[web2py] Re: More Details on RESTful web2py?
At the moment it is:
@request.restful()
def as_rest():
def GET(*args,**vars):
patterns = ['/{bookmarks.id}',
'']
parsed = db.parse_as_rest(patterns,args,vars)
if parsed.status==200: return parsed.response.json()
else:
posts = db().select(db.bookmarks.ALL)
return response.render('posts/index.html', locals())
On Jun 16, 12:58 pm, Massimo Di Pierro massimo.dipie...@gmail.com
wrote:
please show us your code.
On Jun 15, 2:25 am, Web2py Newbie
swiawte...@garrifulio.mailexpire.com wrote:
As a follow up:
I want to use something like:
/myapp/api/show_comment/id
to show comment at id
and
/myapp/api/show_comment/
To show all comments
However, when I try this it complains (invalid arguments). I try to
test id against None, but id is apparently a server object.
Any ideas or do I just have to define all_comments?
[web2py] Re: How do you document your apps?
Hello everybody Thank you very much for your answers! I think I'll try a combination of plugin_wiki with epydoc. Have a nice day! Marcel @Pierre: I'm using PyCharm instead of pydev - but thank you anyway! On 15 Jun., 19:29, Pierre Thibault pierre.thibau...@gmail.com wrote: I like epydoc. It is supported by pydev. It is simple. Sphinx is more both more powerful and more complex. I am sending my epydoc Eclipse external tool as an attachment. I think you just have to put the file somewhere in an open project to make it available as a external tool. To use it, click on your project and choose the command from the external tool menu available in the tool bar. 2011/6/15 Marcel Luethi marcel.lue...@gmail.com Hello! I just finished an internal project using web2py (1.95.1) and have to document it for my colleagues. Preferably it is a system based of doc strings. Maybe Sphinx? Question: What are you using? Do you have any suggestions? Thanks in advance for your input! Best regards, Marcel -- A+ - Pierre My blog and profile (http://pierrethibault.posterous.com)http://pierrethibault.posterous.com YouTube page (http://www.youtube.com/user/tubetib)http://www.youtube.com/user/tubetib Twitter (http://twitter.com/pierreth2) http://twitter.com/pierreth2 Epydoc.launch 1KAnzeigenHerunterladen
[web2py] Re: Spello in @request.restful() parsed.error
On Jun 16, 4:03 am, Web2py Newbie swiawte...@garrifulio.mailexpire.com wrote: Is there a bug tracker somewhere I'm supposed to use? http://code.google.com/p/web2py/issues/list
[web2py] Re: fyi: web2py 1.96.4 breaks with pywin32-2.16 - fine with pywin32-2.14
No, this is a fresh install from the Windows source version of www.web2py.com. The error occured when asking for /admin. To me it seems like the portalocker.lock(response.session_file, portalocker.LOCK_EX) call imports pywin32 mercurial(!) in a strange way. Regards, Andreas On Jun 15, 11:14 pm, Massimo Di Pierro massimo.dipie...@gmail.com wrote: This traceback is not compatible with the code: try: ... import pywintypes os_locking = 'windows' except: pass if os_locking == 'windows': __overlapped = pywintypes.OVERLAPPED() Did you change the code? On Jun 15, 3:39 pm, baloan balo...@googlemail.com wrote: After a system upgrade I found that web2py 1.96.4 breaks with pywin32 2.16. It works fine with pywin32 2.14. The installation features mercurial 1.7.5. I can't use mercurial 1.8.4 because it breaks my trac 0.12.2 installation. With web2py 1.96.4, pywin32 2.16, mercurial 1.7.5 I see the following error: Traceback (most recent call last): File D:\\Home\\web\\web2py\\gluon\\main.py, line 516, in wsgibase session._try_store_on_disk(request, response) File D:\\Home\\web\\web2py\\gluon\\globals.py, line 494, in _try_store_on_disk portalocker.lock(response.session_file, portalocker.LOCK_EX) File C:\\Apps\\Python27\\lib\\site-packages\\mercurial\ \demandimport.py, line 75, in __getattribute__ self._load() File C:\\Apps\\Python27\\lib\\site-packages\\mercurial\ \demandimport.py, line 47, in _load mod = _origimport(head, globals, locals) File D:\\Home\\web\\web2py\\gluon\\portalocker.py, line 69, in module __overlapped = pywintypes.OVERLAPPED() File C:\\Apps\\Python27\\lib\\site-packages\\mercurial\ \demandimport.py, line 75, in __getattribute__ self._load() File C:\\Apps\\Python27\\lib\\site-packages\\mercurial\ \demandimport.py, line 47, in _load mod = _origimport(head, globals, locals) File C:\\Apps\\Python27\\lib\\site-packages\\win32\\lib\ \pywintypes.py, line 124, in module __import_pywin32_system_module__(pywintypes, globals()) File C:\\Apps\\Python27\\lib\\site-packages\\win32\\lib\ \pywintypes.py, line 98, in __import_pywin32_system_module__ raise ImportError(No system module \'%s\' (%s) % (modname, filename)) ImportError: No system module \'pywintypes\' (pywintypes27.dll)
[web2py] Linking directly to an uploaded image
Hi guys.
