管理URL的参数(Python Flask) [英] Managing parameters of URL (Python Flask)
问题描述
以下是我的代码:
@ app.route('/',methods = ['GET','POST'])
def doSearch():
entries = None
error = None
如果request.method =='POST':
如果request.form ['labelname']:
返回重定向(url_for('show_results',results1 ='0- 100',labelname = request.form ['labelname']))
else:
error ='请输入任何标签进行搜索'
return render_template('index.html',entries = entries,error = error)
$ b @ app.route('/ my_search /< labelname>')
def show_results(labelname = None,resultcount = None,results1 = None):$ b $如果不是session.get('user_id'):
flash('您需要登录才能做任何搜索!')
返回重定向(url_for('login'))
else:
time1 = time()
如果resultcount i s None:
total_count = g.db.execute(query_builder_count(tablename ='my_data',nametomatch = labelname,isextension = True))。fetchall()[0] [0]
(result1.split(' - ')[0],results1.split(' - ')[1])$ b
$ b nk1 = g.db。 execute(query_builder(tablename ='my_data',nametomatch = labelname,isextension = True)+ limit_factor)
time2 = time()
entries = []
maxx_count = None
如果maxx_count是无:
maxx_count = int(rows [0])
entries.append({xmlname:rows [1],'xmlid':rows [ 2],labeltext:rows [12]})
return render_template('output.html',labelname = labelname,entries = entries,resultcount = total_count,time1 = time2-time1,current_output = len(entries) )
在这里,我需要输出URL像 http://127.0 .0.1:5000 / my_search / assets?results1 = 0-100
另外,如果我编辑在浏览器中的URL地址就像我想要下一个100结果我可以得到它 http://127.0.0.1:5000/my_search/assets?results1=100-100
注意:这里我使用sqlite作为后端;所以我会在查询中使用 limit_factor
来限制我的结果。和 query_builder
和 query_builder_count
只是简单的函数,正在生成复杂的sql查询。 b
$ b
但是我得到的错误是NoneType不能分割。它停在limit_factor
。
这里限制因子只是我所应用的一个过滤器;但我想要应用更多的过滤器,例如我想要搜索它的位置 http://127.0.0.1:5000/my_search/assets?results1=0-100&location=asia
函数参数只映射到路由变量。这意味着在你的情况下, show_results
函数应该只有一个参数,而 labelname
。你甚至不需要把它默认为 None
,因为它总是被设置的(否则路由不匹配)。
为了得到查询参数,使用 flask.request.args
:
from flask import request
@ app.route('/ my_search /< labelname>')
def show_results(labelname = None):
results1 = request.args.get('results1', '0-100')
...
顺便提一句,你最好不要构造你的SQL你的方式,使用占位符和变量。您的代码容易受到 SQL注入的影响。你不能相信任何来自用户的输入。
正确的方法取决于实际的数据库,但是例如,如果你使用MySQL,这样做(不是我没有使用%
操作符):
sql =.... LIMIT%s,%s
g.db.execute(sql,(limit_offset,limit_count))
I want some search feature in my website. In the output page, I am getting all the results in single page. However, I want to distribute it to many pages (i.e. 100 searches/page). For that, I am passing a number of default searches in "urlfor" but it isn't working. I know I am making a small error but I am not catching it.
Here is my code below:
@app.route('/', methods=['GET', 'POST'])
def doSearch():
entries=None
error=None
if request.method=='POST':
if request.form['labelname']:
return redirect(url_for('show_results',results1='0-100', labelname=request.form['labelname'] ))
else:
error='Please enter any label to do search'
return render_template('index.html',entries=entries, error=error)
@app.route('/my_search/<labelname>')
def show_results(labelname=None, resultcount=None, results1=None):
if not session.get('user_id'):
flash('You need to log-in to do any search!')
return redirect(url_for('login'))
else:
time1=time()
if resultcount is None:
total_count=g.db.execute(query_builder_count(tablename='my_data',nametomatch=labelname, isextension=True)).fetchall()[0][0]
limit_factor=" limit %s ,%s"%(results1.split('-')[0],results1.split('-')[1])
nk1=g.db.execute(query_builder(tablename='my_data',nametomatch=labelname, isextension=True) + limit_factor)
time2=time()
entries=[]
maxx_count=None
for rows in nk1:
if maxx_count is None:
maxx_count=int(rows[0])
entries.append({"xmlname":rows[1],'xmlid':rows[2],"labeltext":rows[12]})
return render_template('output.html', labelname=labelname,entries=entries, resultcount=total_count, time1=time2-time1, current_output=len(entries))
Here I want output on the URL like "http://127.0.0.1:5000/my_search/assets?results1=0-100
"
Also, if I edit the url address in browser like I want the next 100 result I can get it on "http://127.0.0.1:5000/my_search/assets?results1=100-100
"
Note: here I am using sqlite as backend; so I will use "limit_factor
" in my queries to limit my results. And "query_builder
" and "query_builder_count
" are just simple functions that are generating complex sql queries.
but the error I am getting is "NoneType" can't have split. It stopped at "limit_factor"
.
Here limit factor is just one filter that I have applied; but I want to apply more filters, for example i want to search by its location "http://127.0.0.1:5000/my_search/assets?results1=0-100&location=asia
"
Function parameters are mapped only to the route variables. That means in your case, the show_results
function should have only one parameter and that's labelname
. You don't even have to default it to None
, because it always has to be set (otherwise the route won't match).
In order to get the query parameters, use flask.request.args
:
from flask import request
@app.route('/my_search/<labelname>')
def show_results(labelname=None):
results1 = request.args.get('results1', '0-100')
...
Btw, you better not construct your SQL the way you do, use placeholders and variables. Your code is vulnerable to SQL injection. You can't trust any input that comes from the user.
The correct way to do this depends on the actual database, but for example if you use MySQL, you would do this (not that I'm not using the %
operator):
sql = ".... LIMIT %s, %s"
g.db.execute(sql, (limit_offset, limit_count))
这篇关于管理URL的参数(Python Flask)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!