Implemented some input sanitization for courses taken

parent 5d05e271
import gradaudit.util as util
import gradaudit.extract as extract
import re
from flask import Flask, render_template, request
from gasresponse import GASResponse
from tempfile import NamedTemporaryFile
......@@ -11,21 +12,17 @@ app = Flask(__name__)
def input_form():
if request.method == 'GET':
return render_template('GASGUI.html')
else:
uploaded = request.files['transcriptPDF']
with NamedTemporaryFile() as fil:
uploaded.save(fil)
fil.flush()
course_data = extract.extract_courses(fil.name)
courses = map(lambda x: x[0], course_data)
courses = ','.join(courses)
return render_template('GASGUI.html', classes=courses)
uploaded = request.files['transcriptPDF']
with NamedTemporaryFile() as fil:
uploaded.save(fil)
fil.flush()
course_data = extract.extract_courses(fil.name)
courses = map(lambda x: x[0], course_data)
courses = ','.join(courses)
@app.route('/upload', methods=['POST'])
def upload():
return render_template('GASGUI.html')
return render_template('GASGUI.html', classes=courses)
@app.route('/submit', methods=['POST'])
......@@ -35,10 +32,20 @@ def submit():
major = request.form['MajorList']
year = request.form['YearList']
spec = request.form['SpecializationOfDegree'].lower()
classes = request.form['classesTaken'].replace(' ', '')
classes = request.form['classesTaken']
classes = re.sub(r'\s+', '', classes)
classes = classes.rstrip(',')
classes = classes.split(',')
if classes == ['']:
classes = []
transcript = util.Transcript(
name, degree, major, year, spec, classes.split(','))
name, degree, major, year, spec, classes)
resp = GASResponse(transcript)
return render_template('GASTemplate.html', response=resp)
@app.errorhandler(500)
def exc(err):
return 'oops! <br>' + str(e)
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment