2.5. Controls to perform in a CGI script

Exercise 2.13. Testing for unchecked radio button

The following script tests for the value of a radio-button. What will happen when the button is not checked?

		#! /local/bin/python

import cgi

query = cgi.parse()

print "Content-type: text/html"
print

print "<html>\n"
print "<body>\n"
if query.has_key('radio1'):
    print "<p> radio1 checked</p>\n"
print "</body>\n"
print "</html>\n"

	
You can try this script here: test_checked.html

Exercise 2.14. Testing for improper user input

The following script is dangerous for security reasons, why?

		#! /local/bin/python

import cgi
import sys

query = cgi.parse()

print "Content-type: text/html"
print

if not query.has_key('filename'):
    print "<P> the file name is required</P>\n"
    print "</BODY>\n"
    print "</HTML>\n"
    sys.exit()

filename=query['filename'][0]
try:
    h = open(filename)
except IOError:
    print "<P> file: ", filename, "does not exist</P>\n"
    print "</BODY>\n"
    print "</HTML>\n"
    sys.exit()

print "<P> <PRE>\n"
for line in h.xreadlines():
    print line

h.close()

print " </PRE></P>\n"

	

Exercise 2.15. Testing for improper user input (continued)

Does the setting of this input form help? Why not?