Python重定向不起作用 [英] Python Redirect not working

问题描述

我正在尝试将用户重定向到我的主页。它应该像

I'm trying to redirect the user to my homepage. Its suppose to be as simple as

print "Location:http://localhost:8000/index.html"
print ""

由于某些原因，此操作无效。我在Kali Linux上运行CGIHTTPServer。我使用的是Python 2.7.3
当我尝试运行脚本时，它只是打印出

This isn't working for some reason. I'm running CGIHTTPServer on Kali Linux. I'm using Python 2.7.3 When I try to run the script it simply prints out

Location:http://localhost:8000/index.html

我也尝试使用127.0.0.1代替localhost 。还是不行。这是我要运行的CGI脚本

I have also tried using 127.0.0.1 instead of localhost. It doesn't work either.Here is the CGI script that I'm trying to run

#!/usr/bin/python
import MySQLdb,cgi, os, sys
db=MySQLdb.connect(host="localhost", user="root", passwd="", db="test")
flag=False
query = db.cursor()
sys.stdout.write("Content-type: text/html\r\n\r\n")
sys.stdout.write("")
sys.stdout.write("<html><body>")
form = cgi.FieldStorage()
name = form.getvalue('temp')
passwd = form.getvalue('temp2')

if(query.execute("select * from cred where uname='"+name+"' and pass='"+passwd+"'")):
    db.commit()
    sys.stdout.write("Hello "+name)

else:
    db.commit()
    flag=True
sys.stdout.write("</body></html>")

if(flag == True):
    print "Location:http://localhost:8000/"
    print ""

推荐答案

您在这里遇到2个问题：

You have 2 problems here:

1. 您总是在开始处写 Content-Type 标头加上额外的换行符。现在，您已经完成了所有标头，不能再添加更多标头。

1. You always write the Content-Type header plus extra newlines at the start. You've now completed all headers and you can no longer add more.

当您不重定向时，仅 写这些标头。

Write these headers only when you are not redirecting.

Location 标头仅用于重定向，状态为30x HTTP响应。您需要添加 Status：标头，以向Web服务器发送信号以响应200以外的其他状态。

A Location header is only used for redirects, a status 30x HTTP response. You'll need to add a Status: header to signal to the web server to respond with a status other than 200.

调整代码以解决这些问题：

Adjusting your code to address these issues:

#!/usr/bin/python
import cgitb
cgitb.enable()

import MySQLdb, cgi, os, sys

db = MySQLdb.connect(host="localhost", user="root", passwd="", db="test")

form = cgi.FieldStorage()
name = form.getvalue('temp')
passwd = form.getvalue('temp2')

with db as query:
    query.execute("select * from cred where uname=%s and %s", (name, passwd))
    result = query.fetchone()
    
if result is None:
    # no such user, redirect
    print 'Status: 302 Found'
    print 'Location: http://localhost:8000/'
    print

else:
    print 'Content-type: text/html'
    print
    print '<html><body>Hello {}</body></html>'.format(name)

请注意，我对代码进行了一些更改以使用一些最佳实践：

Note that I altered the code somewhat to use some best practices:

1. 从不使用字符串插值将用户信息放入SQL查询中。这样，您会被SQL注入攻击所打击。使用SQL参数使数据库驱动程序为您转义值。

1. NEVER use string interpolation to put user-information into a SQL query. You'll get hammered by a SQL injection attack that way. Use SQL parameters to have the database driver escape the values for you.

您可以将连接用作上下文管理器来自动提交。

You can use the connection as a context manager to auto-commit.

我使用字符串格式来生成HTML输出。

I used string formatting to produce the HTML output.

这篇关于Python重定向不起作用的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！