search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
#2809: elaborate str.split docstring a bit.
[python.git] / Lib / cgi.py
blob8760f960549d977f7a4bd0d31d96316da3568003
1 #! /usr/local/bin/python
2
3 # NOTE: the above "/usr/local/bin/python" is NOT a mistake. It is
4 # intentionally NOT "/usr/bin/env python". On many systems
5 # (e.g. Solaris), /usr/local/bin is not in $PATH as passed to CGI
6 # scripts, and /usr/local/bin is the default directory where Python is
7 # installed, so /usr/bin/env would be unable to find python. Granted,
8 # binary installations by Linux vendors often install Python in
9 # /usr/bin. So let those vendors patch cgi.py to match their choice
10 # of installation.
11
12 """Support module for CGI (Common Gateway Interface) scripts.
13
14 This module defines a number of utilities for use by CGI scripts
15 written in Python.
16 """
17
18 # XXX Perhaps there should be a slimmed version that doesn't contain
19 # all those backwards compatible and debugging classes and functions?
20
21 # History
22 # -------
23 #
24 # Michael McLay started this module. Steve Majewski changed the
25 # interface to SvFormContentDict and FormContentDict. The multipart
26 # parsing was inspired by code submitted by Andreas Paepcke. Guido van
27 # Rossum rewrote, reformatted and documented the module and is currently
28 # responsible for its maintenance.
29 #
30
31 __version__ = "2.6"
32
33
34 # Imports
35 # =======
36
37 from operator import attrgetter
38 import sys
39 import os
40 import urllib
41 import mimetools
42 import rfc822
43 import UserDict
44 try:
45 from cStringIO import StringIO
46 except ImportError:
47 from StringIO import StringIO
48
49 __all__ = ["MiniFieldStorage", "FieldStorage", "FormContentDict",
50 "SvFormContentDict", "InterpFormContentDict", "FormContent",
51 "parse", "parse_qs", "parse_qsl", "parse_multipart",
52 "parse_header", "print_exception", "print_environ",
53 "print_form", "print_directory", "print_arguments",
54 "print_environ_usage", "escape"]
55
56 # Logging support
57 # ===============
58
59 logfile = "" # Filename to log to, if not empty
60 logfp = None # File object to log to, if not None
61
62 def initlog(*allargs):
63 """Write a log message, if there is a log file.
64
65 Even though this function is called initlog(), you should always
66 use log(); log is a variable that is set either to initlog
67 (initially), to dolog (once the log file has been opened), or to
68 nolog (when logging is disabled).
69
70 The first argument is a format string; the remaining arguments (if
71 any) are arguments to the % operator, so e.g.
72 log("%s: %s", "a", "b")
73 will write "a: b" to the log file, followed by a newline.
74
75 If the global logfp is not None, it should be a file object to
76 which log data is written.
77
78 If the global logfp is None, the global logfile may be a string
79 giving a filename to open, in append mode. This file should be
80 world writable!!! If the file can't be opened, logging is
81 silently disabled (since there is no safe place where we could
82 send an error message).
83
84 """
85 global logfp, log
86 if logfile and not logfp:
87 try:
88 logfp = open(logfile, "a")
89 except IOError:
90 pass
91 if not logfp:
92 log = nolog
93 else:
94 log = dolog
95 log(*allargs)
96
97 def dolog(fmt, *args):
98 """Write a log message to the log file. See initlog() for docs."""
99 logfp.write(fmt%args + "\n")
100
101 def nolog(*allargs):
102 """Dummy function, assigned to log when logging is disabled."""
103 pass
104
105 log = initlog # The current logging function
106
107
108 # Parsing functions
109 # =================
110
111 # Maximum input we will accept when REQUEST_METHOD is POST
112 # 0 ==> unlimited input
113 maxlen = 0
114
115 def parse(fp=None, environ=os.environ, keep_blank_values=0, strict_parsing=0):
116 """Parse a query in the environment or from a file (default stdin)
117
118 Arguments, all optional:
119
120 fp : file pointer; default: sys.stdin
121
122 environ : environment dictionary; default: os.environ
123
124 keep_blank_values: flag indicating whether blank values in
125 URL encoded forms should be treated as blank strings.
126 A true value indicates that blanks should be retained as
127 blank strings. The default false value indicates that
128 blank values are to be ignored and treated as if they were
129 not included.
