
*throws banana ad Bernhard*

no no no don't eval user supplied strings you are asking to be hacked :)
B97225f66bb5caac601b12735d430a0d?d=identicon&s=25 Marcin MielżyÅ?ski (Guest)
on 2006-03-09 13:04
(Received via mailing list)
Nick Snels wrote:
> Hi,
>
> I get a string inputted in my program, which I convert to a hash-like
> string, like:
>
> sql = '"table_alias" => [],"original_string" => "select * from table"'
>

The simplest, although slow:

sql = '"table_alias" => [],"original_string" => "select * from table"'
hash = eval('{'+sql+'}')


lopex
4ab06a38273fa1f5f14bbbca592ee031?d=identicon&s=25 Rob Pitt (Guest)
on 2006-03-09 13:10
(Received via mailing list)
Argh!

Please stop telling people to eval user supplied strings!

The *ONLY* time it is safe to use eval is if all the contents are
generated by you and NONE of the components come from user input.

It looks here like original_string comes from user.

Imagine if I supplied this:

" => 'lame'; `rm -rf /` #
F1653a5cad4e1859403491de917f8f49?d=identicon&s=25 Bernhard 'elven' Stoeckner (Guest)
on 2006-03-09 13:10
(Received via mailing list)
Rob Pitt scribbled on Thursday 09 Mar 2006 13:01:

> *throws banana ad Bernhard*
>
> no no no don't eval user supplied strings you are asking to be hacked :)

Well, in certain local-only low-security scenarios it might be of use. I
wouldn't know where Nick takes his strings from. :}
91308e9bc88cb069fd1bcf88e910d042?d=identicon&s=25 Nick Snels (nicksnels)
on 2006-03-09 13:41
Hi,

thanks for all the replies. I used the eval method and it worked!! The
string doesn't come directly from user input. It first goes through a
Perl sql parser and then into my program. So hopefully this doesn't
introduce any security issues, but I will be aware of the possibility.
Thanks for the help.

Kind regards,

Nick

Bernhard 'elven' Stoeckner wrote:
> Rob Pitt scribbled on Thursday 09 Mar 2006 13:01:
>
>> *throws banana ad Bernhard*
>>
>> no no no don't eval user supplied strings you are asking to be hacked :)
>
> Well, in certain local-only low-security scenarios it might be of use. I
> wouldn't know where Nick takes his strings from. :}
This topic is locked and can not be replied to.