Re: Custom SQL Escaping apostrophe
[ I saw you next email, but I answer to this one, because errors are here ]
Le Tue, 15 Apr 2008 11:03:03 -0700 (PDT), AJ <[EMAIL PROTECTED]> a écrit :
> kw = 'test'
>
> sql = """
> SELECT MAX(`table`.`id`)
> FROM `table`
> WHERE `table`.`name` LIKE %s
> GROUP BY `table`.`original_id`;"""
>
> cursor.execute(sql, [kw])
>
> and I get the error "Not all arguments converted during string
> formatting"
This _should_ work, since "execute" expect an iterable as its second argument
(I guess).
Maybe you can show us the traceback ?
Be aware that you cannot use variables interpolation in the declaration of the
SQL variable.
I mean, you cannot do this :
sql = "SELECT MAX(id) FROM %s WHERE name LIKE %s" % 'table'
since Python expects to find two values, and it raises the kind of error you
told us.
However, you can do something like this :
sql = "SELECT MAX(id) FROM %s WHERE name LIKE %%s" % 'table'
(notice the double "%").
[...]
> cursor.execute("SELECT MAX(`table`.`id`) FROM `table` WHERE
> `table`.`name` LIKE '%%%s%%' GROUP BY `table`.`original_id`;", [kw])
>
> And I get a sql error, it looks like there are quotes going on the
> inside of the %'s:
>
> You have an error in your SQL syntax; check the manual that
> corresponds to your MySQL server version for the right syntax to use
> near '%'test'% GROUP BY...
You already find the correct answer, but let's explain what's happening there.
You _must_ not quote your variables into your SQL query : this is the database
backend's job, and
by passing to "cursor.execute" an iterable as its second argument, you tell it
to handle
automatically the quotation of values.
In your previous example, you already put quotation marks around the "%%%s%%".
However, the backend
doesn't know about it, so it automatically add quotations marks around "%s".
So, the following instruction :
cursor.execute("SELECT MAX(id) FROM table WHERE name LIKE '%%%s%%'",
['myvalue'])
is translated into the following SQL query :
SELECT MAX(id) FROM table WHERE name LIKE '%%'myvalue'%%'
... and obviously, it doesn't work.
So, let do the quotation's job to the database backend.
And so, if you want to add wildcards character into your value, you must add it
to your value, not
in the SQL query (but you already proposed a solution in your last email ;) ).
I hope it clarifies some obscur points ...
- Jonathan
signature.asc
Description: PGP signature
Re: Custom SQL Escaping apostrophe
AJ wrote:
[...]
> sql = """
> SELECT MAX(`table`.`id`)
> FROM `table`
> WHERE `table`.`name` LIKE '%(kw)s'
> GROUP BY `table`.`original_id`;"""
>
> sql = sql % {'kw' : '%%' + query + '%%'}
> cursor.execute(sql)
[...]
This is the wrong way to do this, and your problem explains why.
Take a look at [1] ; you were right, the db module handles those things for you.
Typically, you use "%s" in your query where you want to put an external value,
you give a list of
values to the "execute" method and the database's backend will correctly handle
the value's
quotation for you.
In addition to protect you from SQL injections, it will give you more
portability between different
databases (since they don't handle quotations the same way).
- Jonathan
[1] : http://www.djangoproject.com/documentation/model-api/#executing-custom-sql
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---
Re: Django cannot be used by large web sites?
asj2008 wrote:
> We are hitting an error that disables the entire website when we have
> more than 255 web pages...this is the error we see..has anyone seen
> this before? It does not seem to be in the documentation
>
> ImproperlyConfigured at /products/
>
> Error while importing URLconf 'company.urls': more than 255 arguments
> (urls.py, line 339)
> Request Method: GET
> Request URL: http://www.company.com/products/
> Exception Type: ImproperlyConfigured
> Exception Value: Error while importing URLconf 'company.urls': more
> than 255 arguments (urls.py, line 339)
> Exception Location: /opt/csw/lib/python2.3/site-packages/django/core/
> urlresolvers.py in _get_urlconf_module, line 255
> Python Executable:/
> Python Version: 2.3.5
It seems you exceeded a Python limit on the number of parameters passed to a
function.
I cannot find anything in the Python's documentation on such limit (any hints
would be appreciated),
but a look at Python's source code shows that this error is raised in a
function which parses
parameters list (Python/ast.c, line 1847, in r60723)
So, what are your solutions ?
Try to refactor your urls (more than 255 urls patterns is quite a lot IMHO), or
split the call to
the "patterns" function into several calls, like this :
urlpatterns = patterns('',
...
)
urlpatterns += patterns('',
...
