Jan Eden wrote:
> Hi,
>
> I would like to untaint all parameters with which my CGI script is called.
> Example:
>
> if parameters.has_key('type'):
> match = re.search('\w+', parameters['type'].value)
> type = match.group()
> else: type = 'page'
OK, I don't know much Perl but I don't think these two snippets do the same
thing. For one thing the regexes are different, second in the Python you need
to check if the match succeeds. I would write it as
type = 'page'
if parameters.has_key('type'):
match = re.search('^\w+$', parameters['type'].value)
if match:
type = match.group()
or maybe
try:
match = re.search('^\w+$', parameters['type'].value)
type = match.group()
except KeyError, AttributeError:
type = 'page'
> In Perl, I used the ternary operator to write it like this:
>
> my $type = ($parameters{type} && ($parameters{type} =~ /^(\w+)$/)) ? $1 :
> 'page';
>
> While this is not the most beautiful code to look at, I have a
> weakness for compact programs - so can I shorten the Python
> equivalent somehow?
mmm, not sure how to do that...Python doesn't put such a premium on
compactness. If you have to do it a lot just put it in a function and call
that...
Kent
_______________________________________________
Tutor maillist - Tutor@python.org
http://mail.python.org/mailman/listinfo/tutor
