python another cgi. strings single and double quotes interchangeable triple quotes (...
TRANSCRIPT
Python
Another CGI
Strings• Single and double quotes interchangeable• Triple quotes (""") allow multi-line literal quoting• Escaping of \n, %, etc by default• Prefix r can be used for regexps, r'[a-z].*'• Any variable can be converted to a string with str(v). Can go back with int(s), float(s)
• Strings operations:– Concatenation with +, repeating with *– Length with len()– Substrings with []. Interesting index options.
– Special boolean operator in
String Methods
• count
• find
• isdigit
• upper, lower
• rjust, ljust
• strip
• replace
Tuples and Lists
• Tuples store a set of elements. Syntax:– foo = ("Korn", "Jeff")
• Lists also store elements but unlike tuples can be modified (thus cheaper). Syntax:– foo = ["Korn", "Jeff"]– foo[1] = "Jeffrey"
• List operations:– append, extend, +, *, len, index, in, pop, sort,
reverse, join, etc.
• Be careful about references!
Dictionary
• Dictionaries are associative arrays (arrays indexed by string or number). Values can be any object.
• Syntax:– student = {'name' : 'Guido', 'score': 95 }
• Operations:– has_key, keys, values, len, get, copy, update
• Example:print student['name']
Statements• Standard if, then, else
• While loops
if person == 'Korn': status = 'teacher'elif person == 'Cano' status = 'yankee'else: status = 'unknown'print person, status
while n <= 20: s.append(' ') n += 2 if magic: break
a, b = 0, 1while b < 100: print b a, b = b, a + b
for loops
• Similar to shell:
• To do c-style loops, use special function range:
• Also: xrange
for val in ["foo", "bar", "baz"]: print "Hello %s" % val
for val in range(5, 20, 2): print val# prints 5, 7, 9 ... 19
Exceptions
• Run-time errors are possible with Python, but they can be caught with try-except:
• You can also use: raise, finally
try: n = float(inputstring) m = n * 2except ValueError, msg: print msg# will print: invalid literal for float(): foo
Functions• Defined with def:
• Types not needed
• Arguments can have defaults:
• Variables in functions are local– global changes this
• return used to return values
def my_func(foo, bar): print foo + bar
def my_func(foo, bar=12): print foo + barmy_func(3)15my_func(3, bar=3)
Modules
• Python modules are libraries of reusable code with specific functionalities
• Standard modules are distributed with Python to do a variety of things.
• Modules names are unique, but functions in modules don't conflict with other modules.
• Modules can have sub-modules.
Using Modules
• Include modules in your program with use, e.g. import math incorporates the math module
import mathprint math.log(4906, 2)12.0
print math.sqrt(100)10
Important modules• sys
– sys.argv, sys.path, sys.platform, sys.exit, sys.stdin, sys.stderr, sys.stdout
• os– os.getcwd, os.environ, os.chdir, os.listdir,
os.mkdir, os.rmdir, os.remove, os.system, os.popen, os.getpid
• os.path– os.path.abspath, os.path.dirname,
os.path.basename, os.path.join, os.path.split, os.isfile, os.isdir
HTTP
• Protocol for the Web• Client-server model
– Client (user agent) is typically web browser (e.g. Firefox)
– Server is web server (e.g. Apache)
• Client request a resource identified by URLs– e.g. http://cs.nyu.edu/csweb/index.html
Apache HTTP Server
• Open source HTTP (Web) server
• Most popular web server since 1996
• The “A” in LAMP
• Part of Apache Software Foundation– Other projects: Ant, Hadoop, Tomcat,
SpamAssassin, …
HTTP Transactions• HTTP request to web server
GET /v40images/nyu.gif HTTP/1.1Host: www.nyu.edu
• HTTP response to web clientHTTP/1.1 200 OKContent-type: image/gifContent-length: 3210
HTML Example
<html><head><title>Some Document</title></head><body><h2>Some Topics</h2>This is an HTML document<p>This is another paragraph</body></html>
HTML
• File format that describes a webpage
• Can be written by hand, or generated by a program
• A good way to generate a HTML file is by writing a shell or Perl script
Gateways
• Interface between resource and a web server
QuickTime™ and aTIFF (LZW) decompressor
are needed to see this picture. Web Server resourceGatewayHTTP
CGI
• Common Gateway Interface - a standard interface for running helper applications to generate dynamic contents– Specify the encoding of data passed to programs
• Allow HTML documents to be created on the fly• Transparent to clients
– Client sends regular HTTP request– Web server receives HTTP request, runs CGI program,
and sends contents back in HTTP responses
• CGI programs can be written in any language
How CGI Works
QuickTime™ and aTIFF (LZW) decompressor
are needed to see this picture.