I have a table (called anuncio) with an upload field (called foto), so
anuncio.foto is my upload field.
I'm showing and linking it with this piece of code in my view :
{{url = URL(c='anuncios',f='download', args=['uploads', anuncio.foto])}}
{{=A(IMG(_src=url), _href=url)}}
My /contollers/anuncios.py/download() function is the default, as seen below:
def download():
return response.download(request,db)
When user clicks on this image, browser shows the download dialog,
asking him/her where to save the image.
But I'd like to simply show the image, not present the download
dialog. All these images will be public.
How I solved it:
1) I entered in /myapp/static/images and created a symbolic link
called 'uploads' pointing to /myapp/uploads.
2) In my view, I changed the: {{url = URL(...}} stuff by this: {{url =
URL(c='static', f='images', args=['uploads', anuncio.foto])}}
I think this isn't the best choice because I'm pointing URL() to a
fake controller and function, and I'm counting on an external
resource: a symbolic link in my filesystem.
How would be the web2pythonic way to do this?
--
Vinicius Assef.
[web2py] Re: web2py book changelog?
Yes. Same reason I asked. Thanks. On Jun 14, 6:10 am, Sebastian E. Ovide sebastian.ov...@gmail.com wrote: web2py is adding so many functionalities that it is difficult to understand what the book is documenting. It would be great to have a changelog... or at least a web2py version that the book is referring to On Sat, Jun 11, 2011 at 2:19 AM, niknok nikolai...@gmail.com wrote: Is there like a change log for the web2py book where I can view what's been added or modified recently? /r -- Sebastian E. Ovide
[web2py] updating session cookie
In db.py I've added fields to table_user_name My code updates one of these 'extended' fields with update_record(). The code also accesses auth.user.fieldname but I think these values get populated from a cookie. a) is it true that a cookie is used b) if a) is true, how to I refresh the cookie? c) if b) isn't true, where am I going wrong?
[web2py] Auth over SSL
There may be a security problem for all of you using Auth. Even if the login process is done threw SSL the session should be also kept over SSL or else you may be vulnerable to session hijacking ( http://en.wikipedia.org/wiki/Session_hijacking ) attacks. My question is, is there a control to make auth methods and logged in sessions to be kept over https and https only leaving at the same time, public data to be transmitted as clear data? Thank you, Best regards
[web2py] Is there anyone working with web2py and CouchDB or MongoDB?
Is there anyone working with web2py and CouchDB ... something more beyond
the simple tests ? If so can you share some experience or even some project
source or something?
One question ... how can i get the former connection object that comes from
couch = couchdb.Server('http://example.com:5984/') if I your couchdb library
directly ? I would like to you it for example for attachment management etc.
David
[web2py] Download of big files broken (was: Chunked downloads and corrupt files with Internet Explorer 8 (IE8))
The higher value for chunk_size didn't work with a 33 MiB file. Even
in Firefox 4.
