Mercurial > hg > rlgallery-misc
comparison py/rlgall.py @ 49:6138c27d1950
Escape the player's name when printing it into HTML.
Non-alphanumeric characters in names may eventually be possible.
author | John "Elwin" Edwards |
---|---|
date | Mon, 24 Mar 2014 16:01:28 -0700 |
parents | 0f4163dbbafc |
children | 4549b3c0cd28 |
comparison
equal
deleted
inserted
replaced
48:955c2fd68dcf | 49:6138c27d1950 |
---|---|
5 import re | 5 import re |
6 import os | 6 import os |
7 import psycopg2 | 7 import psycopg2 |
8 from datetime import datetime | 8 from datetime import datetime |
9 import pytz | 9 import pytz |
10 import html | |
10 | 11 |
11 # Configuration | 12 # Configuration |
12 logdir = "/var/dgl/var/games/roguelike/" | 13 logdir = "/var/dgl/var/games/roguelike/" |
13 webdir = "/var/www/lighttpd/scoring/" | 14 webdir = "/var/www/lighttpd/scoring/" |
14 ppagename = webdir + "players/{0}.html" | 15 ppagename = webdir + "players/{0}.html" |
72 dt = datetime.strptime(filename, pattern).replace(tzinfo=pytz.utc) | 73 dt = datetime.strptime(filename, pattern).replace(tzinfo=pytz.utc) |
73 return dt | 74 return dt |
74 except ValueError: | 75 except ValueError: |
75 return None | 76 return None |
76 | 77 |
77 def ttyreclink(text, name, game, gtime): | |
78 "Returns a link to the ttyrec archivist" | |
79 lstr = '<a href="/archive.cgi?name={0};game={1};time={2}">{3}</a>' | |
80 return lstr.format(name, game, gtime, text) | |
81 | |
82 def playerlink(name): | 78 def playerlink(name): |
83 "Returns a link to a player's page" | 79 "Returns a link to a player's page" |
84 lstr = '<a href="/scoring/players/' + name + '.html">' + name + '</a>' | 80 escname = html.escape(name) |
81 lstr = '<a href="/scoring/players/' + escname + '.html">' + escname + '</a>' | |
85 return lstr | 82 return lstr |
86 | 83 |
87 def linktoArchive(entry): | 84 def linktoArchive(entry): |
88 "Takes an entry dict and returns a link to the ttyrec archivist." | 85 "Takes an entry dict and returns a link to the ttyrec archivist." |
89 lstr = '<a href="/archive.cgi?name={0};game={1};time={2}">{3}</a>' | 86 lstr = '<a href="/archive.cgi?name={0};game={1};time={2}">{3}</a>' |
90 linktext = entry["endt"].strftime("%Y/%m/%d %H:%M:%S") | 87 linktext = entry["endt"].strftime("%Y/%m/%d %H:%M:%S") |
91 stamp = int(entry["endt"].timestamp()) | 88 stamp = int(entry["endt"].timestamp()) |
92 return lstr.format(entry["name"], entry["game"].uname, stamp, linktext) | 89 escname = html.escape(entry["name"]) |
90 return lstr.format(escname, entry["game"].uname, stamp, linktext) | |
93 | 91 |
94 def maketablerow(cells, isheader=None): | 92 def maketablerow(cells, isheader=None): |
95 "Takes a list of strings and returns a HTML table row with each string \ | 93 "Takes a list of strings and returns a HTML table row with each string \ |
96 in its own cell. isheader will make them header cells, obviously." | 94 in its own cell. isheader will make them header cells, obviously." |
97 if isheader: | 95 if isheader: |
523 | 521 |
524 def playerpage(pname): | 522 def playerpage(pname): |
525 "Generate a player's HTML page" | 523 "Generate a player's HTML page" |
526 # Write the beginning of the page | 524 # Write the beginning of the page |
527 ppagefi = open(ppagename.format(pname), "w", encoding="utf-8") | 525 ppagefi = open(ppagename.format(pname), "w", encoding="utf-8") |
528 ppagefi.write(phead.format(pname)) | 526 cleanpname = html.escape(pname) |
527 ppagefi.write(phead.format(cleanpname)) | |
529 ppagefi.write(ptop) | 528 ppagefi.write(ptop) |
530 ppagefi.write(navplayer.format(pname)) | 529 ppagefi.write(navplayer.format(cleanpname)) |
531 ppagefi.write(pti.format("Results for " + pname)) | 530 ppagefi.write(pti.format("Results for " + cleanpname)) |
532 for game in gamelist: | 531 for game in gamelist: |
533 ppagefi.write(secthead.format(game.name)) | 532 ppagefi.write(secthead.format(game.name)) |
534 entries = game.getPlayer(pname) | 533 entries = game.getPlayer(pname) |
535 if not entries: | 534 if not entries: |
536 ppagefi.write("<div>" + pname + " has not yet completed an expedition\ | 535 ppagefi.write("<div>" + cleanpname + " has not yet completed an " + |
537 in this dungeon.</div>\n") | 536 "expedition in this dungeon.</div>\n") |
538 else: | 537 else: |
539 entries.sort(key=lambda e: e["endt"]) | 538 entries.sort(key=lambda e: e["endt"]) |
540 printTable(entries, game.pfields, ppagefi) | 539 printTable(entries, game.pfields, ppagefi) |
541 scoresum = 0 | 540 scoresum = 0 |
542 for entry in entries: | 541 for entry in entries: |