NameError: name 'Family' is not defined

I runned this python code in Pydev, and get NameError: name ‘Family’ is not defined.I don’t know why it happened. I didn’t even use the variable ‘Family’.
The python version is：Python 3.6.4 :: Anaconda, Inc.
Eclipse Java EE IDE for Web Developers.
Version: Oxygen.3a Release (4.7.3a)
Build id: 20180405-1200
OS: Windows 10, v.10.0, x86_64 / win32

import requests
import re

start_url=“https://basicenglishspeaking.com/daily-english-conversation-topics/”
mn = requests.get(start_url, timeout=30)
html = mn.text
pw = re.compile(r’\d{1,2}.\s<a\shref="https.*?</a>’)
urls = re.findall(pw, html)
for i in range(len(urls)):
key = eval(urls[i].split(’>’)[1].split(’<’)[0])
num = eval(urls[i].split(’.’)[0])
keys.append([key,num])
print(keys)

The error information:
Traceback (most recent call last):
File “C:\Users\JOY\eclipse-workspace\learn\spider\ces.py”, line 10, in
key = eval(urls[i].split(’>’)[1].split(’<’)[0])
File “”, line 1, in
NameError: name ‘Family’ is not defined

You’re probably trying to evaluate some string that comes from the downloaded webpage. There are couple of eval() occurences.

Note that if the downloaded webpage contains actual valid python code, you would evaluate it on your machine without knowing about it. It’s totally insecure to eval() untrusted input (here the contents of a webpage). Whatever you’re trying to achieve - you’re most probably doing it wrong and in an insecure manner. It would be better if you described the problem you’re trying to solve instead.

Thanks for your reply! Yes, I get rid of the eval() function, it works fine and i got what I want.

Hi Gongyq, and welcome!

Why are you calling “eval”?

If I am reading your code correctly, you are downloading the HTML code

from a foreign website, extracting text out of that website, and then

using eval to run that text as Python code.

This is very dangerous!

You are very lucky that the first time you try it, the “code” fails with

an error. But if the website was malicious, it could do anything on

your computer: delete files, send emails, upload your data somewhere,

anything at all.

NEVER NEVER NEVER run eval on data you don’t trust. This is a code

injection vulnerability:

Your code downloads the HTML code from the website, extracts the word

“Family”, and tries to evaluate it as Python code, which gives you an

error:

> eval("Family")

Traceback (most recent call last):

NameError: name 'Family' is not defined

But a malicious website could do anything it can trick you into

eval()'ing:

> eval("print('You have bad breath')")

You have bad breath

The two dangerous lines are these:

key = eval(urls[i].split('>')[1].split('<')[0])

num = eval(urls[i].split('.')[0])

Change them to this:

key = urls[i].split('>')[1].split('<')[0]

num = int(urls[i].split('.')[0])

You scared me. I didn’t know it was so dangerous. And you solved my doubt. “Family” is indeed the first word. Thank you for reminding me.