130
131 strict_parsing: flag indicating what to do with parsing errors.
132 If false (the default), errors are silently ignored.
133 If true, errors raise a ValueError exception.
134 """
135 if fp is None:
136 fp = sys.stdin
137 if not 'REQUEST_METHOD' in environ:
138 environ['REQUEST_METHOD'] = 'GET' # For testing stand-alone
139 if environ['REQUEST_METHOD'] == 'POST':
140 ctype, pdict = parse_header(environ['CONTENT_TYPE'])
141 if ctype == 'multipart/form-data':
142 return parse_multipart(fp, pdict)
143 elif ctype == 'application/x-www-form-urlencoded':
144 clength = int(environ['CONTENT_LENGTH'])
145 if maxlen and clength > maxlen:
146 raise ValueError, 'Maximum content length exceeded'
147 qs = fp.read(clength)
148 else:
149 qs = '' # Unknown content-type
150 if 'QUERY_STRING' in environ:
151 if qs: qs = qs + '&'
152 qs = qs + environ['QUERY_STRING']
153 elif sys.argv[1:]:
154 if qs: qs = qs + '&'
155 qs = qs + sys.argv[1]
156 environ['QUERY_STRING'] = qs # XXX Shouldn't, really
157 elif 'QUERY_STRING' in environ:
158 qs = environ['QUERY_STRING']
159 else:
160 if sys.argv[1:]:
161 qs = sys.argv[1]
162 else:
163 qs = ""
164 environ['QUERY_STRING'] = qs # XXX Shouldn't, really
165 return parse_qs(qs, keep_blank_values, strict_parsing)
166
167
168 def parse_qs(qs, keep_blank_values=0, strict_parsing=0):
169 """Parse a query given as a string argument.
170
171 Arguments:
172
173 qs: URL-encoded query string to be parsed
174
175 keep_blank_values: flag indicating whether blank values in
176 URL encoded queries should be treated as blank strings.
177 A true value indicates that blanks should be retained as
178 blank strings. The default false value indicates that
179 blank values are to be ignored and treated as if they were
180 not included.
181
182 strict_parsing: flag indicating what to do with parsing errors.
183 If false (the default), errors are silently ignored.
184 If true, errors raise a ValueError exception.
185 """
186 dict = {}
187 for name, value in parse_qsl(qs, keep_blank_values, strict_parsing):
188 if name in dict:
189 dict[name].append(value)
190 else:
191 dict[name] = [value]
192 return dict
193
194 def parse_qsl(qs, keep_blank_values=0, strict_parsing=0):
195 """Parse a query given as a string argument.
196
197 Arguments:
198
199 qs: URL-encoded query string to be parsed
200
201 keep_blank_values: flag indicating whether blank values in
202 URL encoded queries should be treated as blank strings. A
203 true value indicates that blanks should be retained as blank
204 strings. The default false value indicates that blank values
205 are to be ignored and treated as if they were not included.
206
207 strict_parsing: flag indicating what to do with parsing errors. If
208 false (the default), errors are silently ignored. If true,
209 errors raise a ValueError exception.
210
211 Returns a list, as G-d intended.
212 """
213 pairs = [s2 for s1 in qs.split('&') for s2 in s1.split(';')]
214 r = []
215 for name_value in pairs:
216 if not name_value and not strict_parsing:
217 continue
218 nv = name_value.split('=', 1)
219 if len(nv) != 2:
220 if strict_parsing:
221 raise ValueError, "bad query field: %r" % (name_value,)
222 # Handle case of a control-name with no equal sign
223 if keep_blank_values:
224 nv.append('')
225 else:
226 continue
227 if len(nv[1]) or keep_blank_values:
228 name = urllib.unquote(nv[0].replace('+', ' '))
229 value = urllib.unquote(nv[1].replace('+', ' '))
230 r.append((name, value))
231
232 return r
233
234
235 def parse_multipart(fp, pdict):
236 """Parse multipart input.
