getting options from a html form

pgoosen · Jun-28-2019, 06:50 AM

Hi, I have the following code in short, I want to use the <==> from op in my if statement.

[html]
<SELECT NAME=op>
<OPTION VALUE="<">Lesser then</option>
<OPTION VALUE="==">Equals to</option>
<OPTION SELECTED VALUE=">">Greater then</option>
</SELECT>
<input type=number name=seconds size=20>

op1=form.getvalue('op')   
if int(row[1]) op1 int(seconds)
   print(row[1],"something")

Hope you can help.
Cheers,
Patrick

**scidam** · Jun-29-2019, 09:59 AM

Is this question about Django? If it is about Django, and form is assumed to be a valid Django form, you can access underlying data, e.g. as follows op = form.cleaned_data.get('form_field', 'fallback_value').

If you need to apply selected operation, you need to define a mapping, e.g.

allowed_operations = {
'==' : lambda x, y: x == y,
'>': lambda x, y: x > y
# etc.
# Also, you can look at 'operator' module.
}
def operation_not_found(*args):
    # You can raise exception here, print an error to stdout,eg.
    print("This operation isn't allowed")
    return False

op = '=='
op_func = allowed_operations.get(op, operation_not_found)

if op_func(x, y):
    pass 
    # do some stuff

pgoosen · Jul-02-2019, 06:20 AM

I don't think this is what I mean, I want to use the operator from the form (<==>) (op1) in a if statement shown in line 2 from my example. There is no need to check if the value is allowed. I use a pulldown menu.

**scidam** · Jul-02-2019, 01:25 PM

Ok, you can use eval built-in function, e.g.

if eval("int(row[1])" + op + "int(seconds)"):
    pass

But eval is unsafe. What happens, if somebody set illegal
(or even malware) string to the op variable? Let op="; import os; os.system("arbitrary operating system command"); " or something else. So, injecting malware string to op will allow to execute arbitrary command (or code) on your computer.

pgoosen · (This post was last modified: Jul-03-2019, 06:49 AM by pgoosen.)

Thanks, this works, great. And the programm is only used internally. It never touches internet.
Many thanks again.

**nilamo** · Jul-03-2019, 06:07 PM

Please don't use eval. Especially when there's totally fine options available. Like the operator module (https://docs.python.org/3/library/operator.html):

import operator

op_map = {
    ">": operator.lt,
    "==": operator.eq
}

op1 = form.getvalue('op')   
if op_map[op1](int(row[1]), int(seconds)):
   print(row[1], "something")

Possibly Related Threads…
Thread		Author	Replies	Views	Last Post
	Using yt-dlp options in Python	Pavel_47	8	14,487	Jun-29-2022, 12:52 PM Last Post: Pavel_47
	Post HTML Form Data to API Endpoints	Dexty	0	1,398	Nov-11-2021, 10:51 PM Last Post: Dexty
	HTML multi select HTML listbox with Flask/Python	rfeyer	0	4,617	Mar-14-2021, 12:23 PM Last Post: rfeyer
	Using Python request without selenium on html form with javascript onclick submit but	eraosa	0	3,170	Jan-09-2021, 06:08 PM Last Post: eraosa
	Using python within an html form	t4keheart	5	5,396	Aug-17-2020, 12:28 PM Last Post: t4keheart
	how does a html form work exactly?	mp3909	2	2,074	Apr-01-2020, 04:02 PM Last Post: mp3909
	Python3 + BeautifulSoup4 + lxml (HTML -> CSV) - How to loop to next HTML/new CSV Row	BrandonKastning	0	2,357	Mar-22-2020, 06:10 AM Last Post: BrandonKastning
	requests post/get to HTML form	mrdominikku	1	2,325	Nov-03-2019, 07:12 PM Last Post: Larz60+
	How to send data from remotely hosted HTML form to Pi	sajid	2	2,568	Jun-27-2019, 10:28 PM Last Post: sajid
	how i save the html form to flask database	mebaysan	1	7,288	Feb-07-2019, 12:56 AM Last Post: snippsat

getting options from a html form

User Panel Messages

Announcements