So I tried 1.96.4 (Rocket 1.2.2) on Windows XP.
Made a new and simple app (dtest). The download there uses
response.download(request,db) as well.
1 simple table: db.define_table('stuff', Field('file', 'upload'))
Upload of the 33 MiB file via db admin, content listed on
http://127.0.0.1:8001/dtest/default/data/select/stuff (default
function data with return dict(form=crud()). Download with
Internet Explorer 8 (after removing the tag that switches to Chrome
Frame, to have a realistic test like normal users).
Download was broken. A few KiB were missing. This was on localhost.
Remote tests have even worse results.
On 6 Mai, 17:51, Massimo Di Pierro massimo.dipie...@gmail.com wrote:
Can you try 1.95.1
On May 6, 6:03 am, Stefan Scholl stefan.sch...@gmail.com wrote:
The classicdownloadfunction:
defdownload():
return response.download(request, db)
I'm developing on localhost (127.0.0.1, no SSL) and one strange thing
happened: Downloads in IE8 (Windows XP) were all corrupt/broken if
they weren't below 64KiB in size. Very easy to see with large images.
Using a higher value for the argument 'chunk_size' solves this
problem, up to this new maximum.
web2py 1.91.6
[web2py] unique and alphanumeric
Hi All,
The following table definition does not work all the time. Sometimes
it gives the following error: IntegrityError: column name is not
unique. I want to receive the error at the form level.
db.define_table('testtable',
Field('name', 'text', unique=True, notnull=True),
migrate=True)
db.testtable.name.requires=IS_NOT_EMPTY()
db.testtable.name.requires=IS_NOT_IN_DB(db, db.testtable.name)
db.testtable.name.requires = IS_ALPHANUMERIC()
Note: If I comment db.testtable.name.requires = IS_ALPHANUMERIC(), I
can get the error at the form level.
Did anybody observe this behavior? I am using sqlite database.
[web2py] Android sl4a
web2py Version 1.96.4 under sl4a (android / python 2.6.2) does not
start due to a few errors.
The first one is in dal.py
It seems that there was already half fixed, the problem is in
path_encoding = sys.getfilesystemencoding() or
locale.getdefaultlocale()[1]
the result is empty here.
There is one place in the code where this was fixed already (with an
additional or 'utf8'), this fix should also go to the other places
where the same structure is used.
PATCH
diff -U 3 -H -d -r -N -- web2py/gluon/dal.py web2py_droid/gluon/dal.py
--- web2py/gluon/dal.py 2011-06-07 22:07:48.0 +0200
+++ web2py_droid/gluon/dal.py 2011-06-16 10:14:49.677764405 +0200
@@ -1487,7 +1487,7 @@
self.folder = folder
self.db_codec = db_codec
self.find_or_make_work_folder()
-path_encoding = sys.getfilesystemencoding() or
locale.getdefaultlocale()[1]
+path_encoding = sys.getfilesystemencoding() or
locale.getdefaultlocale()[1] or 'utf8'
if uri.startswith('sqlite:memory'):
dbpath = ':memory:'
else:
@@ -1523,7 +1523,7 @@
self.folder = folder
self.db_codec = db_codec
self.find_or_make_work_folder()
-path_encoding = sys.getfilesystemencoding() or
locale.getdefaultlocale()[1]
+path_encoding = sys.getfilesystemencoding() or
locale.getdefaultlocale()[1] or 'utf8'
if uri.startswith('sqlite:memory'):
dbpath = ':memory:'
else:
The second thing is in cache.py
os.unlink(self.shelve_name) gives an exception because the file is not
found.
In the code there is an if statement which is True when the file does
not exist.
In the if there is an open for reading, which failes in case the file
does not exist, deleting the file will in that case also fail..