237
238 Arguments:
239 fp : input file
240 pdict: dictionary containing other parameters of content-type header
241
242 Returns a dictionary just like parse_qs(): keys are the field names, each
243 value is a list of values for that field. This is easy to use but not
244 much good if you are expecting megabytes to be uploaded -- in that case,
245 use the FieldStorage class instead which is much more flexible. Note
246 that content-type is the raw, unparsed contents of the content-type
247 header.
248
249 XXX This does not parse nested multipart parts -- use FieldStorage for
250 that.
251
252 XXX This should really be subsumed by FieldStorage altogether -- no
253 point in having two implementations of the same parsing algorithm.
254 Also, FieldStorage protects itself better against certain DoS attacks
255 by limiting the size of the data read in one chunk. The API here
256 does not support that kind of protection. This also affects parse()
257 since it can call parse_multipart().
258
259 """
260 boundary = ""
261 if 'boundary' in pdict:
262 boundary = pdict['boundary']
263 if not valid_boundary(boundary):
264 raise ValueError, ('Invalid boundary in multipart form: %r'
265 % (boundary,))
266
267 nextpart = "--" + boundary
268 lastpart = "--" + boundary + "--"
269 partdict = {}
270 terminator = ""
271
272 while terminator != lastpart:
273 bytes = -1
274 data = None
275 if terminator:
276 # At start of next part. Read headers first.
277 headers = mimetools.Message(fp)
278 clength = headers.getheader('content-length')
279 if clength:
280 try:
281 bytes = int(clength)
282 except ValueError:
283 pass
284 if bytes > 0:
285 if maxlen and bytes > maxlen:
286 raise ValueError, 'Maximum content length exceeded'
287 data = fp.read(bytes)
288 else:
289 data = ""
290 # Read lines until end of part.
291 lines = []
292 while 1:
293 line = fp.readline()
294 if not line:
295 terminator = lastpart # End outer loop
296 break
297 if line[:2] == "--":
298 terminator = line.strip()
299 if terminator in (nextpart, lastpart):
300 break
301 lines.append(line)
302 # Done with part.
303 if data is None:
304 continue
305 if bytes < 0:
306 if lines:
307 # Strip final line terminator
308 line = lines[-1]
309 if line[-2:] == "\r\n":
310 line = line[:-2]
311 elif line[-1:] == "\n":
312 line = line[:-1]
313 lines[-1] = line
314 data = "".join(lines)
315 line = headers['content-disposition']
316 if not line:
317 continue
318 key, params = parse_header(line)
319 if key != 'form-data':
320 continue
321 if 'name' in params:
322 name = params['name']
323 else:
324 continue
325 if name in partdict:
326 partdict[name].append(data)
327 else:
328 partdict[name] = [data]
329
330 return partdict
331
332
333 def parse_header(line):
334 """Parse a Content-type like header.
335
336 Return the main content-type and a dictionary of options.
337
338 """
339 plist = [x.strip() for x in line.split(';')]
340 key = plist.pop(0).lower()
341 pdict = {}
342 for p in plist:
343 i = p.find('=')
344 if i >= 0:
345 name = p[:i].strip().lower()
346 value = p[i+1:].strip()
347 if len(value) >= 2 and value[0] == value[-1] == '"':
348 value = value[1:-1]
349 value = value.replace('\\\\', '\\').replace('\\"', '"')
350 pdict[name] = value
351 return key, pdict
352
353
354 # Classes for field storage
355 # =========================
356
357 class MiniFieldStorage:
358
359 """Like FieldStorage, for use when no file uploads are possible."""
360
361 # Dummy attributes
362 filename = None
363 list = None
364 type = None
365 file = None
366 type_options = {}
367 disposition = None
368 disposition_options = {}
369 headers = {}
370
371 def __init__(self, name, value):
372 """Constructor from field name and value."""
373 self.name = name
374 self.value = value
375 # self.file = StringIO(value)
376
377 def __repr__(self):
378 """Return printable representation."""
379 return "MiniFieldStorage(%r, %r)" % (self.name, self.value)
380
381
382 class FieldStorage:
383
384 """Store a sequence of fields, reading multipart/form-data.
385
386 This class provides naming, typing, files stored on disk, and
387 more. At the top level, it is accessible like a dictionary, whose
388 keys are the field names. (Note: None can occur as a field name.)
