필터 지우기
필터 지우기

How can I create a function which evaluate only strings which represent only mathematical functions?

조회 수: 4 (최근 30일)
How can I create a function which evaluates only strings which represent only mathematical functions?
I have an inputdlg box and I insert string which represents a random mathematical function.for example exp(x)+log(x)/cos(2*pi*x). How can I make a function which evaluate this and ignore anything else which doesn't have to do with mathematics?
  댓글 수: 2
Matt Fig
Matt Fig 2011년 6월 6일
I think that is a rather tall order. How will your system know whether or not an item in the string has to do with Mathematics, unless you exhaustively check for use of every possible function?
sadel
sadel 2011년 6월 6일
Yeah, you right but how can I avoid the fact that some user can insert a string like this 'delete(''*.*'')' or this 'cla' or something else which can be evaluated but it isn't what I want?

댓글을 달려면 로그인하십시오.

채택된 답변

Walter Roberson
Walter Roberson 2011년 6월 8일
I used to work in computer security. This is what decades of research in computer security has found:
When you are parsing something, *never* take the approach of rejecting things you know your code does not handle. There will almost always be something you overlooked, some way of slipping something by your rejection filters, perhaps something that was not previously known as being dangerous. Instead, for security, define specifically what you will *accept* and reject everything else.
For example, you want to reject delete('*.*') -- but how well do you know MuPad? Do you know all of the MuPad routines that can be convinced to take numeric input and convert it to character strings that are executed?
Accept only what you know to be safe.
  댓글 수: 1
sadel
sadel 2011년 6월 8일
I think I'll quit. This project is my bachelor thesis and I don't have enough time. Next week I have to present it. I will use my above code with a try-catch function and I will hope. :)

댓글을 달려면 로그인하십시오.

추가 답변 (5개)

Walter Roberson
Walter Roberson 2011년 6월 6일
We already went through this. There is no way to do what you are asking. The sample string of symbols means different things under different interpretations. The "real" meaning of a string of symbols depends upon intent.
You can define meanings for all of the functions and operators that you intend to support, but you cannot determine whether a string represents a "mathematical function" or not.
Quoting myself from a week ago:
You haven't defined your requirements.
Paulo recommended symvar and that is likely a good place to start. Extract the variables from the expression, and if any of them in the expression are not on the approved list, veto the expression.
It is also possible to extract the names of all of the functions used and compare them to your approved list. Note, though, that the internal name of functions might not be the obvious one, so experiment to see what the names actually are. In Maple, you would use indets() with fairly specific parameters to extract the function names; I am not sure what the MuPad equivalent would be.
  댓글 수: 3
sadel
sadel 2011년 6월 7일
Do you know FCNCHK function? Do you think that it can help me for my purpose?
sadel
sadel 2011년 6월 7일
If I could make symvar to identify the symbol 't' and not return it then I could create
a function which evaluate only strings which represent only mathematical functions
t=0:0.1:10;
insertfunction='cos(2*pi*t))'
gh=symvar(insertfunction)
if (gh is an empty cell array)
eval(['v =0*t+ ',vectorize(gh),';'])
plot(t,v)
end
Well,is this possible?

댓글을 달려면 로그인하십시오.


Matt Fig
Matt Fig 2011년 6월 6일
Here is a radical idea, and I cannot guarantee it will work. But it might be worth a try..
str = '! dir &'; % Example of something you don't want the user to do.
try
F = figure('visible','off');
Ax = axes;
ezplot(str) % This will do the checking for you!
delete(F) % If you made it to here, the string is o.k.
catch
delete(F)
% Do something here, like notify the user that this is invalid.
end
% Now process your string....
F = str2func(['@(x)' ,str]);
Again, this may not be foolproof, but it might be worth a try with some known examples for str...

Robert Cumming
Robert Cumming 2011년 6월 6일
Do you want a method of ensuring your end user can only generate valid matlab code which contains valid mathematical equations?
This commercial software has functionality which allows the generation of controlled matlab functions which contain equations. The code is still under development but the downloadable demo shows the main functionality.
For the matlab end user the output is controlable valid Matlab scripts, functions or class definitions.
  댓글 수: 4
sadel
sadel 2011년 6월 7일
I was doing something wrong. Now it's ok. What can I do now with this program?
Robert Cumming
Robert Cumming 2011년 6월 8일
there should be tutorials at the back of the user guide which show you how to create equations - which you can then check/verify before saving them as valid matlab code (using export)

댓글을 달려면 로그인하십시오.


Andrei Bobrov
Andrei Bobrov 2011년 6월 7일
how Matt
insertfunction='cos(2*pi*t)';
gh=symvar(insertfunction);
f = str2func(['@(',gh{:},')',vectorize(insertfunction)]);
plot(t,f(t))

sadel
sadel 2011년 6월 7일
Well, I think I found the answer. Tell me your opinion!!!
t=0:0.1:10;
insertfunction='cos(2*pi*t)';
gh=symvar(insertfunction);
if (isempty(gh)) | (strcmp(gh,'t')==1)
eval(['v =0*t+ ',vectorize(insertfunction),';']);
plot(t,v)
else
warn='Invalid variable'
end

Community Treasure Hunt

Find the treasures in MATLAB Central and discover how the community can help you!

Start Hunting!

Translated by