Python cgi
jbrewer
jeremy.d.brewer at gmail.com
Fri Oct 21 17:30:46 EDT 2005
I'm currently writing my first CGI script (in Python), and I keep
getting an error I don't know how to address. I'm not sure if this is
a Python or Apache error, but I suspect it's an Apache config thing.
Anyway, in my code I need to upload a file, so in my HTML there's a
line like
File to upload <input type="file" name="myfile">
and in my Python code I try to read the file following the Python docs
and the Python Cookbook like
form = cgi.FieldStorage()
fileitem = form["myfile"]
if fileitem.file:
# file upload details...
else:
# print error stuff to page
The problem is that the "if fileitem.file" test is never true. After
some debugging I discovered that this is because fileitem is returned
as type MiniFieldStorage instead of FieldStorage, which is described as
"Like FieldStorage, for use when no file uploads are possible." There
are other fields in the form that are read just fine. Does anyone know
why no file uploads would be possible? I know very little about
configuring Apache, unfortunately.
Also, I need to run an external program with my CGI script using
something like os.system with flags from input forms, which is a major
security risk. Is it simply enough to test for flag.isalnum() or
should I do more to prevent random programs from being run? I should
also do some minimal DOS protection as well, so information on how to
do that simply would be appreciated as well.
Some system info:
Fedora Core 3
Apache 2.0.53
Python 2.3.4
Thanks,
Jeremy
More information about the Python-list
mailing list