389 The items are either a Python list (if there's multiple values) or
390 another FieldStorage or MiniFieldStorage object. If it's a single
391 object, it has the following attributes:
392
393 name: the field name, if specified; otherwise None
394
395 filename: the filename, if specified; otherwise None; this is the
396 client side filename, *not* the file name on which it is
397 stored (that's a temporary file you don't deal with)
398
399 value: the value as a *string*; for file uploads, this
400 transparently reads the file every time you request the value
401
402 file: the file(-like) object from which you can read the data;
403 None if the data is stored a simple string
404
405 type: the content-type, or None if not specified
406
407 type_options: dictionary of options specified on the content-type
408 line
409
410 disposition: content-disposition, or None if not specified
411
412 disposition_options: dictionary of corresponding options
413
414 headers: a dictionary(-like) object (sometimes rfc822.Message or a
415 subclass thereof) containing *all* headers
416
417 The class is subclassable, mostly for the purpose of overriding
418 the make_file() method, which is called internally to come up with
419 a file open for reading and writing. This makes it possible to
420 override the default choice of storing all files in a temporary
421 directory and unlinking them as soon as they have been opened.
422
423 """
424
425 def __init__(self, fp=None, headers=None, outerboundary="",
426 environ=os.environ, keep_blank_values=0, strict_parsing=0):
427 """Constructor. Read multipart/* until last part.
428
429 Arguments, all optional:
430
431 fp : file pointer; default: sys.stdin
432 (not used when the request method is GET)
433
434 headers : header dictionary-like object; default:
435 taken from environ as per CGI spec
436
437 outerboundary : terminating multipart boundary
438 (for internal use only)
439
440 environ : environment dictionary; default: os.environ
441
442 keep_blank_values: flag indicating whether blank values in
443 URL encoded forms should be treated as blank strings.
444 A true value indicates that blanks should be retained as
445 blank strings. The default false value indicates that
446 blank values are to be ignored and treated as if they were
447 not included.
448
449 strict_parsing: flag indicating what to do with parsing errors.
450 If false (the default), errors are silently ignored.
451 If true, errors raise a ValueError exception.
452
453 """
454 method = 'GET'
455 self.keep_blank_values = keep_blank_values
456 self.strict_parsing = strict_parsing
457 if 'REQUEST_METHOD' in environ:
458 method = environ['REQUEST_METHOD'].upper()
459 if method == 'GET' or method == 'HEAD':
460 if 'QUERY_STRING' in environ:
461 qs = environ['QUERY_STRING']
462 elif sys.argv[1:]:
463 qs = sys.argv[1]
464 else:
465 qs = ""
466 fp = StringIO(qs)
467 if headers is None:
468 headers = {'content-type':
469 "application/x-www-form-urlencoded"}
470 if headers is None:
471 headers = {}
472 if method == 'POST':
473 # Set default content-type for POST to what's traditional
474 headers['content-type'] = "application/x-www-form-urlencoded"
475 if 'CONTENT_TYPE' in environ:
476 headers['content-type'] = environ['CONTENT_TYPE']
477 if 'CONTENT_LENGTH' in environ:
478 headers['content-length'] = environ['CONTENT_LENGTH']
479 self.fp = fp or sys.stdin
480 self.headers = headers
481 self.outerboundary = outerboundary
482
483 # Process content-disposition header
484 cdisp, pdict = "", {}
485 if 'content-disposition' in self.headers:
486 cdisp, pdict = parse_header(self.headers['content-disposition'])
487 self.disposition = cdisp
488 self.disposition_options = pdict
489 self.name = None
490 if 'name' in pdict:
491 self.name = pdict['name']
492 self.filename = None
493 if 'filename' in pdict:
494 self.filename = pdict['filename']
495
496 # Process content-type header
497 #
498 # Honor any existing content-type header. But if there is no
499 # content-type header, use some sensible defaults. Assume
500 # outerboundary is "" at the outer level, but something non-false
501 # inside a multi-part. The default for an inner part is text/plain,
502 # but for an outer part it should be urlencoded. This should catch
503 # bogus clients which erroneously forget to include a content-type
504 # header.
505 #
506 # See below for what we do if there does exist a content-type header,
507 # but it happens to be something we don't understand.
