Beefy Boxes and Bandwidth Generously Provided by pair Networks
good chemistry is complicated,
and a little bit messy -LW
 
PerlMonks  

Re^2: Executing a string as a Perl command

by Jenda (Abbot)
on May 10, 2011 at 13:57 UTC ( [id://903980]=note: print w/replies, xml ) Need Help??


in reply to Reaped: Re: Executing a string as a Perl command
in thread Executing a string as a Perl command

Drop the double quotes! They are not necessary (in this case) and just slow the code down. In some cases blindly enclosing variables in quotes would lead to strange looking bugs. This is Perl, not a shell script.

Jenda
Enoch was right!
Enjoy the last years of Rome.

Replies are listed 'Best First'.
Re^3: Executing a string as a Perl command
by petdance (Parson) on May 11, 2011 at 15:00 UTC
    The "slow the code down" is so small as to be non-existent.

    xoxo,
    Andy

      I agree. It's a question of readability. It requires extra thought to process the unexpected and useless quotes.

      Depends. If the variable contains a short string, then the slow down will be negligible. If it contains a number and the subroutine needs to do some more computations, then you've just forced perl to convert the number to a string and back. If nothing more, it's wasteful.

      Then there is yet another case. What if the variable contains a huge string? You've just made yet another copy ...

      Jenda
      Enoch was right!
      Enjoy the last years of Rome.

        If it contains a number and the subroutine needs to do some more computations, then you've just forced perl to convert the number to a string and back.

        Which is still negligible, especially when one is about to spawn another process.

        xoxo,
        Andy

      I thought using eval in that way, on a scalar to execute a command is a NO-NO for security and not best practice!

      cant you just use the qx or system call?

        I thought using eval in that way, on a scalar to execute a command is a NO-NO for security and not best practice! cant you just use the qx or system call?

        You must think about where the scalar came from, and how much you trust that source (taint checking can help you keep track of that, but you still have to think about it), but if you do trust it, it is fine.

        You similarly have to think about it if you interpolate it (uselessly) into a string.

        Even more so for qx or system.

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://903980]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others rifling through the Monastery: (3)
As of 2024-03-19 11:56 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found