Re: Problem with views and urls
> Hello, > > I'm having a problem with views and url's. If I have a url called > "people" that has a callback to "index" works fine, but if I add a > url for parameters, let's say "people//" it does call the > index function, instead of the defined one. If I change it, for > example to "ppl//" it works fine. Any ideas? I leave here the > code. > urlpatterns = patterns('', > (r'^admin/', include(admin.site.urls)), > (r'^people/', 'IeA.gestion.views.index'), > (r'^people/(?P\d+)/$', 'IeA.gestion.views.detail'), > ) First match wins, right? A lacking $ in the first people rule will match with a trailing number as well. So I think you can solve yuour problem by either switching the order of the people patterns or add a trailing $ to the first rule: r'^people/$'. jdl -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Re: Slugify() and Clean form data Questions
> > Hope this better answers your question, > Matt Matt, Indeed it does. Thank you! I guess a bit of the frustrating part of learning Django here is stumbling across the sites that explain how to do various tidbits of functionality, and then slide in some variant [*1*] of "But one would never do this on a production site." warning. I think to myself "But this is *exactly* the functionality I need." So, uh, what *should* I do differently then? Or, um, OK, so, why not take the next step in the write-up and tell me what the best practice is so I *can* "do this in a production setting." I read chapter 20. And when I was done, I had an inkling that Django escaped my user data when it went to HTML output. Good. And I read where "Django's API does this [escape SQL] for you". But what wasn't clear to me was how much *more* I really should do. How worried should I be? Should I write better form cleaning and validating functions? Should I write custom save() functions to search for SQL or script hacks? That sort of thing. And from the sounds of it, you are saying Django has taken large and likely sufficient steps already. Most excellent! And thank you! Thanks, jdl [*1*] Off hand examples: http://lethain.com/entry/2007/dec/01/using-jquery-django-autocomplete-fields/ http://lethain.com/entry/2008/sep/21/intro-to-unintrusive-javascript-with-django/ -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Re: Slugify() and Clean form data Questions
> > Is there a reason why you can't use Form.is_valid()? It's pretty nice. > > http://docs.djangoproject.com/en/dev/ref/forms/api/#accessing-clean-data > > Example: > http://gist.github.com/311192 I get is_valid() and the notion of cleaned data. I *think*, though, that I am asking for something more robust. Will some_form.is_valid() will, say, remove (or identify) embedded SQL hacking attempts from a plain text field input? Thanks, jdl -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Re: Slugify() and Clean form data Questions
> Folks, A few days ago I asked: > Is there a canonical definition or even a reference > implementation of a slug = slugify(str) function somewhere? Thanks for taking the time to answer that for me! We pretty much beat the answer into my thick skull: Use the slugify() function as per "from django.template.defaultfilters import slugify". What about my second question from earlier?: > Is there a standard clean_user_input() that accepts direct user > input from a form text field and de-gunks it so that it is later > acceptable to be re-emitted as HTML formatted data without worry > of hacking issues? I am looking form something more clever than > simply validating the user's input to conform to "is a number" or > "is a text field" sorts of thing. I'm specifically looking for a > function that strips out embedded scripting, SQL, HTML, etc hackery. > Sure, I'd then like to use it to verify clean form input of course. How do people ensure safe user input from their forms? Thanks, jdl -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Re: Slugify() and Clean form data Questions
> > from django.template.defaultfilters import slugify > > Every filter you see listed in > http://docs.djangoproject.com/en/dev/ref/templates/builtins/ lives in > django.template.defaultfilters. Awesome! Thanks! And with that in hand, the only place I can find the string "django.template.defaultfilters" in the documentation is as a "Behind the Scenes" side-note to the "Custom Template Tags and Filters" page: http://docs.djangoproject.com/en/dev/howto/custom-template-tags/ Um, not exactly the obvious place to me. (How did you come to learn that this is where they were implemented?) And from a usability standpoint, I'm still going to have to go track down the sources to learn what that API signature actually looks like now. ... Except that I see a clear example given in http://gist.github.com/308068 now too! Most excellent! Thanks! jdl -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Re: Slugify() and Clean form data Questions