508 if 'content-type' in self.headers:
509 ctype, pdict = parse_header(self.headers['content-type'])
510 elif self.outerboundary or method != 'POST':
511 ctype, pdict = "text/plain", {}
512 else:
513 ctype, pdict = 'application/x-www-form-urlencoded', {}
514 self.type = ctype
515 self.type_options = pdict
516 self.innerboundary = ""
517 if 'boundary' in pdict:
518 self.innerboundary = pdict['boundary']
519 clen = -1
520 if 'content-length' in self.headers:
521 try:
522 clen = int(self.headers['content-length'])
523 except ValueError:
524 pass
525 if maxlen and clen > maxlen:
526 raise ValueError, 'Maximum content length exceeded'
527 self.length = clen
528
529 self.list = self.file = None
530 self.done = 0
531 if ctype == 'application/x-www-form-urlencoded':
532 self.read_urlencoded()
533 elif ctype[:10] == 'multipart/':
534 self.read_multi(environ, keep_blank_values, strict_parsing)
535 else:
536 self.read_single()
537
538 def __repr__(self):
539 """Return a printable representation."""
540 return "FieldStorage(%r, %r, %r)" % (
541 self.name, self.filename, self.value)
542
543 def __iter__(self):
544 return iter(self.keys())
545
546 def __getattr__(self, name):
547 if name != 'value':
548 raise AttributeError, name
549 if self.file:
550 self.file.seek(0)
551 value = self.file.read()
552 self.file.seek(0)
553 elif self.list is not None:
554 value = self.list
555 else:
556 value = None
557 return value
558
559 def __getitem__(self, key):
560 """Dictionary style indexing."""
561 if self.list is None:
562 raise TypeError, "not indexable"
563 found = []
564 for item in self.list:
565 if item.name == key: found.append(item)
566 if not found:
567 raise KeyError, key
568 if len(found) == 1:
569 return found[0]
570 else:
571 return found
572
573 def getvalue(self, key, default=None):
574 """Dictionary style get() method, including 'value' lookup."""
575 if key in self:
576 value = self[key]
577 if type(value) is type([]):
578 return map(attrgetter('value'), value)
579 else:
580 return value.value
581 else:
582 return default
583
584 def getfirst(self, key, default=None):
585 """ Return the first value received."""
586 if key in self:
587 value = self[key]
588 if type(value) is type([]):
589 return value[0].value
590 else:
591 return value.value
592 else:
593 return default
594
595 def getlist(self, key):
596 """ Return list of received values."""
597 if key in self:
598 value = self[key]
599 if type(value) is type([]):
600 return map(attrgetter('value'), value)
601 else:
602 return [value.value]
603 else:
604 return []
605
606 def keys(self):
607 """Dictionary style keys() method."""
608 if self.list is None:
609 raise TypeError, "not indexable"
610 return list(set(item.name for item in self.list))
611
612 def has_key(self, key):
613 """Dictionary style has_key() method."""
614 if self.list is None:
615 raise TypeError, "not indexable"
616 return any(item.name == key for item in self.list)
617
618 def __contains__(self, key):
619 """Dictionary style __contains__ method."""
620 if self.list is None:
621 raise TypeError, "not indexable"
622 return any(item.name == key for item in self.list)
623
624 def __len__(self):
625 """Dictionary style len(x) support."""
626 return len(self.keys())
627
628 def __nonzero__(self):
629 return bool(self.list)
630
631 def read_urlencoded(self):
632 """Internal: read data in query string format."""
633 qs = self.fp.read(self.length)
634 self.list = list = []
635 for key, value in parse_qsl(qs, self.keep_blank_values,
636 self.strict_parsing):
637 list.append(MiniFieldStorage(key, value))
638 self.skip_lines()
639
640 FieldStorageClass = None
641
642 def read_multi(self, environ, keep_blank_values, strict_parsing):
643 """Internal: read a part that is itself multipart."""
644 ib = self.innerboundary
645 if not valid_boundary(ib):
646 raise ValueError, 'Invalid boundary in multipart form: %r' % (ib,)
647 self.list = []
648 klass = self.FieldStorageClass or self.__class__
649 part = klass(self.fp, {}, ib,
650 environ, keep_blank_values, strict_parsing)
651 # Throw first part away
652 while not part.done:
653 headers = rfc822.Message(self.fp)
654 part = klass(self.fp, headers, ib,
655 environ, keep_blank_values, strict_parsing)
656 self.list.append(part)
657 self.skip_lines()
658
659 def read_single(self):
660 """Internal: read an atomic part."""
