On Jan 1, 2011, at 11:33 AM, Arun K.Rajeevan wrote:
> I'm doing following code now, and is working.
> as you can see, no checking on arguments.
>
> Please show me how to do (or what to check) any checks on arguments.
>
> #----------------------------------------------------------------------------------
> def user():
> import gluon
> request.args = gluon.storage.List(request.raw_args.split('/')[:])
> return dict(form=auth())
> #----------------------------------------------------------------------------------
args_match = re.compile(r'([\w@ -][=.]?)+$')
def user():
import gluon
request.args = gluon.storage.List(request.raw_args.split('/')[:])
for arg in request.args:
if not args_match.match(arg):
raise HTTP(400, thread.routes.error_message % 'invalid request',
web2py_error='invalid args')
return dict(form=auth())
I don't think you need the [:], since split() will give you a new list already.
About the regexes.
r'([\w@ -][=.]?)+$'
\w is any alphanumeric or underscore
It basically says you can have any of the characters shown in the two sets of
brackets, with the restriction that you can only have one '=' or '.' in a row.
I'm not sure why some characters (like ':') aren't allowed.
