[mod_python] Problem with Mod Python Appending HTML

Jim Gallacher jpg at jgassociates.ca
Thu Jun 29 19:39:53 EDT 2006


Max Luebbe wrote:
> I think I understand what you are talking about but still can't get what
> I'm looking for to work. When I use apache.DONE instead of apache.OK, no
> further html is generated,

But isn't that precisely the problem you are trying to solve?

> and when I submit the form created by the
> displayAccountOptions function, it redisplays the same page, just
> without any css to make it look presentable. This is also not
> acceptable.

My guess is you are using relative urls for your form action and
stylesheet. Check your apache access log and check what is actually
being requested. My guess is you'll see something like
GET /some/directory/yourscript.py/commitChanges/yourstylesheet.css
but what you really want is /some/directory/yourstylesheet.css.


> This is an authenhandler
> Here's a cut version of the code:
> 
> def authenhandler(req):
> 	'''Point of entry for this script.'''
> 
> 	# Get Authentication information from the user
> 	password = req.get_basic_auth_pw()
> 	user = req.user
> 
> 	# Check user info against the database
> 	db = anydbm.open(accountsDBPath, 'r')
> 	if not db.has_key(user):
> 		return apache.HTTP_UNAUTHORIZED
> 	else:
> 		record = db[user]
> 		# Decode entry
> 		initRecord = RECORD_SIZE * ['0']
> 		data = eval(db.setdefault(user, initRecord)) 
> 		# Check Password
> 		if not password == data[PASSWORD_HASH]:
> 			db.close()
> 			return apache.HTTP_UNAUTHORIZED
> 
> 		# User is authorized!
> 		record = {}
> 		record['loginName'] = user
> 		record['firstName'] = data[FIRST_NAME]
> 		record['lastName'] = data[LAST_NAME]
> 		record['forwardingAddress'] = data[FORWARDING_ADDRESS]
> 
> 		db.close()
> 		displayAccountOptions(req,user,record)
> 		return apache.OK
> 
> displayAccountOptions displays an html form that posts to another
> function called commitChanges, that displays additional html.
> 
> The html produced by commitChanges is getting appended to the html
> generated by displayAccountOptions, which is what not what I want.
> 
> Does this clarify things?

Not really. ;)

> Would I be better served by just implementing my own password system for
> accessing my database (using password fields in a form) instead of using
> the authentication methods? 

I'd leave your auth code in the authenhandler, but move
displayAccountOptions into your request handler as I don't see that it
is actually required for authentication.

    req.record = {}
    req.record['loginName'] = user
    req.record['firstName'] = data[FIRST_NAME]
    req.record['lastName'] = data[LAST_NAME]
    req.record['forwardingAddress'] = data[FORWARDING_ADDRESS]

That way the db record is available for the request handler. I don't see
what handler you are using, but if it's publisher you could then have
separate methods for displayAccountOptions and commitChanges.

Jim

> On Wed, 2006-06-28 at 18:30 -0400, Graham Dumpleton wrote:
>> Max Luebbe wrote ..
>>> I am having problems with my mod_python scripts appending HTML together,
>>> when having req.write() create a new page is what I am after.
>>>
>>> I have an authentication handler for a blank html page that queries a
>>> database for a user/pass, and then generates HTML based off of who
>>> logged in.
>> When you say you have a "authentication handler", do you mean that it
>> is triggered by PythonAuthenHandler directive. If it is and you are returning
>> HTML from it and it represents the complete response for the request,
>> you must return apache.DONE and not apache.OK. If you do not return
>> apache.DONE, the content handler will still be executed and thus any
>> HTML that the content handler itself generates will be appended to the
>> result.
>>
>> The only other time you would likely see HTML from two places being
>> concatenated together, is when you are generating HTML but then returning
>> an error status such as apache.HTTP_UNAUTHORIZED. In other words, 
>> you were wanting to generate a custom error response page. If you simply
>> return apache.HTTP_UNAUTHORIZED in that situation, then Apache will
>> still go on to generate an error document page which gets appended to
>> your output. In that situation you should instead use:
>>
>>   req.status = apache.HTTP_UNAUTHORIZED
>>   # generate HTML
>>   return apache.OK
>>
>> If this is a handler other than PythonHandler, again, you should be
>> returning apache.DONE and not apache.OK.
>>
>> I would suggest that you post what your Apache configuration directives
>> are so it is clear what handlers are being executed and in what phases.
>>
>> Show a cut done version of what your handlers are doing would also
>> be helpful.
>>
>> Graham
>>
>>> The HTML generated is a form, and the user information is used to
>>> populate the default values. When the user submits the form, and my
>>> formHandler is called, the HTML it generates is appended to the current
>>> page, instead of starting a new one. I have <html> and </html> tags at
>>> the appropriate places to mark where documents are starting and
>>> stopping.
>>>
>>> I did not have this problem on any of the other pages/scripts I have
>>> written, and I think that adding authentication into the mix is the
>>> variable in the equation.
>>>
>>> What I am after is the following sequence:
>>> (1) user login 
>>> (2) new page w/form with default fields grabbed from db (generated html)
>>> (3) another new page w/confirmation info (values and corrections from
>>> form) (generated html)
>>>
>>> Any suggestions?
>>> I would greatly appreciate any help I could get.
>>>
>>> -- 
>>> Max Luebbe <max.luebbe at gmail.com>
>>>
>>> _______________________________________________
>>> Mod_python mailing list
>>> Mod_python at modpython.org
>>> http://mailman.modpython.org/mailman/listinfo/mod_python



More information about the Mod_python mailing list