import sys, os, os.path, string, cgi
import Ns
conn = Ns.GetConn()
url = conn.request.url # get our URL
this_script = Ns.UrlToFile(conn.Server(), url)
print 'Content-type: text/html\n\n'
# get the filename to display
form = cgi.FieldStorage()
if not form.has_key('filename'):
print 'Please specify a filename!'
sys.exit()
filename = form['filename'].value
# properly hack the filename
filename = os.path.split(filename)[-1]
# put it in the right place (this dir!)
filename = os.path.join(os.path.dirname(this_script), filename)
# put some minimal security checking in; Evil People have to defeat the
# path hack above, as well as find a system file that matters that has
# the ending .py...
if filename[-3:] != '.py' and filename[-4:] != '.adp':
print 'Please specify a Python source file or an ADP file. (got %s)' \
% filename
sys.exit()
# read the file
source = open(filename, 'r').read()
# quote '<', '>', and '&' so they don't screw up the HTML
source = Ns.QuoteHtml(source)
# create the display dictionary
d = {
'source' : source,
'filename' : filename,
}
# now, finally, print me.
print """\
<title>%(filename)s</title>
<body bgcolor=white>
File: <b>%(filename)s</b>
<hr>
<blockquote>
<pre>
%(source)s
</pre>
</blockquote>
<hr>
""" % d
|