Mercurial > hg > rlgallery-misc
comparison py/rlgall.py @ 49:6138c27d1950
Escape the player's name when printing it into HTML.
Non-alphanumeric characters in names may eventually be possible.
| author | John "Elwin" Edwards |
|---|---|
| date | Mon, 24 Mar 2014 16:01:28 -0700 |
| parents | 0f4163dbbafc |
| children | 4549b3c0cd28 |
comparison
equal
deleted
inserted
replaced
| 48:955c2fd68dcf | 49:6138c27d1950 |
|---|---|
| 5 import re | 5 import re |
| 6 import os | 6 import os |
| 7 import psycopg2 | 7 import psycopg2 |
| 8 from datetime import datetime | 8 from datetime import datetime |
| 9 import pytz | 9 import pytz |
| 10 import html | |
| 10 | 11 |
| 11 # Configuration | 12 # Configuration |
| 12 logdir = "/var/dgl/var/games/roguelike/" | 13 logdir = "/var/dgl/var/games/roguelike/" |
| 13 webdir = "/var/www/lighttpd/scoring/" | 14 webdir = "/var/www/lighttpd/scoring/" |
| 14 ppagename = webdir + "players/{0}.html" | 15 ppagename = webdir + "players/{0}.html" |
| 72 dt = datetime.strptime(filename, pattern).replace(tzinfo=pytz.utc) | 73 dt = datetime.strptime(filename, pattern).replace(tzinfo=pytz.utc) |
| 73 return dt | 74 return dt |
| 74 except ValueError: | 75 except ValueError: |
| 75 return None | 76 return None |
| 76 | 77 |
| 77 def ttyreclink(text, name, game, gtime): | |
| 78 "Returns a link to the ttyrec archivist" | |
| 79 lstr = '<a href="/archive.cgi?name={0};game={1};time={2}">{3}</a>' | |
| 80 return lstr.format(name, game, gtime, text) | |
| 81 | |
| 82 def playerlink(name): | 78 def playerlink(name): |
| 83 "Returns a link to a player's page" | 79 "Returns a link to a player's page" |
| 84 lstr = '<a href="/scoring/players/' + name + '.html">' + name + '</a>' | 80 escname = html.escape(name) |
| 81 lstr = '<a href="/scoring/players/' + escname + '.html">' + escname + '</a>' | |
| 85 return lstr | 82 return lstr |
| 86 | 83 |
| 87 def linktoArchive(entry): | 84 def linktoArchive(entry): |
| 88 "Takes an entry dict and returns a link to the ttyrec archivist." | 85 "Takes an entry dict and returns a link to the ttyrec archivist." |
| 89 lstr = '<a href="/archive.cgi?name={0};game={1};time={2}">{3}</a>' | 86 lstr = '<a href="/archive.cgi?name={0};game={1};time={2}">{3}</a>' |
| 90 linktext = entry["endt"].strftime("%Y/%m/%d %H:%M:%S") | 87 linktext = entry["endt"].strftime("%Y/%m/%d %H:%M:%S") |
| 91 stamp = int(entry["endt"].timestamp()) | 88 stamp = int(entry["endt"].timestamp()) |
| 92 return lstr.format(entry["name"], entry["game"].uname, stamp, linktext) | 89 escname = html.escape(entry["name"]) |
| 90 return lstr.format(escname, entry["game"].uname, stamp, linktext) | |
| 93 | 91 |
| 94 def maketablerow(cells, isheader=None): | 92 def maketablerow(cells, isheader=None): |
| 95 "Takes a list of strings and returns a HTML table row with each string \ | 93 "Takes a list of strings and returns a HTML table row with each string \ |
| 96 in its own cell. isheader will make them header cells, obviously." | 94 in its own cell. isheader will make them header cells, obviously." |
| 97 if isheader: | 95 if isheader: |
| 523 | 521 |
| 524 def playerpage(pname): | 522 def playerpage(pname): |
| 525 "Generate a player's HTML page" | 523 "Generate a player's HTML page" |
| 526 # Write the beginning of the page | 524 # Write the beginning of the page |
| 527 ppagefi = open(ppagename.format(pname), "w", encoding="utf-8") | 525 ppagefi = open(ppagename.format(pname), "w", encoding="utf-8") |
| 528 ppagefi.write(phead.format(pname)) | 526 cleanpname = html.escape(pname) |
| 527 ppagefi.write(phead.format(cleanpname)) | |
| 529 ppagefi.write(ptop) | 528 ppagefi.write(ptop) |
| 530 ppagefi.write(navplayer.format(pname)) | 529 ppagefi.write(navplayer.format(cleanpname)) |
| 531 ppagefi.write(pti.format("Results for " + pname)) | 530 ppagefi.write(pti.format("Results for " + cleanpname)) |
| 532 for game in gamelist: | 531 for game in gamelist: |
| 533 ppagefi.write(secthead.format(game.name)) | 532 ppagefi.write(secthead.format(game.name)) |
| 534 entries = game.getPlayer(pname) | 533 entries = game.getPlayer(pname) |
| 535 if not entries: | 534 if not entries: |
| 536 ppagefi.write("<div>" + pname + " has not yet completed an expedition\ | 535 ppagefi.write("<div>" + cleanpname + " has not yet completed an " + |
| 537 in this dungeon.</div>\n") | 536 "expedition in this dungeon.</div>\n") |
| 538 else: | 537 else: |
| 539 entries.sort(key=lambda e: e["endt"]) | 538 entries.sort(key=lambda e: e["endt"]) |
| 540 printTable(entries, game.pfields, ppagefi) | 539 printTable(entries, game.pfields, ppagefi) |
| 541 scoresum = 0 | 540 scoresum = 0 |
| 542 for entry in entries: | 541 for entry in entries: |