PATCH
diff -U 3 -H -d -r -N -- web2py_unicode/gluon/cache.py web2py_droid/
gluon/cache.py
--- web2py_unicode/gluon/cache.py 2011-06-07 22:07:48.0 +0200
+++ web2py_droid/gluon/cache.py 2011-06-16 10:35:38.625610104 +0200
@@ -257,7 +257,10 @@
except:
logger.error('corrupted file %s, deleting it!' \
% self.shelve_name)
-os.unlink(self.shelve_name)
+ try:
+ os.unlink(self.shelve_name)
+ except:
+ pass # open could fail in case the fail doensn't exist..
Unlink
will fail than also...
if locker_locked:
portalocker.unlock(locker)
if locker:
[web2py] Re: More Details on RESTful web2py?
Then you need to call
/myapp/api/as_rest/1.json
where api is the controller, as_rest is your function, 1 is the
{bookmark.id}.
On Jun 16, 12:51 am, Web2py Newbie
swiawte...@garrifulio.mailexpire.com wrote:
At the moment it is:
@request.restful()
def as_rest():
def GET(*args,**vars):
patterns = ['/{bookmarks.id}',
'']
parsed = db.parse_as_rest(patterns,args,vars)
if parsed.status==200: return parsed.response.json()
else:
posts = db().select(db.bookmarks.ALL)
return response.render('posts/index.html', locals())
On Jun 16, 12:58 pm, Massimo Di Pierro massimo.dipie...@gmail.com
wrote:
please show us your code.
On Jun 15, 2:25 am, Web2py Newbie
swiawte...@garrifulio.mailexpire.com wrote:
As a follow up:
I want to use something like:
/myapp/api/show_comment/id
to show comment at id
and
/myapp/api/show_comment/
To show all comments
However, when I try this it complains (invalid arguments). I try to
test id against None, but id is apparently a server object.
Any ideas or do I just have to define all_comments?
[web2py] Re: Auth over SSL
You are correct. If you want to prevent session hijacking you need to force cookies over https. You can do this in your program session._secure=True But it is up to you to setup https. On Jun 16, 5:43 am, blackthorne francisco@gmail.com wrote: There may be a security problem for all of you using Auth. Even if the login process is done threw SSL the session should be also kept over SSL or else you may be vulnerable to session hijacking (http://en.wikipedia.org/wiki/Session_hijacking) attacks. My question is, is there a control to make auth methods and logged in sessions to be kept over https and https only leaving at the same time, public data to be transmitted as clear data? Thank you, Best regards
[web2py] Re: updating session cookie
the logged in user is stored in session.auth.user so yes, if you change the user info in db, you will not see the change in session.auth.user until you reload. You need to change the info in both places. On Jun 16, 5:17 am, Carl m...@carlroach.com wrote: In db.py I've added fields to table_user_name My code updates one of these 'extended' fields with update_record(). The code also accesses auth.user.fieldname but I think these values get populated from a cookie. a) is it true that a cookie is used b) if a) is true, how to I refresh the cookie? c) if b) isn't true, where am I going wrong?
[web2py] Re: Web2py Single Sign On Free with another application
Fantastic than if you have the latest web2py you should just need to follow the instructions in web2py/gluon/contrib.login_methods/cas_auth.py On Jun 16, 6:14 am, Neveen Adel nevo.a...@gmail.com wrote: Thanks a lot Massimo for you help :) Sorry about the misunderstanding. I searched on the protocol and i found the Tomcat 6 uses CAS Protocol. On Jun 15, 5:15 pm, Massimo Di Pierro massimo.dipie...@gmail.com wrote: We need more details about the Java app. Examples of single sign on protocols are CAS, OpenID, Oauth, Kerberos. On Jun 15, 7:59 am, Neveen Adel nevo.a...@gmail.com wrote: Thanks Massimo for your reply. I think it use HTTP protocol . On Jun 14, 5:49 pm, Massimo Di Pierro massimo.dipie...@gmail.com wrote: yes but ow depends on what single sign on protocol is supported by the Java app. On Jun 14, 8:46 am, Neveen Adel nevo.a...@gmail.com wrote: Hello, I have a web2py application and another java application (using Tomcat). and there is links inside tomcat application that call java application. How can i use Single Sign to make the link of the java application not open if the user not logged in? Thanks in Advance
[web2py] Re: Android sl4a
Thank you! Fixed in trunk.