)
- Jonathan
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---
Re: Setting up Apache & mod_python on my development computer
Hi, Brandon Taylor wrote: > > SetHandler python-program > PythonPath "['C:/django_projects/testproject'] + sys.path" > [...] Try : PythonPath "['C:/django_projects/'] + sys.path" instead, since "testproject" is the subdirectory where you project lives in. Maybe changing the DJANGO_SETTINGS_MODULE environment variable to "settings" would have done the same, but I think it's less clear that way. > When I use the command line and start the built-in server for the > project, it will run and I get the Django welcome page. I added an > environment variable called PYTHONPATH and pointed it to C: > \django_projects, but I still get the error. It should have fixed the problem, but I don't know how Apache takes environment variables into account. Hope it helps, - Jonathan --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: Django and Caching Pages
boralyl wrote: > So when I initially visit the page, it doesn't allow me to rate the > product. So I login and it redirects me to the home page(/). The > home page prints out my user name, so I know I am logged in. However > if I visit that product page again it still won't let me rate the > procduct, unless I refresh the page. After refreshing the page my > username shows up, and I am allowed to rate the product. Isn't your browser that is caching the product page on which you are not logged ? Take a look at the Django's server output, to ensure that your browser is _really_ requesting the page. - Jonathan --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: run multiple django app's on server
[EMAIL PROTECTED] wrote: > That's the weird thing, > > If we restart httpd.conf the python code will be compiled in some > cases it will show one of the projects for both ports and in a other > case it will show the other for both ports without altering anything > to the code. Both are working fine independently. So to me it seems > that while restarting apache it in some cases goes to the wrong > settings file. Could you tell us your Apache & mod_python versions ? There's a warning in the Django documentation about installing severals web sites in the same Vhost [1]. Unfortunately, this is not your case :/ Maybe you can try the PythonInterpreter tip to see if it changes something ? - Jonathan [1] : http://www.djangoproject.com/documentation/modpython/#multiple-django-installations-on-the-same-apache --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: converting string to list
MariusB wrote:
> In the view take an URL from the query:
> query = request.POST.get('q', '')
> How do I turn query from a string into a list with one element
> (['']) in the view?
I'm not sure I understand what you mean, but if you want to transform your
"query" variable into a
single-element list, you can use : query = [query] , or you can split your
"query" using the
"split()" method.
- Jonathan
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---
Re: Best practice for implementing multilingual content in template
Hi!
Le Sun, 27 Jan 2008 09:03:25 -0800 (PST), Emil
<[EMAIL PROTECTED]> a écrit :
> Hi!
>
> I'm currently working on a couple of sites where basically all content
> is to be available in two languages. I haven't used django-
> multilingual or anything readymade, but simply created double fields
> in my models for all content in the db that needs to be available in
> both languages. For example, a post with a title might have "title_en"
> and "title_sv".
>
[...]
>
> {% switch LANGUAGE_CODE %}
> {% case "en" %}{{ title_en }}{% endcase %}
> {% case "sv" %}{{ title_sv }}{% endcase %}
> {% endswitch %}
Depending on your model, you can do this switch statement inside a
model method.
Something like this :
==
from django.db import models
from django.conf import settings
class Post(models.Model):
title_en = ...
title_sv = ...
def title(self):
if settings.LANGUAGE_CODE == 'en':
return self.title_en
else:
return self.title_sv
==
... and so, your only need to specify "{{ post.title }}" in your
template.
However, it can be a bit verbose if you have several fields with the
same scheme as "title_*".
Or maybe, if you like dark magic art, you can try to set up a
__getattr__ method in your Post class, like that :
=
def __getattr__(self, attribute):
lang = settings.LANGUAGE_CODE
return getattr(self, "%s_%s" % (attribute, lang))
=
It seems to work :
>>> from django.conf import settings
>>> p = m.Post.objects.all()[0]
>>> settings.LANGUAGE_CODE
'en'
>>> p.title
u'en title'
>>> settings.LANGUAGE_CODE = 'sv'
>>> p.title
u'sv title'
>>> settings.LANGUAGE_CODE = 'en'
>>> p.title
u'en title'
... but you might want to refine this, because it's a bit hacky and it
explodes if you specify an non-existing attribute (recursives calls, and
the like).
Or, if you are not-so-evil, you can try to make a template filter,
which takes in parameters a field, and it will try to do this (instead
of the tricky use of getattr in the Model class).
Something like :
==
from django.conf import settings
from django.template.defaultfilters import stringfilter
from django import template
register = template.Library()
@register.filter
@stringfilter
def translate(obj, field):
return getattr(obj, "%s_%s" % (field, settings.LANGUAGE_CODE))
==
And you should be able to use it like that in your templates :
{{ post|translate:"title" }}
But it's not very pretty neither.
The first proposition is the cleaner, but it's not really dry.
The second one can be great, but you can shoot yourself in the foot
with __getattr__. Be careful.
I hope it might help (or give ideas ...)