> Some places say underscores are valid, others say they removed: > > http://docs.djangoproject.com/en/dev/ref/templates/builtins/ > > slugify > > Converts to lowercase, removes non-word characters > (alphanumerics and underscores) and converts spaces to > hyphens. Also strips leading and trailing whitespace. Wow. I just now re-read that differently. (alphanumerics and underscores) are what is _left_. Would this be clearer? Converts to lowercase, allows dashes and underscores, removes other non-alphanumeric characters, and converts spaces to hyphens. Also strips leading and trailing whitespace. Dunno. jdl -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Re: Slugify() and Clean form data Questions
> > > Is there a canonical definition or even a reference implementation > > of a slug =3D slugify(str) function somewhere? Yeah, I could go > > grep through the sources and maybe find one? And yes, I see: > >=20 > >http://docs.djangoproject.com/en/dev/ref/models/fields/#slugfield > >=20 > > But even that is a bit ambiguous as to the treatment of underscores. > > Could you clarify what you mean by "ambiguous as to the treatment of unders= > cores"? I don't see an ambiguity, so I wonder what I'm missing. Some places say underscores are valid, others say they removed: http://docs.djangoproject.com/en/dev/ref/templates/builtins/ slugify Converts to lowercase, removes non-word characters (alphanumerics and underscores) and converts spaces to hyphens. Also strips leading and trailing whitespace. > My understanding is that a slug is usable as a URL; that's really the synta= > x definition, and is why it is limited to "only letters, numbers, underscor= > es or hyphens." A slug is effectively an artifact of Django's birth in jour= > nalism-on-the-web, and an extraordinarily handy one. As such, it exists fo= > r practical reasons, rather than purity. Sure, I get that. It would be nice to use the same (or at least internally consistent) definition, of course. > I do indeed use the slugify() function for precisely that pattern. Exactly *which* slugify() function? Documentation reference? Import from line? > I override the model's save method, and populate the slug field prior > to allowing the save to proceed. I picked up that trick from some > other code somewhere; it isn't uncommon. Well, yeah. That's what I want to do too! :-) Any chance you can post a snippet for me? > HTH, Somewhat! Thanks, jdl -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Slugify() and Clean form data Questions
Folks, Quick question or two: Is there a canonical definition or even a reference implementation of a slug = slugify(str) function somewhere? Yeah, I could go grep through the sources and maybe find one? And yes, I see: http://docs.djangoproject.com/en/dev/ref/models/fields/#slugfield But even that is a bit ambiguous as to the treatment of underscores. Naturally, I'm wanting to use a slug to identify some model instances based on some other model field. But it's not being entered via the Admin model, so I can't do the prepopulated_fileds[] trick either. Second question: Is there a standard clean_user_input() that accepts direct user input from a form text field and de-gunks it so that it is later acceptable to be re-emitted as HTML formatted data without worry of hacking issues? I am looking form something more clever than simply validating the user's input to conform to "is a number" or "is a text field" sorts of thing. I'm specifically looking for a function that strips out embedded scripting, SQL, HTML, etc hackery. Sure, I'd then like to use it to verify clean form input of course. Thanks, jdl -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
AJAX Autocompletion Field
Folks, For likely the umpteenth time, can someone recommend a good AJAX auto completion tutorial or example that I might use to crib-together a text-field selection that would otherwise be a very large drop-down selection field? My use case would be essentially like having a table full of say, recipie ingredients, and letting the user select which one to add into a recipe. I'd like to have the user simply start typing a few first characters and then let an autocompleter search for matches and present them to the user. The source of the matches would be a "Name" TextField in some model. What is the current Best Practice or even Good Advice? :-) Pros and cons for jQuery or extjs or something else? A good "How To" or a pointer to a write up? Thanks, jdl -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Re: Getting uploaded images to show
> 2010/2/13 holger: > > I am new to django and I am trying to get an image upload to work. > > > > My media url is > > MEDIA_URL =3D 'http://127.0.0.1:8000/media/' > > > > and my media_root is > > MEDIA_ROOT =3D os.path.join(PROJECT_ROOT, 'media') > > > > where project_root points to the root folder for the project > > > > So I want the images to be uploaded to http://127.0.0.1:8000/media/uploads/ > > > > I can see the images being uploaded to the directory but I can't > > access the file through the url in the template. > > > > What am I missing? > > > Do you have this code in urls.py? > > if settings.DEBUG: > urlpatterns +=3D patterns('', > (r'^media/(?P.*)$', > 'django.views.static.serve', {'document_root':'./media/'}), > ) > > In DEBUG mode you need such a code to serve static media. I also had difficulty even with the suggested d.v.static.serve as suggested above. I had to change the ADMIN_MEDIA_PREFIX in my settings.py to be different from MEDIA_ROOT as well. HTH, jdl -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
State of the Django MPTT Art?