661 if self.length >= 0:
662 self.read_binary()
663 self.skip_lines()
664 else:
665 self.read_lines()
666 self.file.seek(0)
667
668 bufsize = 8*1024 # I/O buffering size for copy to file
669
670 def read_binary(self):
671 """Internal: read binary data."""
672 self.file = self.make_file('b')
673 todo = self.length
674 if todo >= 0:
675 while todo > 0:
676 data = self.fp.read(min(todo, self.bufsize))
677 if not data:
678 self.done = -1
679 break
680 self.file.write(data)
681 todo = todo - len(data)
682
683 def read_lines(self):
684 """Internal: read lines until EOF or outerboundary."""
685 self.file = self.__file = StringIO()
686 if self.outerboundary:
687 self.read_lines_to_outerboundary()
688 else:
689 self.read_lines_to_eof()
690
691 def __write(self, line):
692 if self.__file is not None:
693 if self.__file.tell() + len(line) > 1000:
694 self.file = self.make_file('')
695 self.file.write(self.__file.getvalue())
696 self.__file = None
697 self.file.write(line)
698
699 def read_lines_to_eof(self):
700 """Internal: read lines until EOF."""
701 while 1:
702 line = self.fp.readline(1<<16)
703 if not line:
704 self.done = -1
705 break
706 self.__write(line)
707
708 def read_lines_to_outerboundary(self):
709 """Internal: read lines until outerboundary."""
710 next = "--" + self.outerboundary
711 last = next + "--"
712 delim = ""
713 last_line_lfend = True
714 while 1:
715 line = self.fp.readline(1<<16)
716 if not line:
717 self.done = -1
718 break
719 if line[:2] == "--" and last_line_lfend:
720 strippedline = line.strip()
721 if strippedline == next:
722 break
723 if strippedline == last:
724 self.done = 1
725 break
726 odelim = delim
727 if line[-2:] == "\r\n":
728 delim = "\r\n"
729 line = line[:-2]
730 last_line_lfend = True
731 elif line[-1] == "\n":
732 delim = "\n"
733 line = line[:-1]
734 last_line_lfend = True
735 else:
736 delim = ""
737 last_line_lfend = False
738 self.__write(odelim + line)
739
740 def skip_lines(self):
741 """Internal: skip lines until outer boundary if defined."""
742 if not self.outerboundary or self.done:
743 return
744 next = "--" + self.outerboundary
745 last = next + "--"
746 last_line_lfend = True
747 while 1:
748 line = self.fp.readline(1<<16)
749 if not line:
750 self.done = -1
751 break
752 if line[:2] == "--" and last_line_lfend:
753 strippedline = line.strip()
754 if strippedline == next:
755 break
756 if strippedline == last:
757 self.done = 1
758 break
759 last_line_lfend = line.endswith('\n')
760
761 def make_file(self, binary=None):
762 """Overridable: return a readable & writable file.
763
764 The file will be used as follows:
765 - data is written to it
766 - seek(0)
767 - data is read from it
768
769 The 'binary' argument is unused -- the file is always opened
770 in binary mode.
771
772 This version opens a temporary file for reading and writing,
773 and immediately deletes (unlinks) it. The trick (on Unix!) is
774 that the file can still be used, but it can't be opened by
775 another process, and it will automatically be deleted when it
776 is closed or when the current process terminates.
777
778 If you want a more permanent file, you derive a class which
779 overrides this method. If you want a visible temporary file
780 that is nevertheless automatically deleted when the script
781 terminates, try defining a __del__ method in a derived class
782 which unlinks the temporary files you have created.
783
784 """
785 import tempfile
786 return tempfile.TemporaryFile("w+b")
787
788
789
790 # Backwards Compatibility Classes
791 # ===============================
792
793 class FormContentDict(UserDict.UserDict):
794 """Form content as dictionary with a list of values per field.
795
796 form = FormContentDict()
797
798 form[key] -> [value, value, ...]
799 key in form -> Boolean
800 form.keys() -> [key, key, ...]
