class _MarkupEscapeHelper(object): """Helper for Markup.__mod__""" def __init__(self, obj): self.obj = obj __getitem__ = lambda s, x: _MarkupEscapeHelper(s.obj[x]) __str__ = lambda s: str(escape(s.obj)) __unicode__ = lambda s: unicode(escape(s.obj)) __repr__ = lambda s: str(escape(repr(s.obj))) __int__ = lambda s: int(s.obj) __float__ = lambda s: float(s.obj)
def login(): """ Login """ if request.method == 'POST': if request.form['username'] and request.form['password']: import config if config.USERNAME == escape(request.form['username'])\ and config.PASSWORD == escape(request.form['password']): session['username'] = escape(request.form['username']) return redirect(url_for('admin')) return '''
def escape(cls, s): """Escape a string. Calls :func:`escape` and ensures that for subclasses the correct type is returned. """ rv = escape(s) if rv.__class__ is not cls: return cls(rv) return rv
def escape(cls, s): """Escape the string. Works like :func:`escape` with the difference that for subclasses of :class:`Markup` this function would return the correct subclass. """ rv = escape(s) if rv.__class__ is not cls: return cls(rv) return rv
def _escape_argspec(obj, iterable): """Helper for various string-wrapped functions.""" for key, value in iterable: if hasattr(value, '__html__') or isinstance(value, basestring): obj[key] = escape(value) return obj
def _escape_argspec(obj, iterable, escape): """Helper for various string-wrapped functions.""" for key, value in iterable: if hasattr(value, '__html__') or isinstance(value, string_types): obj[key] = escape(value) return obj
def __radd__(self, other): if hasattr(other, '__html__') or isinstance(other, basestring): return self.__class__(unicode(escape(other)) + unicode(self)) return NotImplemented
def rpartition(self, sep): return tuple( map(self.__class__, unicode.rpartition(self, escape(sep))))
def __radd__(self, other): if hasattr(other, '__html__') or isinstance(other, str): return self.__class__(str(escape(other)) + str(self)) return NotImplemented
def rpartition(self, sep): return tuple( map(self.__class__, six.text_type.rpartition(self, escape(sep))))
def __radd__(self, other): if hasattr(other, '__html__') or isinstance(other, six.string_types): return self.__class__( six.text_type(escape(other)) + six.text_type(self)) return NotImplemented
def partition(self, sep): return tuple(map(self.__class__, str.partition(self, escape(sep))))
def rpartition(self, sep): return tuple(map(self.__class__, unicode.rpartition(self, escape(sep))))