issuhub.com

[Python编程(第4版)].(Programming.Python.4th.Edition).Mark.Lutz.文字版

(yzsuai) #1

The POP Password Page


If you flip back to the main page in Figure 16-2, you’ll see a View link; pressing it triggers
the script in Example 16-6 to run on the server.


Example 16-6. PP4E\Internet\Web\PyMailCgi\cgi-bin\onRootViewLink.py


#!/usr/bin/python
"""
################################################################################
On view link click on main/root HTML page: make POP password input page;


this could almost be an HTML file because there are likely no input params yet,
but I wanted to use standard header/footer functions and display the site/user
names which must be fetched; on submission, does not send the user along with
password here, and only ever sends both as URL params or hidden fields after the
password has been encrypted by a user-uploadable encryption module;
################################################################################
"""


page template


pswdhtml = """




Please enter POP account password below, for user "%s" and site "%s".



Security note: The password you enter above will be transmitted
over the Internet to the server machine, but is not displayed, is never
transmitted in combination with a username unless it is encrypted or obfuscated,
and is never stored anywhere: not on the server (it is only passed along as hidden
fields in subsequent pages), and not on the client (no cookies are generated).
This is still not guaranteed to be totally safe; use your browser's back button
to back out of PyMailCgi at any time.


"""

generate the password input page


import commonhtml # usual parms case:
user, pswd, site = commonhtml.getstandardpopfields({}) # from module here,
commonhtml.pageheader(kind='POP password input') # from html|url later
print(pswdhtml % (commonhtml.urlroot, user, site))
commonhtml.pagefooter()


This script is almost all embedded HTML: the triple-quoted pswdhtml string is printed,
with string formatting to insert values, in a single step. But because we need to fetch
the username and server name to display on the generated page, this is coded as an
executable script, not as a static HTML file. The module commonhtml either loads user-
names and server names from script inputs (e.g., appended as query parameters to the
script’s URL) or imports them from the mailconfig file; either way, we don’t want to
hardcode them into this script or its HTML, so a simple HTML file won’t do. Again,
in the CGI world, we embed HTML code in Python code and fill in its values this way


1250 | Chapter 16: The PyMailCGI Server

Free download pdf
Get our desktop app
Company
Features
Documentation
Resources
© ISSUHUB. 2025. All rights reserved.