Contents

  1. birthyear2.py
  2. birthyear3.py
  3. birthyear.py
  4. file_input.py
  5. fixed_input.py
  6. security_bug.py
  7. validInput.py

birthyear2.py 1/7

[
top][prev][next]
# Demonstrate validating user input
# Made from a student's code from Lab 1

def main():
    #Program mission statement
    print "This program determines your birth year" 
    print "given your age and the current year \n"

    try:
        age=input("Enter your age: ")
        currentyear=input("Enter the current year: ")
    except: 
        print
        print "ERROR: Your input was not in the correct format."
        print "Enter two integer values for your age and the year."
        return
    
    if age < 0 :
        print "Come on: you need to have a positive age."
    
    else:
        #Subtract age from current year
        birthyear=currentyear - age
        #Display output to the user
        print "You were either born in", birthyear, "or", birthyear-1


main()

birthyear3.py 2/7

[
top][prev][next]
# Demonstrate validating user input
# Made from a student's code from Lab 1

def main():
    #Program mission statement
    print "This program determines your birth year" 
    print "given your age and the current year \n"

    age = getIntegerInput("Enter your age: ")
    currentyear = getIntegerInput("Enter the current year: ")
    
    #Subtract age from current year
    birthyear=currentyear - age
    #Display output to the user
    print "You were either born in", birthyear, "or", birthyear-1


def getIntegerInput(prompt):
    while True: 
        try:
            value=input(prompt)
            if value > 0:
                return value
            else:
                print "Number is out of range"
        except: 
            print
            print "ERROR: Your input was not in the correct format."
            print "Enter an integer value"

main()

birthyear.py 3/7

[
top][prev][next]
# Demonstrate validating user input
# Made from a student's code from Lab 1

def main():
    #Program mission statement
    print "This program determines your birth year" 
    print "given your age and the current year \n"

    age=input("Enter your age: ")
    currentyear=input("Enter the current year: ")
    
    if age < 0 :
        print "Come on: you need to have a positive age."
    elif currentyear < 0:
        print "You need to have a positive year."
    else:
        #Subtract age from current year
        birthyear=currentyear - age
        #Display output to the user
        print "You were either born in", birthyear, "or", birthyear-1


main()

file_input.py 4/7

[
top][prev][next]
# Example of providing a validated list of input
# Sara Sprenkle, 11.16.2007

def main():
    VALID_LIST= ["cpm.log", "cpm2.log", "dspace-2006.apr-jun.log", "dspace-2007.apr-jun.log"]
        
    print 
    print "Which of the following files do you want to process?"
    
    x = 1
    for filename in VALID_LIST:
        print "\t%d: %s"%(x, filename)
        x+=1
    
    choicestr = raw_input("Select the file by number: ")
    print
    
    try:
        choice = int(choicestr)
        if choice < 1 or choice > len(VALID_LIST):
            print "ERROR:", choice, "is not a valid selection."
        else:
            print "Processing file %d: %s" % (choice, VALID_LIST[choice-1])
        
    except:
        print "ERROR: selection must be an integer."
    
    
main()

fixed_input.py 5/7

[
top][prev][next]
# Example of addressing the input() security bug in Python
# Sara Sprenkle, 11.16.07

totalGrades = 0
numGrades = input("How many grades are there? ")

if numGrades <= 0:
    print "Error: Number of grades must be positive"
    sys.exit(1)

for x in xrange(numGrades):
    gradestring = raw_input("Enter grade " + str(x) + ": ")
    
    try:
        grade = int(gradestring)
        totalGrades += grade
    except:
    # Note that one less grade will be included; does not
    # reprompt for grade
        print "Error: the grade must be an integer."
        
avgGrade = totalGrades/float(numGrades)

print "The student's average is %.2f." % avgGrade

security_bug.py 6/7

[
top][prev][next]
# Example of security bug in python with input() function in Python
# Sara Sprenkle, 11.16.07

totalGrades = 0
numGrades = input("How many grades are there? ")

if numGrades <= 0:
    print "Error: Number of grades must be positive"
    sys.exit(1)

for x in xrange(numGrades):
    # Try entering something like "totalGrades * 2" for the second grade
    totalGrades += input("Enter grade " + str(x) + ": ")

avgGrade = totalGrades/float(numGrades)

print "The student's average is %.2f." % avgGrade

validInput.py 7/7

[
top][prev][next]
# Demonstrate validating user input
# Made from a student's code from Lab 1

def main():
    #Program mission statement
    print "This program determines your birth year" 
    print "given your age and the current year \n"

    age=input("Enter your age: ")
    currentyear=input("Enter the current year: ")
    
    if age < 0 :
        print "Come on: you need to have a positive age."
    
    else:
        #Subtract age from current year
        birthyear=currentyear - age
        #Display output to the user
        print "You were either born in", birthyear, "or", birthyear-1


main()

Generated by GNU enscript 1.6.4.