Folks, I'd like to add a few MPTT manged data-sets to my projects so I am wondering what the current state of the MPTT art is. I'm using Danjgo 1.1.1 right now, and would like to slap down an MPTT manager in my project that is BSD-ish licensed, allows multiple, different sets of nodes, and hopefully comes with a good admin interface too! Googling shows both django-mptt and -treebeard, but are there good recommendations pro- or con- for either one? Or is there a better third choice out there now? Thanks, jdl -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
[ANSWER] Re: Template and Form Question
> Folks, > > I would appreciate some help figuring out how to create a > templated form scenario. The quick form of the question is > either: > > How do I iterate over two form field list simultaneously > in my template using {% for f in form %}, sort of like > {% for f,g in form1,form2 %}? > or > How do I iterate over a list of strings and use that to > select form fields in my template? > > > Gory details of and failed attempts follow... So, for the record, I failed to get any form of proper template variable use or lookup to do what I needed. However, I was able to achieve success in my table construction using the following custom template filter as found here: http://diffract.me/2009/09/django-template-filter-show-list-of-objects-as-table-with-fixed-number-of-columns/ File: my_filter.py from django import template register = template.Library() def tablecols(data, cols): rows = [] row = [] index = 0 for user in data: row.append(user) index = index + 1 if index % cols == 0: rows.append(row) row = [] # Still stuff missing? if len(row) > 0: rows.append(row) return rows register.filter('tablecols', tablecols) and then in my template: {% load my_filters %} and: {% for row in attr_form|tablecols:2 %} {% for f in row %} {% if forloop.first %} {{ f.label }} {% endif %} {{f.errors}}{{f}} {% endfor %} {% endfor %} HTH, jdl -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Template and Form Question
Folks, I would appreciate some help figuring out how to create a templated form scenario. The quick form of the question is either: How do I iterate over two form field list simultaneously in my template using {% for f in form %}, sort of like {% for f,g in form1,form2 %}? or How do I iterate over a list of strings and use that to select form fields in my template? Gory details of and failed attempts follow... I have a dynamically created form, attr_form, that derives its fields from a query and adds pairs of fields to the form roughly like this in my forms.py: def create_attribute_form(): class AttrForm(forms.Form): for every DB Attribute field, attr, on something: name = attr.name# Eg: "Volume" units = "%s-units" % name # Eg: "Volume-units" self.fields[name] = forms.FloatField() # Eg, "17.0" self.fields[units] = forms.ModelChoiceField(...) # Eg, "Liters" In my view, I trump up this form and hand it to my template in a context as "attr_form". I know this form gets to my template correctly because I can simply place {{ attr_form.as_p }} in it and all the fields are present. They are just not how I want them arranged. Specifically, I want to arrange them into a table like this: Attribute| Value | Units -|---|- Temperature |70 | C Volume |17 | Liters Which means I need to iterate over "Volume" and "Temperature" attribute names, and locate the "Volume" field and then the "Volume-units" field of my form in order to form one row of the table before going on to the next. If I just iterate over the attr_form straight up, I will see all the attributes, of course. So I kind of want to do this (not working) in my template: with: {{ attr_list }} == [ "Volume", "Temperature" ] {{ attr_form }} == The form instance with pairs of fields in it . {% for attr in attr_list %} {{attr}} {{attr_form.fields.$attr.}} {{attr_form.fields."$attr"-"units".}} {% endfor %} Naturally that $attr and constructing that $attr-"units" thing is totaly bogus. But even if I passed in a list of tuples with ("Volume", "Volume-units") in it and looped over that, I still can't use those for-loop-variables to index into the form's fields[] to get and print the fields! So another approach I tried was this: In my view, create a list of triplets with: ("Volume",, ) and pass that into the template as "attr_trio": . {% for a,v,u in attr_trio %} {{a}} {{v}} {{u}} {% endfor %} This *almost* works, but what I get is a table like: Volume object at 0x2768910> Temperature object at 0x2768050> That looks like the v and u parts are either un-instantiated, or being processed differently, or un-bound, or *something*... As another approach I've explored unsuccessfully so far, I've tried to create two forms: one with the Attribute fields and another with the corresponding Units fields. I can pass both those into the template, but now I need a way to iterate over the attr_form and units_form simultaneously so that I can grab a "Volume" and a "Volume-units" field for one row. I have the itertable list of ["Volume", "Temperature", ...] available, but I don't know how to use that iteration variable name to select the form field from the two forms: with: {{ attr_list }} == [ "Volume", "Temperature" ] {{ attr_form }} == The form instance with just Attribute fields {{ units_form }} == The form instance with corresponding Units fields . {% for a in attr_list %} {{a}} {{attr_form.a}} {{units_form.a}} {% endfor %} Even that glosses over the problem of having a form with two fields labeled with the same name. I'd really have to loop over a tuple of ("Volume", "Volume-units") like: {% for a,u in attrunit_list %} ... {{a}} {{attr_form.a}} {{units_form.u}} But none of that works either. OK. Any chance someone can point out the forehead-slapping obvious solution for me? Or point me in the right direction? Should I give up on doing this in the template and somehow render the whole form into a string in the view and pass that into the template to slap it down? Does that violate some large abstraction separation? :-) Thanks, jdl -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.