801 form.values() -> [[val, val, ...], [val, val, ...], ...]
802 form.items() -> [(key, [val, val, ...]), (key, [val, val, ...]), ...]
803 form.dict == {key: [val, val, ...], ...}
804
805 """
806 def __init__(self, environ=os.environ, keep_blank_values=0, strict_parsing=0):
807 self.dict = self.data = parse(environ=environ,
808 keep_blank_values=keep_blank_values,
809 strict_parsing=strict_parsing)
810 self.query_string = environ['QUERY_STRING']
811
812
813 class SvFormContentDict(FormContentDict):
814 """Form content as dictionary expecting a single value per field.
815
816 If you only expect a single value for each field, then form[key]
817 will return that single value. It will raise an IndexError if
818 that expectation is not true. If you expect a field to have
819 possible multiple values, than you can use form.getlist(key) to
820 get all of the values. values() and items() are a compromise:
821 they return single strings where there is a single value, and
822 lists of strings otherwise.
823
824 """
825 def __getitem__(self, key):
826 if len(self.dict[key]) > 1:
827 raise IndexError, 'expecting a single value'
828 return self.dict[key][0]
829 def getlist(self, key):
830 return self.dict[key]
831 def values(self):
832 result = []
833 for value in self.dict.values():
834 if len(value) == 1:
835 result.append(value[0])
836 else: result.append(value)
837 return result
838 def items(self):
839 result = []
840 for key, value in self.dict.items():
841 if len(value) == 1:
842 result.append((key, value[0]))
843 else: result.append((key, value))
844 return result
845
846
847 class InterpFormContentDict(SvFormContentDict):
848 """This class is present for backwards compatibility only."""
849 def __getitem__(self, key):
850 v = SvFormContentDict.__getitem__(self, key)
851 if v[0] in '0123456789+-.':
852 try: return int(v)
853 except ValueError:
854 try: return float(v)
855 except ValueError: pass
856 return v.strip()
857 def values(self):
858 result = []
859 for key in self.keys():
860 try:
861 result.append(self[key])
862 except IndexError:
863 result.append(self.dict[key])
864 return result
865 def items(self):
866 result = []
867 for key in self.keys():
868 try:
869 result.append((key, self[key]))
870 except IndexError:
871 result.append((key, self.dict[key]))
872 return result
873
874
875 class FormContent(FormContentDict):
876 """This class is present for backwards compatibility only."""
877 def values(self, key):
878 if key in self.dict :return self.dict[key]
879 else: return None
880 def indexed_value(self, key, location):
881 if key in self.dict:
882 if len(self.dict[key]) > location:
883 return self.dict[key][location]
884 else: return None
885 else: return None
886 def value(self, key):
887 if key in self.dict: return self.dict[key][0]
888 else: return None
889 def length(self, key):
890 return len(self.dict[key])
891 def stripped(self, key):
892 if key in self.dict: return self.dict[key][0].strip()
893 else: return None
894 def pars(self):
895 return self.dict
896
897
898 # Test/debug code
899 # ===============
900
901 def test(environ=os.environ):
902 """Robust test CGI script, usable as main program.
903
904 Write minimal HTTP headers and dump all information provided to
905 the script in HTML form.
906
907 """
908 print "Content-type: text/html"
909 print
910 sys.stderr = sys.stdout
911 try:
912 form = FieldStorage() # Replace with other classes to test those
913 print_directory()
914 print_arguments()
915 print_form(form)
916 print_environ(environ)
917 print_environ_usage()
918 def f():
919 exec "testing print_exception() -- <I>italics?</I>"
920 def g(f=f):
921 f()
922 print "<H3>What follows is a test, not an actual exception:</H3>"
923 g()
924 except:
925 print_exception()
926
927 print "<H1>Second try with a small maxlen...</H1>"
928
929 global maxlen
930 maxlen = 50
931 try:
932 form = FieldStorage() # Replace with other classes to test those
933 print_directory()
934 print_arguments()
935 print_form(form)
936 print_environ(environ)
937 except:
938 print_exception()
939
940 def print_exception(type=None, value=None, tb=None, limit=None):
941 if type is None:
942 type, value, tb = sys.exc_info()
943 import traceback
944 print
945 print "<H3>Traceback (most recent call last):</H3>"
946 list = traceback.format_tb(tb, limit) + \
947 traceback.format_exception_only(type, value)
948 print "<PRE>%s<B>%s</B></PRE>" % (
949 escape("".join(list[:-1])),
950 escape(list[-1]),
951 )
952 del tb
953
954 def print_environ(environ=os.environ):
955 """Dump the shell environment as HTML."""