On Jun 16, 3:55 am, Corne Dickens corne.dick...@gmail.com wrote:
web2py Version 1.96.4 under sl4a (android / python 2.6.2) does not
start due to a few errors.
The first one is in dal.py
It seems that there was already half fixed, the problem is in
path_encoding = sys.getfilesystemencoding() or
locale.getdefaultlocale()[1]
the result is empty here.
There is one place in the code where this was fixed already (with an
additional or 'utf8'), this fix should also go to the other places
where the same structure is used.
PATCH
diff -U 3 -H -d -r -N -- web2py/gluon/dal.py web2py_droid/gluon/dal.py
--- web2py/gluon/dal.py 2011-06-07 22:07:48.0 +0200
+++ web2py_droid/gluon/dal.py 2011-06-16 10:14:49.677764405 +0200
@@ -1487,7 +1487,7 @@
self.folder = folder
self.db_codec = db_codec
self.find_or_make_work_folder()
- path_encoding = sys.getfilesystemencoding() or
locale.getdefaultlocale()[1]
+ path_encoding = sys.getfilesystemencoding() or
locale.getdefaultlocale()[1] or 'utf8'
if uri.startswith('sqlite:memory'):
dbpath = ':memory:'
else:
@@ -1523,7 +1523,7 @@
self.folder = folder
self.db_codec = db_codec
self.find_or_make_work_folder()
- path_encoding = sys.getfilesystemencoding() or
locale.getdefaultlocale()[1]
+ path_encoding = sys.getfilesystemencoding() or
locale.getdefaultlocale()[1] or 'utf8'
if uri.startswith('sqlite:memory'):
dbpath = ':memory:'
else:
The second thing is in cache.py
os.unlink(self.shelve_name) gives an exception because the file is not
found.
In the code there is an if statement which is True when the file does
not exist.
In the if there is an open for reading, which failes in case the file
does not exist, deleting the file will in that case also fail..
PATCH
diff -U 3 -H -d -r -N -- web2py_unicode/gluon/cache.py web2py_droid/
gluon/cache.py
--- web2py_unicode/gluon/cache.py 2011-06-07 22:07:48.0 +0200
+++ web2py_droid/gluon/cache.py 2011-06-16 10:35:38.625610104 +0200
@@ -257,7 +257,10 @@
except:
logger.error('corrupted file %s, deleting it!' \
% self.shelve_name)
- os.unlink(self.shelve_name)
+ try:
+ os.unlink(self.shelve_name)
+ except:
+ pass # open could fail in case the fail doensn't exist..
Unlink
will fail than also...
if locker_locked:
portalocker.unlock(locker)
if locker:
[web2py] Re: Auth over SSL
On Thursday, June 16, 2011 9:48:47 AM UTC-4, Massimo Di Pierro wrote: You are correct. If you want to prevent session hijacking you need to force cookies over https. You can do this in your program session._secure=True Doesn't session.secure() do the same thing (i.e., sets session._secure=True)? Also, setting a secure cookie tells the user agent to only send the cookie back to the server via a secure channel, but don't you also have to make sure that the cookie is originally delivered over https? What if the session first starts out over http (so the session cookie is initially sent insecurely) and then switches to https -- couldn't someone grab the session cookie on the initial send? Anthony
[web2py] Re: unique and alphanumeric
These:
db.testtable.name.requires=IS_NOT_IN_DB(db, db.testtable.name)
db.testtable.name.requires = IS_ALPHANUMERIC()
shuld be
db.testtable.name.requires= (IS_ALPHANUMERIC(),IS_NOT_IN_DB(db,
db.testtable.name))
otherwise the second requires overrides the previous ones, web2py
checks only for IS_ALPHANUMERIC, not uniqueness and the database
checks for uniqueness raising an exception.