- Jonathan
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---
Re: django transaction system
Le Tue, 22 Jan 2008 14:18:53 -0800 (PST), Rajesh Dhawan <[EMAIL PROTECTED]> a écrit : > - Before you execute lines of code that need to be synchronized > between processes, read mylock from memcached and set it to the > current timestamp if it's null. ... and bam, another process access the lock when it was still null, and both processes set it to a timestamp :) I don't really know memcached, but maybe it's API provide some way to avoid race conditions (maybe the 'add' function [1] from the memcached API). [1] see "What about race conditions?" in http://www.danga.com/memcached/ --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: InnoDB on?
Hi, Le Tue, 22 Jan 2008 11:08:41 -0800 (PST), "[EMAIL PROTECTED]" <[EMAIL PROTECTED]> a écrit : > > I need InnoDB for MySQL to do row locking in hopes of this working > efficiently. > > Is InnoDB on by default in MySQL 5.0? > > How can I tell? Look at the "SHOW ENGINES" SQL query http://dev.mysql.com/doc/refman/5.0/en/show-engines.html - Jonathan --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: django transaction system
Hi, Le Tue, 22 Jan 2008 11:07:45 -0800 (PST), "[EMAIL PROTECTED]" <[EMAIL PROTECTED]> a écrit : > Example: > Processes P1, P2, model instance m, with m.val > > - P1 grabs the object : m = MyModel.objects.filter(get the m i want) > [0] > - P2 grabs the object : m = MyModel.objects.filter(get the m i want) > [0] > - P1 m.val += 1 > - P2 m.val += 1 > - P1 m.save() > - P2 m.save() > > What happens normally? What happens with the transaction middleware? I guess the save() methods will set directly the new value, instead of sending a "val + 1" UPDATE to the database. So, if m.val == 0 when you load the object in both P1 and P2, it will result in : UPDATE mymodel SET val = 1 WHERE id = ? whereas you want : UPDATE mymodel SET val = val + 1 WHERE id = ? In the latter, the transaction will handle this (well, as Jeff Anderson said, the _database_ will handle this), and your "val" field will be +2. However, I'm pretty sure Django will do the former. It needs to be checked. But, I guess you can add a method (or override the save() method maybe), to send the correct SQL query. - Jonathan --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: remove ^M: project moved from window to linux
Hi, Le Sat, 12 Jan 2008 20:30:25 -0800 (PST), ocgstyles <[EMAIL PROTECTED]> a écrit : > I need to do that often at work when Windows files are moved over to > AIX. I just use vi. The key sequence is: > > :%s/^M// If you want to mimic dos2unix, you should use :%s/^M$// because those "^M" characters are only present at the end of lines (I mean, when you open a Windows-edited file in *nix). > To create the ^M character, press Ctrl+V, then M. I'm not sure what > that character is (never bothered to look), but I think may be that > extra control character that Windows uses to represent CRLF (carriage > return/line feed). Unix based system only use one control character. You're right, Unix based systems use only the line feed (LF) control character (which is represented by "\r" in Vim, BTW). You might want to read this [1] for further explanations. > I'm not sure if that affects Python at all. Testing out a simple > script with those characters shows that it doesn't matter... By experience, it doesn't affect imported module. However, it can affect an executable Python script (the one which is chmod +x and starts with "#!/usr/bin/env python"), if you want to execute it through "./you_script.py". In this case, it often returns a strange error like ": No such file or directory" > Keith - Jonathan [1] : http://en.wikipedia.org/wiki/Newline --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Using VIEWs from a database
Hi everyone, I have a project which uses a PostgreSQL database with several tables, and I have created VIEWs in this database. Now, I would like to be able to use those views from my Django project. Is there any "official" way to do this ? Currently, I made a new Model class, with the same fields as in my view, but this has several disadvantages : * I can't use syncdb anymore (or I must ensure that the view is created _before_ doing syncdb) ; * I have methods on instances of my class which should not be there (.create, .delete, .save) (at least, I'm not using materialized views). Nothing insurmountable, but this is not very pretty. So, is there anyone using database View's with Django ? How are you doing ? Thanks for your comments; - Jonathan --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: How to select objects referenced by another table ?
On 17 juil, 20:29, Tim Chase <[EMAIL PROTECTED]> wrote: > Fortunately, Django's ORM lets you get at the underlying SQL via > a call to .extra() where you can provide your own WHERE clause. > This would look something like > >Article.objects.extra(where=""" > app_article.id in (select article_id from app_photo) > """) > > You'd have to adjust for the various column-names and table-names > accordingly. Argl, I missed the 'extra' method in the documentation, thanks a lot ! --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: "Best" way of using templates
On 18 fév, 02:34, Lachlan Cannon <[EMAIL PROTECTED]> wrote:
> Jonathan Ballet wrote:
> > I think, we might use the __str__() method, since it seems the
> > simplest and cleanest way of doing this (a title is a sort of
> > presentation in fact). Or maybe, we will stick with the get_title()
> > method (or something like that ...)
>
> Don't forget, either, that you can use a get_title method with a property so
> it
> looks like a title attribute, if you prefer. Aesthetically I prefer
> {{house.title}} to {{ house.get_title }}.
Indeed :)
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---
