Mailing List Archive

Rick> Could anyone point me in the right direction of finding a cgi
Rick> class that catches hidden fields sent to it from an HTML form?
Rick> cgi.py doesn't recognize them;

Rick,

There's no reason for cgi.py to recognize anything special about hidden
fields. They are only hidden from the web user, not the cgi script. To
cgi.py, an input is an input.

If you want to fiddle around with the <INPUT> TYPE attribute and see what
the CGI script sees, set your <FORM>'s ACTION attribute to

http://www.musi-cal.com/cgi-bin/query

That script uses cgi.FormContent() to grok form inputs and spits back
several bits of information about them and the environment in which the
script was executed. If you give it a hidden input, e.g.:

<form METHOD=GET ACTION="http://www.musi-cal.com/cgi-bin/query">
<input TYPE=hidden name="hidden" value="You can't see it but I can!">
<input TYPE=text name="visible" value="Users see this!">
<input TYPE=submit>
</form>

you'll see what I mean.

Skip Montanaro | http://www.mojam.com/
skip@mojam.com | http://www.musi-cal.com/~skip/
847-475-3758

Rick Robino wrote:
>
> Greetings,
>
> Could anyone point me in the right direction of finding a cgi class
> that catches hidden fields sent to it from an HTML form? cgi.py doesn't
> recognize them; HTMLgen does define an input class which includes
> hidden fields which it can create but that won't help much in parsing
> already created form output except for deriving my own class.

Not true. The cgi module recognizes and makes available all parameters
which come back from the form, and hidden values are sent back from the
form like any other parameter.

If a form has a field like this:

<INPUT TYPE=hidden NAME=user VALUE=xxx>

then when your python script is invoked, you can get at the value like
this:

query = cgi.parse()
if query.has_key('user'):
user = query['user'][0] #First and only element on the list
else:
user = None # or whatever ...


--
Dr. Gary Herron <gherron@aw.sgi.com>
206-287-5616
Alias | Wavefront
1218 3rd Ave, Suite 800, Seattle WA 98101

Skip Montanaro <skip@mojam.com> wrote:

Thanks Skip, I appreciate the quick response (I would actually like
to use this thing myself!).

> Rick> Could anyone point me in the right direction of finding a cgi
> Rick> class that catches hidden fields sent to it from an HTML form?
> Rick> cgi.py doesn't recognize them;

> Rick,

> There's no reason for cgi.py to recognize anything special about hidden
> fields. They are only hidden from the web user, not the cgi script. To
> cgi.py, an input is an input.

Understood - everything is there, but cgi.FieldStorage seems to only
accept keys from the text types of the form input.

> If you want to fiddle around with the <INPUT> TYPE attribute and see what
> the CGI script sees, set your <FORM>'s ACTION attribute to

> http://www.musi-cal.com/cgi-bin/query

I've been using the apache cgi script logging facility and can see
the whole string, including hidden fields, being passed. But thanks
for the tip here, I'll check it out.

> That script uses cgi.FormContent() to grok form inputs and spits back
> several bits of information about them and the environment in which the
> script was executed. If you give it a hidden input, e.g.:

> <form METHOD=GET ACTION="http://www.musi-cal.com/cgi-bin/query">
> <input TYPE=hidden name="hidden" value="You can't see it but I can!">
> <input TYPE=text name="visible" value="Users see this!">
> <input TYPE=submit>
> </form>

> you'll see what I mean.

Hmmm... I did use your test - "query" and saw the hidden field output:

Raw Input:
hidden=You+can%27t+see+it+but+I+can%21&visible=Users+see+this%21

Form Fields:
hidden: ["You can't see it but I can!"]
visible: ['Users see this!']

Maybe my problem is that the main class my data is coming from doesn't
ever use the raw_input method because I'm only using cgi.FieldStorage().
and not FormContent(). What I've done (remember, I'm just starting
off), was to rip off the FormData class used as an example in the
"Learning Python" book. Here it is, modified to ignore blank fields:

class FormData:
""" A repository for information gleaned from a CGI form """
def __init__(self, formdict):
for fieldname in self.fieldnames:
if not form.has_key(fieldname):
bad_web()
else:
setattr(self, fieldname, form[fieldname].value)

(thanks Mark Lutz and David Ascher!)

When I use this, in classes I haved defined for emailing and formatting
the data as HTML output, it chokes because the form.has.key(fieldname)
test does not pass. Thats my problem: the whole string gets sent to the
cgi, but I'm missing something from my base class definition that pays
attention to field types other than "Text". If you want, I can send
the cgi and the form (149 and 161 lines, respectively).

This is probably where I need to learn more, and the FormContent class
is probably the class that will help me here. However, the docstring for
that class says:

"""This class is present for backwards compatibility only."""

What do you think? Should I use FormContent or extend cgi.FieldStorage
somehow? I'm sure I just don't have a good enough grasp of what is
going on here to see the light, but I'll spare the group my personal
tutelage.

If anyone has time to pound into my head some conceptual notions of
classes, functions and other fundamentals and has time to write me, I'd
appreciate it. I learn best by doing and getting the basics down pat,
but I seem to be stuck in this example and the book, although great, is
becoming paper which my body is refusing to do anything but stare at.

I can call if in the U.S., and I can pay with beer too ;)

--Rick
^^^^^^^^^^^^^^
Rick Robino mailto:rrobino@wavedivision.com