On Jun 16, 12:27 am, matt grham matt.gr...@gmail.com wrote:
Hi All,
The following table definition does not work all the time. Sometimes
it gives the following error: IntegrityError: column name is not
unique. I want to receive the error at the form level.
db.define_table('testtable',
Field('name', 'text', unique=True, notnull=True),
migrate=True)
db.testtable.name.requires=IS_NOT_EMPTY()
db.testtable.name.requires=IS_NOT_IN_DB(db, db.testtable.name)
db.testtable.name.requires = IS_ALPHANUMERIC()
Note: If I comment db.testtable.name.requires = IS_ALPHANUMERIC(), I
can get the error at the form level.
Did anybody observe this behavior? I am using sqlite database.
[web2py] Re: making requests to components from outside
On Sunday, June 12, 2011 8:52:42 AM UTC-4, Anthony wrote: Actually, now I see that there are two distinct arguments to the jqgrid widget, '_id' and 'id'. It looks like the '_id' argument is completely ignored, but if you specify 'id', it will be used as the jqgrid table id (via the current line 243). Neither the docstring nor the book describe this correctly. Note, I have submitted a patch to fix this. Once it is applied, the '_id' argument will work as documented, and the 'id' argument will be gone. I also corrected the book (and the docstring) to indicate that '_id' sets the id of a TABLE that contains the jqgrid, not a DIV, as it incorrectly stated. Anthony
[web2py] Re: Auth over SSL
It could. I think it would be interesting to have a control to redirect by default to https, whether it is a login or an authenticated session, kind of what we already have for appadmin... On Jun 16, 2:57 pm, Anthony abasta...@gmail.com wrote: On Thursday, June 16, 2011 9:48:47 AM UTC-4, Massimo Di Pierro wrote: You are correct. If you want to prevent session hijacking you need to force cookies over https. You can do this in your program session._secure=True Doesn't session.secure() do the same thing (i.e., sets session._secure=True)? Also, setting a secure cookie tells the user agent to only send the cookie back to the server via a secure channel, but don't you also have to make sure that the cookie is originally delivered over https? What if the session first starts out over http (so the session cookie is initially sent insecurely) and then switches to https -- couldn't someone grab the session cookie on the initial send? Anthony
[web2py] Re: updating session cookie
thanks. a little detail needed: given my extra field is called 'tag' can I change its value like: session.auth.user.tag = 'new value' but then how do I get the session to update the cookie ready for the next browser load/refresh? On Jun 16, 2:46 pm, Massimo Di Pierro massimo.dipie...@gmail.com wrote: the logged in user is stored in session.auth.user so yes, if you change the user info in db, you will not see the change in session.auth.user until you reload. You need to change the info in both places. On Jun 16, 5:17 am, Carl m...@carlroach.com wrote: In db.py I've added fields to table_user_name My code updates one of these 'extended' fields with update_record(). The code also accesses auth.user.fieldname but I think these values get populated from a cookie. a) is it true that a cookie is used b) if a) is true, how to I refresh the cookie? c) if b) isn't true, where am I going wrong?
[web2py] debugging WSGI web2py python apps
I'm trying to debug a web2py app working with WSGI on webfaction. First, I've activated the Logging = True in the wsgihandler and now I can read the httpserver.log. I've also read many things on exposing request/response objects but what I really wanted would be the possibility to read print calls in the app so I can check on variables content throughout the whole process. Offline it is easy but how can we do this on a WSGI deployed web2py app? Thank you, Best regards
[web2py] Re: Auth over SSL
On Thursday, June 16, 2011 11:12:16 AM UTC-4, blackthorne wrote: It could. I think it would be interesting to have a control to redirect by default to https, whether it is a login or an authenticated session, kind of what we already have for appadmin... I don't think admin or appadmin redirect to https -- they just fail if the connection is not over https (or local).
