getting options from a html form - Printable Version +- Python Forum (https://python-forum.io) +-- Forum: Python Coding (https://python-forum.io/forum-7.html) +--- Forum: Web Scraping & Web Development (https://python-forum.io/forum-13.html) +--- Thread: getting options from a html form (/thread-19430.html) |
getting options from a html form - pgoosen - Jun-28-2019 Hi, I have the following code in short, I want to use the <==> from op in my if statement. [html] <SELECT NAME=op> <OPTION VALUE="<">Lesser then</option> <OPTION VALUE="==">Equals to</option> <OPTION SELECTED VALUE=">">Greater then</option> </SELECT> <input type=number name=seconds size=20> op1=form.getvalue('op') if int(row[1]) op1 int(seconds) print(row[1],"something")Hope you can help. Cheers, Patrick RE: getting options from a html form - scidam - Jun-29-2019 Is this question about Django? If it is about Django, and form is assumed to be a valid Django form, you can access underlying data, e.g. as follows op = form.cleaned_data.get('form_field', 'fallback_value') .If you need to apply selected operation, you need to define a mapping, e.g. allowed_operations = { '==' : lambda x, y: x == y, '>': lambda x, y: x > y # etc. # Also, you can look at 'operator' module. } def operation_not_found(*args): # You can raise exception here, print an error to stdout,eg. print("This operation isn't allowed") return False op = '==' op_func = allowed_operations.get(op, operation_not_found) if op_func(x, y): pass # do some stuff RE: getting options from a html form - pgoosen - Jul-02-2019 I don't think this is what I mean, I want to use the operator from the form (<==>) (op1) in a if statement shown in line 2 from my example. There is no need to check if the value is allowed. I use a pulldown menu. RE: getting options from a html form - scidam - Jul-02-2019 Ok, you can use eval built-in function, e.g.if eval("int(row[1])" + op + "int(seconds)"): passBut eval is unsafe. What happens, if somebody set illegal(or even malware) string to the op variable? Let op="; import os; os.system("arbitrary operating system command"); " or something else. So, injecting malware string to op will allow to execute arbitrary command (or code) on your computer.
RE: getting options from a html form - pgoosen - Jul-03-2019 Thanks, this works, great. And the programm is only used internally. It never touches internet. Many thanks again. RE: getting options from a html form - nilamo - Jul-03-2019 Please don't use eval. Especially when there's totally fine options available. Like the operator module (https://docs.python.org/3/library/operator.html): import operator op_map = { ">": operator.lt, "==": operator.eq } op1 = form.getvalue('op') if op_map[op1](int(row[1]), int(seconds)): print(row[1], "something") |