Commits

Lynn Rees  committed 2aa8715

[svn]

  • Participants
  • Parent commits d37a0d4
  • Branches wsgiform
  • Tags svn.18

Comments (0)

Files changed (4)

File branches/0.2.5/setup.py

     from distutils.core import setup
 
 setup(name='wsgiform',
-      version='0.2.6',
+      version='0.2.7',
       description='''WSGI middleware for validating and parsing HTML form submissions.''',
       long_description='''WSGI middleware for validating and parsing HTML form submissions
 into dictionaries, individual environ entries, cgi.FieldStorage instances, or keyword arguments

File branches/0.2.5/wsgiform/__init__.py

 
 
 __author__ = 'L.C. Rees (lcrees@gmail.com)'
-__revision__ = '0.2.6'
+__revision__ = '0.2.7'

File branches/0.2.5/wsgiform/form.py

 # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
 # SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
-'''WSGI middleware for parsing form data into dictionaries, individual environ
-entries, cgi.FieldStorage instances, or keyword arguments that can be passed to
-WSGI applications in the environ dictionary. Features include hooks for form
-validation, escaping, and data sterilization.
+'''WSGI middleware for parsing form submissions into dictionaries, individual
+'environ' entries, FieldStorage instances, or keyword arguments that can be
+passed to WSGI applications in the environ dictionary. Features include hooks
+for form validation, escaping, and data sterilization.
 '''
 
 import cgi
     '''Decorator for form processing.'''
     def decorator(application):
         return WsgiForm(application, **kw)
-    return decorator            
+    return decorator
      
 
 class WsgiForm(object):
             # Make individual environ entries
             if self._style == 'environ':
                 for k, v in qdict.iteritems(): env[self._key % k] = v
-            # wsgi.url_vars style
+            # wsgi.routing_vars style
             elif self._style == 'routing_args':
-                env[self._key] = ((), qdict)
+                args, kwargs = env.get(self._key, ((), {}))
+                env[self._key] = (args, qdict.update(qdict))
             # Make kwargs or dict
             else:
                 env[self._key] = qdict

File branches/0.2.5/wsgiform/util.py

 
 _trans = string.maketrans('', '')
 
-def hyperescape(data):
-    '''Escapes punctuation with HTML entities except ., -, and _.
+def _formparse(environ, strict=False):
+    '''Extracts strings from form submissions.
 
-    @param data Text data
+    @param environ Environment dictionary
+    @param strict Stops on errors (default: False)
     '''
-    # Escape &
-    data = re.sub(r'&(?!#\d\d;)', '&', data)
-    # Escape ;
-    data = re.sub(r'(?<!&#\d\d);', '&#59;', data)
-    # Escape #
-    data = re.sub(r'(?<!&)#(?!\d\d;)', '&#35;', data)
-    # Escape other chars except ., -, and _
-    for char in '<>"\'()!${}*+,%/:=?@[\\]^`|~':
-        data = data.replace(char, '&#%d;' % ord(char))
-    return data
-
-def escape(data):
-    '''Escapes &, <, >, ", and ' with HTML entities.
-
-    @param data Text data
-    '''
-    return saxutils.escape(data, {'"':"&quot;", "'":'&#39;'})
-
-def sterilize(data):
-    '''Removes all ASCII characters except alphanums, ., -, and _.
-
-    @param data Text data
-    '''
-    return data.translate(_trans, '&#;<>"\'()!${}*+,%/:=?@[\\]^`|~')
+    qdict = cgi.parse(environ['wsgi.input'], environ, strict, strict)
+    for key, value in qdict.iteritems():
+        if len(value) == 1: qdict[key] = value[0]
+    return qdict
 
 def _runfunc(qdict, func):
     '''Runs a function on a dictionary.
                 if isinstance(value, basestring): value[num] = func(value)
     return qdict
 
-def _formparse(environ, strict=False):
-    '''Extracts strings from form submissions.
+def escape(data):
+    '''Escapes &, <, >, ", and ' with HTML entities.
 
-    @param environ Environment dictionary
-    @param strict Stops on errors (default: False)
+    @param data Text data
     '''
-    qdict = cgi.parse(environ['wsgi.input'], environ, strict, strict)
-    for key, value in qdict.iteritems():
-        if len(value) == 1: qdict[key] = value[0]
-    return qdict
+    return saxutils.escape(data, {'"':"&quot;", "'":'&#39;'})
 
 def escapeform(environ, strict=False):
     '''Escapes common XML/HTML entities in form data.
     @param environ Environment dictionary
     @param strict Stops on errors (default: False)
     '''    
-    return _runfunc(_formparse(environ, strict), escape) 
+    return _runfunc(_formparse(environ, strict), escape)
+
+def hyperescape(data):
+    '''Escapes punctuation with HTML entities except ., -, and _.
+
+    @param data Text data
+    '''
+    # Escape &
+    data = re.sub(r'&(?!#\d\d;)', '&#38;', data)
+    # Escape ;
+    data = re.sub(r'(?<!&#\d\d);', '&#59;', data)
+    # Escape #
+    data = re.sub(r'(?<!&)#(?!\d\d;)', '&#35;', data)
+    # Escape other chars except ., -, and _
+    for char in '<>"\'()!${}*+,%/:=?@[\\]^`|~':
+        data = data.replace(char, '&#%d;' % ord(char))
+    return data
 
 def hyperform(environ, strict=False):
     '''Hyper-escapes all XML/HTML entitites in form data.
     '''
     return _runfunc(_formparse(environ, strict), sterilize)
 
+def sterilize(data):
+    '''Removes all ASCII characters except alphanums, ., -, and _.
+
+    @param data Text data
+    '''
+    return data.translate(_trans, '&#;<>"\'()!${}*+,%/:=?@[\\]^`|~')
 
 __all__ = ['hyperescape', 'escape', 'sterilize', 'escapeform', 'hyperform', 'sterileform']