Moved from php to python

stream/index.html

@@ -1,10 +1,3 @@
-<?php include_once("header_functions.php"); ?>
-<!doctype html>
-<html>
-    <?php head('Streaming simulator'); ?>
-    <body>
-        <?php include("header.php"); ?>
-        <?php include("nav.php"); ?>
         <section>
             <h2>Streaming simulator</h2>
             <p>
@@ -20,9 +13,5 @@
                 </form>
             </p>
             <div style="border-width:1px; border-style: solid;" id="container"></div>
+#
         </section>
-        <?php include("jsIncludes.php"); ?>
-        <script src="js/Params.js.php?<?php echo htmlentities($_SERVER['QUERY_STRING']); ?>"></script>
-        <script src="js/main.js"></script>
-    </body>
-</html>

stream/index.py

@@ -0,0 +1,48 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+
+import sys
+import cgi
+from webtools import Web
+
+def main():
+    print('Content-type: text/html')
+    print()
+
+    page = Web.Element(Web.ROOT_DIR + 'templates/page.html')
+    head = Web.Element(Web.ROOT_DIR + 'templates/head.html')
+    body = Web.Element(Web.ROOT_DIR + 'templates/body.html')
+    jsIncludes = Web.Element(Web.ROOT_DIR + 'templates/jsIncludes.html')
+
+    # Parse parameter res
+    res = None
+    try:
+        parameters = cgi.FieldStorage()
+        res = int(cgi.escape(parameters.getvalue('res')))
+        if res < 1 or res > 25:
+            raise IndexError('res must be between 1 and 25')
+    except:
+        res = 5
+
+    mainJs = Web.Element()
+    mainJs.open_string = """\
+        <script>
+            params = {};
+            params.get = {};
+            params.post = {};
+            params.get.res = """ + str(res) + """;
+        </script>
+        <script src="js/main.js"></script>\
+"""
+    content = Web.Element('index.html')
+
+    page.add_child(head)
+    page.add_child(body)
+    body.add_child(content)
+    body.add_child(jsIncludes)
+    jsIncludes.add_child(mainJs)
+
+    page.print()
+
+if __name__ == '__main__':
+    main()

stream/js/Params.js.php

@@ -1,39 +0,0 @@
-<?php
-
-    // This file will generate a js script
-    header("Content-Type: text/javascript");
-
-    echo "params = {};\n";
-    echo "params.get = {};\n";
-    echo "params.post = {};\n";
-
-    // Next part is to check the value of the parameters
-    // All this is necessary, we must be sure that res is a number before
-    // generating js code, otherwise, a malicious user might inject js code
-    // For example, if we simply did
-    // echo "params.get.res = " . $_GET['res'] . ";\n";
-    // One could inject a js alert by going to
-    // http://localhost/stream?res=3;alert('toto')
-
-    // Default value, will be applied if the res variable is not correct
-    $default = 5;
-    $res = null;
-
-    try
-    {
-        // Cast res to an int and check if it's in the bounds
-        // res will be 0 if filter_var returns false
-        $res = intval(filter_var($_GET['res'], FILTER_VALIDATE_INT));
-        if ($res < 1 || $res > 25)
-        {
-            throw new Exception('Variable res not set');
-        }
-    }
-    catch (Exception $e)
-    {
-        // If an exception occur, let's just set the default value
-        $res = $default;
-    }
-
-    // And finally, generate a correct js code with no possible injection
-    echo "params.get.res = " . $res . ";\n";