flask工具構建自動化測試平臺8-驗證用戶輸入

主要內容：

•選擇驗證點
•驗證

驗證點

服務器端和客戶端需要兼顧。

把犯罪地圖增加驗證

style.css

body { 
    font-family: sans-serif; 
    background: #eee; 
}

#map-canvas {
    width: 70%;
    height: 500px;
    float: left;
}

#newcrimeform {
    float: right;
    width: 25%;
}

#error {
    color: red;
}

input, select, textarea { 
    display: block;
    color: grey;
    border: 1px solid lightsteelblue;
    line-height: 15px;
    margin: 2px 6px 16px 0px;
    width: 100%;
}

input[type="submit"] {
    padding: 5px 10px 5px 10px;
    color: black;
    background: lightsteelblue;
    border: none;
    box-shadow: 1px 1px 1px #4C6E91;
}

input[type="submit"]:hover {
    background: steelblue;
}

模板home.html

<!DOCTYPE html>
<html lang="en">
  <head>

  <link type="text/css" rel="stylesheet" href="{{url_for('static', filename='css/style.css') }}" /> 

  <script type="text/javascript"
    src="https://maps.googleapis.com/maps/api/js">
  </script> 

  <script type="text/javascript">
    var map;
    var marker;
    var existing_crimes;

    function initialize() { 
      var mapOptions = {
        center: new google.maps.LatLng(-33.30578381949298, 26.523442268371582),
        zoom: 15
      };
      map = new google.maps.Map(document.getElementById("map-canvas"), mapOptions);
      google.maps.event.addListener(map, 'click', function(event){   
        placeMarker(event.latLng);
      });
      placeCrimes({{crimes | safe}});
    }

    function placeCrimes(crimes) {
      for (i=0; i<crimes.length; i++) {
        crime = new google.maps.Marker( {
          position: new google.maps.LatLng(crimes[i].latitude, crimes[i].longitude),
          map: map,
          title: crimes[i].date + "\n" + 
            crimes[i].category + "\n" + crimes[i].description
          }
        );
      }
    }

    function placeMarker(location) {
      if (marker) {
        marker.setPosition(location);
      } else {
        marker = new google.maps.Marker({
          position: location, 
          map: map
        });
      }
    document.getElementById('latitude').value = location.lat();
    document.getElementById('longitude').value = location.lng();
    }
  </script>
  
</head>
  <body onload="initialize()">
      <h1>CrimeMap</h1>
      <p>A map of recent criminal activity in the Grahamstown area.</p>
      <div id="map-canvas"></div>

      <div id="newcrimeform">
        <h2>Submit new crime</h2>
        {% if error_message %}
          <div id="error"><p>{{error_message}}</p></div>
        {% endif %}
        <form action="/submitcrime" method="POST">
        <label for="category">Category</label> 
        <select name="category" id="category">
          {% for category in categories %}
            <option value="{{category}}">{{category}}</option>
          {% endfor %}
        </select> 
        <label for="date">Date</label>
        <input name="date" id="date" type="date">
        <label for="latitude">Latitude</label>
        <input name="latitude" id="latitude" type="text" readonly>
        <label for="longitude">Longitude</label>
        <input name="longitude" id="longitude" type="text" readonly>
        <label for="description">Description</label>
        <textarea name="description" id="description" placeholder="A brief but detailed description of the crime"></textarea>
        <input type="submit" value="Submit">
      </form>
    </div>
  </body>
</html>

crimemap.py

from flask import Flask
from flask import render_template
from flask import request
import json
import dateparser
import datetime
import string
import dbconfig
if dbconfig.test:
    from mockdbhelper import MockDBHelper as DBHelper
else:
    from dbhelper import DBHelper


app = Flask(__name__)
DB = DBHelper()

categories = ['mugging', 'break-in']


def sanitize_string(userinput):
    whitelist = string.ascii_letters + string.digits + " !?.,;:-'()&"
    return filter(lambda x: x in whitelist, userinput)


def format_date(userdate):
    date = dateparser.parse(userdate)
    try:
        return datetime.datetime.strftime(date, "%Y-%m-%d")
    except TypeError:
        return None


@app.route("/")
def home(error_message=None):
    crimes = DB.get_all_crimes()
    crimes = json.dumps(crimes)
    return render_template("home.html", crimes=crimes, categories=categories, error_message=error_message)


@app.route("/submitcrime", methods=['POST'])
def submitcrime():
    try:
        error_message = None
        category = request.form.get("category")
        if category not in categories:
            return home()

        date = format_date(request.form.get("date"))
        if not date:
            return home("Invalid date. Please use yyyy-mm-dd format")
        try:
            latitude = float(request.form.get("latitude"))
            longitude = float(request.form.get("longitude"))
        except:
            error_message = "Latitude and Longitude have incorrect format"
            return home(error_message)
        description = sanitize_string(request.form.get("description"))
        DB.add_crime(category, date, latitude, longitude, description)
        return home()
    except Exception as e:
        print(e)

if __name__ == '__main__':
    app.run(host='0.0.0.0',port=8000, debug=True)

參考資料

• 討論qq羣144081101 591302926 567351477 釘釘免費羣21745728

• 本文涉及的python測試開發庫 謝謝點贊！
• 本文代碼地址
• 本文相關書籍下載

image.png