Mercurial > hg > rlgallery-misc

comparison web/scoring/players/index.cgi @ 49:6138c27d1950

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Escape the player's name when printing it into HTML. Non-alphanumeric characters in names may eventually be possible.
author John "Elwin" Edwards
date Mon, 24 Mar 2014 16:01:28 -0700
parents 25843238434a
children
comparison
equal deleted inserted replaced
48:955c2fd68dcf 49:6138c27d1950
1 #!/usr/bin/python3 1 #!/usr/bin/python3
2 2
3 import os 3 import os
4 import sys 4 import sys
5 import html
5 import rlgall 6 import rlgall
6 7
7 playerdir = "/var/www/lighttpd/scoring/players/" 8 playerdir = "/var/www/lighttpd/scoring/players/"
8 linkstr = '<li><a href="./{0}.html">{0}</a></li>\n' 9 linkstr = '<li><a href="./{0}.html">{0}</a></li>\n'
9 10
24 if not namelist: 25 if not namelist:
25 sys.stdout.write("<p>No one is here.</p>\n") 26 sys.stdout.write("<p>No one is here.</p>\n")
26 else: 27 else:
27 sys.stdout.write("<ul>\n") 28 sys.stdout.write("<ul>\n")
28 for name in namelist: 29 for name in namelist:
29 sys.stdout.write(linkstr.format(name)) 30 sys.stdout.write(linkstr.format(html.escape(name)))
30 sys.stdout.write("</ul>\n") 31 sys.stdout.write("</ul>\n")
31 32
32 sys.stdout.write(rlgall.pend) 33 sys.stdout.write(rlgall.pend)