Web Server
ScriptDocument
HTTP request
HTTP responsespawn process
Forms
• HTML forms are used to collect user input• Data sent via HTTP request• Server launches CGI script to process data
<form method=POST action=“http://cs.nyu.edu/~unixtool/cgi-bin/search.cgi”>
Enter your query: <input type=text name=Search><input type=submit></form>
Input Types
• Text Field<input type=text name=zipcode>
• Radio Buttons<input type=radio name=size value=“S”> Small<input type=radio name=size value=“M”> Medium<input type=radio name=size value=“L”> Large
• Checkboxes<input type=checkbox name=extras value=“lettuce”> Lettuce<input type=checkbox name=extras value=“tomato”> Tomato
• Text Area<textarea name=address cols=50 rows=4>…</textarea>
Submit Button
• Submits the form for processing by the CGI script specified in the form tag
<input type=submit value=“Submit Order”>
HTTP Methods
• Determine how form data are sent to web server
• Two methods:– GET
• Form variables stored in URL
– POST• Form variables sent as content of HTTP request
Encoding Form Values
• Browser sends form variable as name-value pairs– name1=value1&name2=value2&name3=value3
• Names are defined in form elements– <input type=text name=ssn maxlength=9>
• Special characters are replaced with %## (2-digit hex number), spaces replaced with +– e.g. “10/20 Wed” is encoded as “10%2F20+Wed”
GET/POST examples
GET:
GET /cgi-bin/myscript.pl?name=Bill%20Gates&company=Microsoft HTTP/1.1
HOST: www.cs.nyu.edu
POST:
POST /cgi-bin/myscript.pl HTTP/1.1
HOST: www.cs.nyu.edu
…other headers…
name=Bill%20Gates&company=Microsoft
GET or POST?
• GET method for– Retrieving information, e.g. from a database– A “safe” method - no action taken other than retrieval– Embedding data in URL without form element
• POST method for– Forms with many fields or long fields– Sending data for updating database, posting to bulletin
board, etc.
• GET requests may be cached by clients browsers or proxies, but not POST requests
Parsing Form Input
• Method stored in HTTP_METHOD• GET: Data encoded into QUERY_STRING• POST: Data in standard input (from body of
request)• Most scripts parse input into an associative
array– Parse it yourself, or– Use available libraries (e.g. Perl CGI module)
CGI Environment Variables• DOCUMENT_ROOT• HTTP_HOST• HTTP_REFERER• HTTP_USER_AGENT• HTTP_COOKIE• REMOTE_ADDR• REMOTE_HOST• REMOTE_USER• REQUEST_METHOD• SERVER_NAME• SERVER_PORT
Example: Comment Form
Part 1: HTML Form<html><center><H1>Anonymous Comment Submission</H1></center>Please enter your comment below which willbe sent anonymously to <tt>[email protected]</tt>.If you want to be extra cautious, access thispage through <a href="http://www.anonymizer.com">Anonymizer</a>.<p><form action=cgi-bin/comment.cgi method=post><textarea name=comment rows=20 cols=80></textarea><input type=submit value="Submit Comment"></form></html>
Part 2: CGI Script (ksh)#!/home/unixtool/bin/ksh
. cgi-lib.ksh # Read special functions to help parseReadParsePrintHeader
print -r -- "${Cgi.comment}" | /bin/mailx -s "COMMENT" kornj
print "<H2>You submitted the comment</H2>"print "<pre>"print -r -- "${Cgi.comment}"print "</pre>"
Example: Find words in Dictionary
<form action=dict.cgi>Regular expression: <input type=“text” name=re value=".*"><input type=submit></form>
Example: CGI Script (ksh)
#!/home/unixtool/bin/ksh
PATH=$PATH:.. cgi-lib.kshReadParsePrintHeader
print "<H1> Words matching <tt>${Cgi.re}</tt> in the dictionary </H1>\n";print "<OL>"grep "${Cgi.re}" /usr/dict/words | while read worddo print "<LI> $word"doneprint "</OL>"
Debugging
• Debugging can be tricky, since error messages don't always print well as HTML
• One method: run interactively
$ QUERY_STRING='birthday=10/15/03'$ ./birthday.cgiContent-type: text/html
<html>Your birthday is <tt>10/15/02</tt>.</html>
A Python CGI Script#!/usr/bin/pythonimport cgiimport cgitb
cgitb.enable()form = cgi.FieldStorage()
bday = form['birthday'].value
# Print headerprint 'Content-Type: text/html'print
# Your HTML bodyprint "Your birthday is %s.\n" % bday
Debugging Python CGI Scripts
• Debugging CGI script is tricky - error messages don’t always come up on your browser
• Run script with test data$ python cgiScript prod=“MacBook” price=“1800”Content-Type: text/html
<html>…</html>
CGI Benefits
• Simple
• Language independent
• UNIX tools are good for this because– Work well with text– Integrate programs well– Easy to prototype– No compilation (CGI scripts)