1.1 Create a form that asks a user to input their name into a textfield and to choose a color from a selection of radio buttons. Create a CGI script that displays a page with a short message (e.g. "Thank you", name, "for your request") in the color which the user chose. #!/usr/bin/env python # ######### CGI header ####################################### import cgi print "Content-Type: text/html\n" form = cgi.FieldStorage() ######### get form values ################################## color = form.getvalue("color") name = form.getvalue("name") ########## HTML header ###################################### print """
" ########## print name and color ############################# if name and color: print "" print "Thank you", name , "for your request" print "" else: print "You need to enter a color and a name" ########### HTML footer #################################### print """ """ ---- 3.1 Apply all the security measures mentioned above under "b) Check user input" to your script from exercise 1.1. For example, check that neither name nor color are empty, check that the name and color contain only word characters, space or hyphen (-) and check that neither name nor color is longer than 50 chars. If your script encounters any security problem, print an error message and exit the script using sys.exit(). #!/usr/bin/env python # ######### CGI header ####################################### import cgi print "Content-Type: text/html\n" form = cgi.FieldStorage() ########## import the system module ############################# import sys ########## import the regular expr module ####################### import re ############### this replaces <> with HTML meta characters ###### open_tag = re.compile(r"<") close_tag = re.compile(r">") for item in form.keys(): form[item].value = open_tag.sub ("<", form[item].value) form[item].value = close_tag.sub (">", form[item].value) ######### get form values ################################## color = form.getvalue("color") name = form.getvalue("name") ########## HTML header ######################################## print """