because then some mean person could give you some input like "2 ** (2 ** (2 ** (2 ** (2 ** (2 ** (2 ** (2 ** (2 ** (2 ** (2 ** (2 ** (2 ** (2 ** (2 ** (2 ** (2 ** (2 ** (2 ** (2 ** 2)))))))))))))))))))" on the webpage, taking loads of CPU on your server. Or even worse, try to delete some files. This probably works, because the strings that are validated seem to be user-provided.
Comment
why not use:
cm = eval(cm)
or even:
cm = int(eval(cm))
Replies
because then some mean person could give you some input like "2 ** (2 ** (2 ** (2 ** (2 ** (2 ** (2 ** (2 ** (2 ** (2 ** (2 ** (2 ** (2 ** (2 ** (2 ** (2 ** (2 ** (2 ** (2 ** (2 ** 2)))))))))))))))))))" on the webpage, taking loads of CPU on your server. Or even worse, try to delete some files. This probably works, because the strings that are validated seem to be user-provided.