[web2py] SQL forms
Hi,
I have this:
tags=db().select(db.event_tags.ALL)
form
=SQLFORM(db.events,fields=['title','venue','starttime','endtime','location','image','cost','website','booking','latlng','information'])
#form = SQLFORM(db.events)
my_extra_element = TR(,INPUT(_id='Lookup',_value=Check
Map,_type='submit'))
form[0].insert(5,my_extra_element)
my_extra_element = TR(Add
Tags,SELECT(_name='tags',_multiple='multiple',*[OPTION(tags[i].name,_value=str(tags[i].id))
for i in range(len(tags))]))
form[0].insert(-1,my_extra_element)
if form.accepts(request.vars, session,keepvalues=True):
db.events.insert(**db.events._filter_fields(form.vars))
cache.ram.clear()
response.flash = 'form accepted'
redirect(URL('index'))
print form accepted
elif form.errors:
response.flash = 'form has errors'
print form has errors
else:
response.flash = 'please fill out the form'
print fill out form
return dict(form=form)
this is part of the database model is this:
Field('image', 'upload',label=T('Profile Image')),
Field('userid',db.auth_user,default = auth.user and auth.user.id),
Field('tags','list:reference event_tags')
Whenever I submit the form, 2 records get added. I'm not sure as to
why this is happening.
Could anyone shed some light on this problem ?
Nils
[web2py] Re: debugging WSGI web2py python apps
does the {{=response.toolbar()}} help?
On Jun 16, 10:20 am, blackthorne francisco@gmail.com wrote:
I'm trying to debug a web2py app working with WSGI on webfaction.
First, I've activated the Logging = True in the wsgihandler and now I
can read the httpserver.log.
I've also read many things on exposing request/response objects but
what I really wanted would be the possibility to read print calls in
the app so I can check on variables content throughout the whole
process.
Offline it is easy but how can we do this on a WSGI deployed web2py
app?
Thank you,
Best regards
[web2py] Re: updating session cookie
That's automatic. If you just do auth.user.tag = 'new value' than the new value is stored in the session and retrieved at next http request On Jun 16, 10:19 am, Carl m...@carlroach.com wrote: thanks. a little detail needed: given my extra field is called 'tag' can I change its value like: session.auth.user.tag = 'new value' but then how do I get the session to update the cookie ready for the next browser load/refresh? On Jun 16, 2:46 pm, Massimo Di Pierro massimo.dipie...@gmail.com wrote: the logged in user is stored in session.auth.user so yes, if you change the user info in db, you will not see the change in session.auth.user until you reload. You need to change the info in both places. On Jun 16, 5:17 am, Carl m...@carlroach.com wrote: In db.py I've added fields to table_user_name My code updates one of these 'extended' fields with update_record(). The code also accesses auth.user.fieldname but I think these values get populated from a cookie. a) is it true that a cookie is used b) if a) is true, how to I refresh the cookie? c) if b) isn't true, where am I going wrong?
[web2py] Re: Auth over SSL
Correct. If you want to force https you need to configure apache or other web server On Jun 16, 10:51 am, Anthony abasta...@gmail.com wrote: On Thursday, June 16, 2011 11:12:16 AM UTC-4, blackthorne wrote: It could. I think it would be interesting to have a control to redirect by default to https, whether it is a login or an authenticated session, kind of what we already have for appadmin... I don't think admin or appadmin redirect to https -- they just fail if the connection is not over https (or local).
Re: [web2py] Re: updating session cookie
ah! I'm setting and retrieving the value via json using two @service.jsonrpc functions. Have I found a hole? or should I be adding a little more code within my json setter function? On 16 June 2011 16:57, Massimo Di Pierro massimo.dipie...@gmail.com wrote: That's automatic. If you just do auth.user.tag = 'new value' than the new value is stored in the session and retrieved at next http request On Jun 16, 10:19 am, Carl m...@carlroach.com wrote: thanks. a little detail needed: given my extra field is called 'tag' can I change its value like: session.auth.user.tag = 'new value' but then how do I get the session to update the cookie ready for the next browser load/refresh? On Jun 16, 2:46 pm, Massimo Di Pierro massimo.dipie...@gmail.com wrote: the logged in user is stored in session.auth.user so yes, if you change the user info in db, you will not see the change in session.auth.user until you reload. You need to change the info in both places. On Jun 16, 5:17 am, Carl m...@carlroach.com wrote: In db.py I've added fields to table_user_name My code updates one of these 'extended' fields with update_record(). The code also accesses auth.user.fieldname but I think these values get populated from a cookie. a) is it true that a cookie is used b) if a) is true, how to I refresh the cookie? c) if b) isn't true, where am I going wrong?
