I've the following HTML code:
<html>
<form action="index.php" method="post">
Enter Input:
<input type="text" class="textbox" name="usn" id="usn" required />
<input class="buttongo" type="submit" value="Go" />
<input type="hidden" name="task" value="getResult"/>
</form>
</html>
I want to write a python script, which executes the above HTML, passing a value parameter to the first input statement to the above HTML. That is,
<html>
<form action="index.php" method="post">
Enter Input:
<input type="text" class="textbox" name="usn" id="usn" value="FromPython" />
<input class="buttongo" type="submit" value="Go" />
<input type="hidden" name="task" value="getResult"/>
</form>
</html>
Further, is there a way in which I can directly send the value to index.php and get the response?
(P.S.: I want to loop the value from 0 to 100 and save the response generated in a file)
Why don't you send the request using python ? You can send the requests inside a loop and pass the parameters you want.
Making requests with the requests module
sample code :
import requests
for i in range(101):
payload = {'usn': i}
response = requests.post("index.php", data=payload)
# do something with response
Use urllib module, documentation at: https://docs.python.org/2/library/urllib.html
As described in the link, this module provides a high-level interface for fetching data across the World Wide Web.
Related
I am having difficulty translating this specific HTML POST request into Python - I am attempting to exploit a security vulnerability on a test server.
director=
<form action="http://127.0.0.1:8000/card/0" method="POST">
<input type="hidden" name="amount" value="8000" />
<input type="hidden" name="username" value="hacker" />
<input type="submit" value="View my photos" />
</form>
Before you run the code below. Run pip install requests.
import requests
response = requests.get("http://api.open-notify.org/astros.json")
print(response)
>>>> Response<200>
See more details in the URL below.
https://www.nylas.com/blog/use-python-requests-module-rest-apis/
Briefly, python Flask is the workbench of web hosting I use, and I am trying to create an input form that doesn't appear in your history.
This is my form html:
<form name="ViewWindow" action="/home/ViewWindow/ViewWindowResult/">
<input name="url" type="url" required="required" placeholder="URL Here">
<input type="submit" value="Go">
</form>
And this is the python code working with the input url:
#web_site.route('/home/ViewWindow/ViewWindowResult/', methods=('GET', 'POST'))
def ViewWindowResult():
urlboi = request.values.get('url')
response = urllibrequest.urlopen(url) # import urllib.request as urllibrequest
htmlBytes = response.read()
htmlstr = htmlBytes.decode("utf8")
return html("ViewWindowResult.html", value=htmlstr)
My goal is to get here; /home/ViewWindow/ViewWindow/ViewWindowResult/,
but I end up getting here when I input "https://www.w3schools.com/tags/"; /home/ViewWindow/ViewWindowResult/?url=https%3A%2F%2Fwww.w3schools.com%2Ftags%2F
Why does Flask put my inputs in the url string? I do not intend to do this anywhere.
Edit: You can check this out by going to https://sm--supermechm500.repl.co/home/ViewWindow/
Try specifying the form method like so:
<form name="ViewWindow" action="/home/ViewWindow/ViewWindowResult/" method="post">
<input name="url" type="url" required="required" placeholder="URL Here">
<input type="submit" value="Go">
</form>
use post method like
<form name="ViewWindow" action="/home/ViewWindow/ViewWindowResult/" method="post">
<input name="url" type="url" required="required" placeholder="URL Here">
<input type="submit" value="Go">
</form
and then you python code is
#web_site.route('/home/ViewWindow/ViewWindowResult/', methods=('GET', 'POST'))
def ViewWindowResult():
input=request.form['url']
#write your code here
return(input)
its working for me it will print the url which same you entered
I have some html code that contains a form. When submitted it sends a post request to a server. The form has various inputs, each with a name and a value, however there are some inputs with the same name.
Here is an example of what I mean:
<form action="http://example.com" method="post">
<input name="name" value="val">
<input name="name" value="val">
<input type="submit">
</form>
First, I am confused as to how there can be two values of the same name. Please note that I have tried removing one of the instances of <input name="name" value="val"> however this returns an error so it seems that both instances are needed.
Second, I am trying to convert this to a python request using the request library.
I have the following request:
requests.get(url = URL, params = PARAMS).json()
Where PARAMS is a dictionary of the various inputs. For example:
PARAMS = {'name':"val"}
However, being a dictionary, I can't have multiple instances of the same value. How do I make this work? Thanks
If there are duplicated names then the values will be in an array with the name. The demo below sends to a live test server and the response is directed to an <iframe>
<form action="https://httpbin.org/post" method="post" target="response">
<input name="name" value="val">
<input name="name" value="val">
<input type="submit">
</form>
<iframe name='response'></iframe>
What you are looking for is to use input arrays. With them, you can have many inputs sharing the same name, and in the server side, the data will be treated as an array. So the HTML would be:
<form action="http://example.com" method="post">
<input name="name[]" value="val1">
<input name="name[]" value="val2">
<input type="submit">
</form>
How can I use both HTML and Python code in same file in CGI as we can do the same thing wiht PHP and HTML.
I have following HTML code in Python file.
#!C:/python36/python.exe
import cgi
print("Content-type:text/html")
print("""
<html>
<head><title>html form</title></head>
<body style='background-color:red;'>
<form method="POST" action="#">
<input type="text" placeholder="username" name="username">
<input type="text" placeholder="password" name="password">
<input type="submit" value="submit" name="send">
</html>""")
now I want use python code in this file to get form data and my python code is as follow:
form = cgi.FieldStorage()
username = form.getvalue("username")
password = form.getvalue("password")
print(username,password)
Now, if submit is clicked, I want Python code to be executed and also I do not want to reference my Python code in form action.
I am attempting to log into a very simple web interface. This should involve entering and submitting a passcode; I don't expect to need to keep track of cookies and there is no username.
The web page is like the following, with a simple form for POSTing the passcode:
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<!-- saved from url=(0039)http://start.ubuntu.com/wless/index.php -->
<html><head><meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<title>Wireless Authorisation Page</title>
</head>
<body>
<h1>Title</h1>
<h2>Wireless Access Authorisation Page</h2>
Hello<br>
<form action="http://start.ubuntu.com/wless/index.php" method="POST"><input type="hidden" name="action" value="auth">PIN: <input type="password" name="pin" size="6"><br><input type="submit" value="Register"></form>
<h3>Terms of use</h3><p>some text</p>
</body>
</html>
I have attempted the following using urllib and urllib2:
import urllib
import urllib2
URL = "http://start.ubuntu.com/wless/index.php"
data = urllib.urlencode({"password": "verysecretpasscode"})
response = urllib2.urlopen(URL, data)
response.read()
This hasn't worked (the same page is returned and login is not successful). Where might I be going wrong?
The form has two named input fields, you're only sending one:
<form action="http://start.ubuntu.com/wless/index.php" method="POST">
<input type="hidden" name="action" value="auth">
PIN: <input type="password" name="pin" size="6"><br>
<input type="submit" value="Register">
</form>
The second one is called pin, not password, so your data dict should look like this:
{"pin": "verysecretpasscode", "action": "auth"}
You might want to try using something like requests
This allows you to
import requests
print(requests.post(url, data={"password": "verysecretpasscode"}))