[英]Passing variables aquired using flask as input to script
I have a python setup where one method continuously returns the IDs of scanned RFID chips.我有一个 python 设置,其中一种方法连续返回扫描的 RFID 芯片的 ID。 Now I cut the cord and have the scanner hooked up to a wifi microcontroller (ESP8266).
现在我切断电源线并将扫描仪连接到 wifi 微控制器(ESP8266)。 Every time a chip is scanned a GET request is issued containing the chip's ID.
每次扫描芯片时,都会发出一个包含芯片 ID 的 GET 请求。
I put the flask part in a simple script.我把烧瓶部分放在一个简单的脚本中。 I don't need anything returned to the ESP8266.
我不需要任何东西返回给 ESP8266。 I would like to just have a class or functions that just return the collected value.
我只想有一个只返回收集值的类或函数。 I can print the value to stdout where it appears also with flask's log output but this doesn't really help.
我可以将值打印到 stdout,它也出现在 Flask 的日志输出中,但这并没有真正的帮助。 How do I pass
uid
to a different script, what am I missing?如何将
uid
传递给不同的脚本,我错过了什么?
The script in question:有问题的脚本:
from flask import Flask
app = Flask(__name__)
@app.route('/urlpath/<uid>')
def rfiduid(uid):
print uid
if __name__ == '__main__':
app.run(host='0.0.0.0', debug=False)
You would just need to import your other and call it directly from within the route.您只需要导入另一个并直接从路由内调用它。
from flask import Flask
# A module which contains the stuff you're trying to do
from myothermodule import processRFID
app = Flask(__name__)
@app.route('/urlpath/<uid>')
def rfiduid(uid):
# Pass the UID to your other module here
processRFID(uid)
if __name__ == '__main__':
app.run(host='0.0.0.0', debug=False)
If your other code is literally a script (that accepts input arguments from the command line) I would recommend modifying it so that it contains a function that you can call from the flask app.如果您的其他代码实际上是一个脚本(从命令行接受输入参数),我建议修改它,使其包含一个可以从 Flask 应用程序调用的函数。 Otherwise, you will need to use an
os.system
call or something to execute the other script with arguments.否则,您将需要使用
os.system
调用或其他方法来执行带有参数的其他脚本。 This is highly discouraged since you are passing un-sanitized user input (via the url) to your system.这是非常不鼓励的,因为您将未经消毒的用户输入(通过 url)传递到您的系统。
@app.route('/urlpath/<uid>')
def rfiduid(uid):
os.system(' '.join(['script.py', uid]))
This could be exploited if a UID were passed as '1 && really_bad_system_command'
如果将 UID 传递为
'1 && really_bad_system_command'
则可以利用此漏洞
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.