http://qs1969.pair.com?node_id=902053


in reply to Re: "Dynamic" dispatch tables
in thread "Dynamic" dispatch tables

Right, that's the part where user input becomes code in my original post:
$dispatch_table{$tc} = sub {eval "tcid_$tc()"},
$tc is a value entered by the user. I'm dynamically creating the sub name tcid_$tc based on that input. Since this is in an eval, there are of course bad things a user could do here (like supplying --tcid 1;<bad code here>), but since this code will never be released to the public I don't see this as a big issue. And of course I can add some additional parsing for example that a tcid is only \d+ and nothing else.

Replies are listed 'Best First'.
Re^3: "Dynamic" dispatch tables
by mr_mischief (Monsignor) on Apr 29, 2011 at 18:23 UTC
    Well, if the only people running the code would also have access to alter the code then you're not really protecting the system from anything but an accident.
      OK, good point, thanks.