956 keys = environ.keys()
957 keys.sort()
958 print
959 print "<H3>Shell Environment:</H3>"
960 print "<DL>"
961 for key in keys:
962 print "<DT>", escape(key), "<DD>", escape(environ[key])
963 print "</DL>"
964 print
965
966 def print_form(form):
967 """Dump the contents of a form as HTML."""
968 keys = form.keys()
969 keys.sort()
970 print
971 print "<H3>Form Contents:</H3>"
972 if not keys:
973 print "<P>No form fields."
974 print "<DL>"
975 for key in keys:
976 print "<DT>" + escape(key) + ":",
977 value = form[key]
978 print "<i>" + escape(repr(type(value))) + "</i>"
979 print "<DD>" + escape(repr(value))
980 print "</DL>"
981 print
982
983 def print_directory():
984 """Dump the current directory as HTML."""
985 print
986 print "<H3>Current Working Directory:</H3>"
987 try:
988 pwd = os.getcwd()
989 except os.error, msg:
990 print "os.error:", escape(str(msg))
991 else:
992 print escape(pwd)
993 print
994
995 def print_arguments():
996 print
997 print "<H3>Command Line Arguments:</H3>"
998 print
999 print sys.argv
1000 print
1001
1002 def print_environ_usage():
1003 """Dump a list of environment variables used by CGI as HTML."""
1004 print """
1005 <H3>These environment variables could have been set:</H3>
1006 <UL>
1007 <LI>AUTH_TYPE
1008 <LI>CONTENT_LENGTH
1009 <LI>CONTENT_TYPE
1010 <LI>DATE_GMT
1011 <LI>DATE_LOCAL
1012 <LI>DOCUMENT_NAME
1013 <LI>DOCUMENT_ROOT
1014 <LI>DOCUMENT_URI
1015 <LI>GATEWAY_INTERFACE
1016 <LI>LAST_MODIFIED
1017 <LI>PATH
1018 <LI>PATH_INFO
1019 <LI>PATH_TRANSLATED
1020 <LI>QUERY_STRING
1021 <LI>REMOTE_ADDR
1022 <LI>REMOTE_HOST
1023 <LI>REMOTE_IDENT
1024 <LI>REMOTE_USER
1025 <LI>REQUEST_METHOD
1026 <LI>SCRIPT_NAME
1027 <LI>SERVER_NAME
1028 <LI>SERVER_PORT
1029 <LI>SERVER_PROTOCOL
1030 <LI>SERVER_ROOT
1031 <LI>SERVER_SOFTWARE
1032 </UL>
1033 In addition, HTTP headers sent by the server may be passed in the
1034 environment as well. Here are some common variable names:
1035 <UL>
1036 <LI>HTTP_ACCEPT
1037 <LI>HTTP_CONNECTION
1038 <LI>HTTP_HOST
1039 <LI>HTTP_PRAGMA
1040 <LI>HTTP_REFERER
1041 <LI>HTTP_USER_AGENT
1042 </UL>
1043 """
1044
1045
1046 # Utilities
1047 # =========
1048
1049 def escape(s, quote=None):
1050 '''Replace special characters "&", "<" and ">" to HTML-safe sequences.
1051 If the optional flag quote is true, the quotation mark character (")
1052 is also translated.'''
1053 s = s.replace("&", "&amp;") # Must be done first!
1054 s = s.replace("<", "&lt;")
1055 s = s.replace(">", "&gt;")
1056 if quote:
1057 s = s.replace('"', "&quot;")
1058 return s
1059
1060 def valid_boundary(s, _vb_pattern="^[ -~]{0,200}[!-~]$"):
1061 import re
1062 return re.match(_vb_pattern, s)
1063
1064 # Invoke mainline
1065 # ===============
1066
1067 # Call test() when this file is run as a script (not imported as a module)
1068 if __name__ == '__main__':
1069 test()
python git mirror