使用Zope 2.13.29和Python 2.7.15,我试图使用从DTML文档调用的Python脚本来验证Google的reCaptcha2。 DTML文档包含该表单,并且同一DTML文档使用dtml-if语句来确定用户单击提交后是否处理该表单。在dtml-if语句中包含一个dtml-in,该dtml-in调用python脚本以验证reCaptcha并返回成功值(True或False)。问题是我似乎无法获得成功的价值。

虽然我知道你们中的一些人可能倾向于谈论RestrictedPython以及我如何无法导入供Zope使用的python模块,但这一部分已经处理完毕。一切正常,只是没有做我需要做的事情。

这是dtml-doc,它显示联系表格,并确定是否单击了提交,这反过来又调用了python脚本,以最终确定来自reCaptcha的Google成功变量的返回值。

<dtml-if submit>

<dtml-with recaptcha-validate>

<dtml-if expr="'success' == True">

<dtml-sendmail mailhost="MailHost">
To: [email protected]
From: &dtml.lower-emailaddr;
Subject: Web Request

&dtml-message;

Sincerely,

&dtml-realname;
&dtml-emailaddr;
&dtml-phone;
&dtml-location;

</dtml-sendmail>

<dtml-else>

<dtml-sendmail mailhost="MailHost">
To: [email protected]
From: &dtml.lower-emailaddr;
Subject: SPAM: Web Request

&dtml-message;

Sincerely,

&dtml-realname;
&dtml-emailaddr;
&dtml-phone;
&dtml-location;

</dtml-sendmail>

</dtml-if>
</dtml-with>

<dtml-else submit>

<dtml-var "foo.sitefiles.doctype(_.None, _)">
<html>
<head>
<title>Contact Us</title>

<script src="https://www.foo.com/javascript/jquery/jquery-min.js" type="text/javascript"></script>
<script src="https://www.foo.com/javascript/parsley/parsley.min.js" type="text/javascript"></script>

<script src="https://www.foo.com/javascript/misc/placeholder.js" type="text/javascript"></script>

<script src="https://www.google.com/recaptcha/api.js"></script>

</head>

<body>

<form data-parsley-validate id="contact-form" method="post" action=<dtml-var URL0> novalidate="" parsley-validate="" parsley-focus="none" data-parsley-errors-messages-disabled data-parsley-excluded="input[name=g-recaptcha-response], input[id=recaptcha-token]">
<fieldset>
<label>NAME</label>
<input class="parsley-validated" type="text" name="realname" placeholder="Enter your name" value="" required="">
<label>E-MAIL</label>
<input class="parsley-validated" type="email" name="emailaddr" placeholder="Enter your e-mail" value="" required="" pattern="^([a-zA-Z0-9_\-\.]+)@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.)|(([a-zA-Z0-9\-]+\.)+))([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$">
<label>PHONE NUMBER</label>
<input class="parsley-validated" type="text" name="phone" placeholder="Enter your contact phone number" value="" required="" pattern="^\(?([0-9]{3})\)?[-. ]?([0-9]{3})[-. ]?([0-9]{4})$">
<label>LOCATION</label>
<input class="parsley-validated" type="text" name="location" placeholder="Enter your city, state" value="">
<label>MESSAGE</label>
<textarea class="parsley-validated" name="message" placeholder="Enter your message here" value="" required="" rows="8"></textarea>
<input id="myField" data-parsley-errors-container="#errorContainer" data-parsley-required="true" value="" type="text" style="display:none;">
<div id="contactrecaptcha">
<div id="recaptchatoken" class="g-recaptcha" data-sitekey="XXXXXXXXXX" data-        callback="recaptchaCallback"></div>
</div>
<span id='errorContainer'></span>
</fieldset>
<input type="submit" name="submit" value="SUBMIT">
</form>

<script type="text/javascript">
$('#contact-form').parsley();
function recaptchaCallback() {
    document.getElementById('myField').value = 'nonEmpty';
}
</script>

</body>
</html>

</dtml-if>




这是python脚本(名为recaptcha-validate):

import urllib
import urllib2
import json

REQUEST = container.REQUEST

URIReCaptcha = 'https://www.google.com/recaptcha/api/siteverify'
secret = 'XXXXXXXXXXXXXXXXXXX'
recaptcha_response = context.REQUEST['g-recaptcha-response']
remoteip = REQUEST.HTTP_X_FORWARDED_FOR

params = urllib.urlencode({
'secret': secret,
'response': recaptcha_response,
'remoteip': remoteip,
})

#print params
from urllib2 import urlopen
req = urllib2.Request(URIReCaptcha, params)
response = urllib2.urlopen(req)
result = json.load(response)
success = result.get('success', None)
return{'success': success}


当通过“测试”选项卡从ZMI运行脚本时,我希望结果为假,然后返回

{'success':False}

但是,我似乎无法从DTML-doc调用成功变量。

应该提交表单,应该运行python脚本并验证Recaptcha,返回成功值(True / False),然后dtml-if应该决定如何继续处理表单。

最佳答案

我不确定,但是我认为您应该尝试创建dtml方法而不是dtml-doc。

https://zope.readthedocs.io/en/latest/zope2book/DTML.html#formatting-and-displaying-sequences

您还应该考虑使用ZPT代替DTML。

看一下第一个音符:https://zope.readthedocs.io/en/latest/zope2book/DTML.html#basic-dtml

10-08 12:37