[web2py] Re: unique and alphanumeric
Thank you! That worked.
On Jun 16, 6:53 am, Massimo Di Pierro massimo.dipie...@gmail.com
wrote:
These:
db.testtable.name.requires=IS_NOT_IN_DB(db, db.testtable.name)
db.testtable.name.requires = IS_ALPHANUMERIC()
shuld be
db.testtable.name.requires= (IS_ALPHANUMERIC(),IS_NOT_IN_DB(db,
db.testtable.name))
otherwise the second requires overrides the previous ones, web2py
checks only for IS_ALPHANUMERIC, not uniqueness and the database
checks for uniqueness raising an exception.
On Jun 16, 12:27 am, matt grham matt.gr...@gmail.com wrote:
Hi All,
The following table definition does not work all the time. Sometimes
it gives the following error: IntegrityError: column name is not
unique. I want to receive the error at the form level.
db.define_table('testtable',
Field('name', 'text', unique=True, notnull=True),
migrate=True)
db.testtable.name.requires=IS_NOT_EMPTY()
db.testtable.name.requires=IS_NOT_IN_DB(db, db.testtable.name)
db.testtable.name.requires = IS_ALPHANUMERIC()
Note: If I comment db.testtable.name.requires = IS_ALPHANUMERIC(), I
can get the error at the form level.
Did anybody observe this behavior? I am using sqlite database.
[web2py] Re: Numeric overflow error in pgsql
If I understand 9.99 has 6 digits therefore a precision of 6. Same for 1000.00 On Jun 16, 11:16 am, pbreit pbreitenb...@gmail.com wrote: I'm getting this error which looks wrong to me: A field with precision 5, scale 2 must round to an absolute value less than 10^3 I was expecting that a decimal could up to 9.99 but it is failing on 1000.00
[web2py] Numeric overflow error in pgsql
I'm getting this error which looks wrong to me: A field with precision 5, scale 2 must round to an absolute value less than 10^3 I was expecting that a decimal could up to 9.99 but it is failing on 1000.00
Re: [web2py] prettyPhoto with web2py
Could somebody share some examples of how you have integrated prettyphoto into web2py? Kenneth I am using on http://CursoDePython.com.br , no problem -- Bruno Rocha [ About me: http://zerp.ly/rochacbruno ] [ Aprenda a programar: http://CursoDePython.com.br ] [ O seu aliado nos cuidados com os animais: http://AnimalSystem.com.br ] [ Consultoria em desenvolvimento web: http://www.blouweb.com ] On Wed, Jun 15, 2011 at 8:34 AM, Sahil Arora sahilarora...@gmail.com mailto:sahilarora...@gmail.com wrote: Has anyone tried using prettyPhoto (http://www.no-margin-for-errors.com/projects/prettyphoto-jquery-lightbox-clone/) with web2py. I was trying for single photo(as in demo), but facing problems.
[web2py] Re: Numeric overflow error in pgsql
Yeah, I was thinking 5,2 meant I could have 5 digits on the left of the decimal but looks like it's all digits total. Not sure why I haven't run into that before now.
[web2py] Re: Numeric overflow error in pgsql
perhaps because web2py with sqlite treats decimal and float and ignores precision. On Jun 16, 11:35 am, pbreit pbreitenb...@gmail.com wrote: Yeah, I was thinking 5,2 meant I could have 5 digits on the left of the decimal but looks like it's all digits total. Not sure why I haven't run into that before now.
[web2py] Re: debugging WSGI web2py python apps
it helps but not the same thing.
e.g.:
Right now, I'm having an issue with the auth.register action that
doesn't seem to work ( http://www.digitalloft.org/homepage/default/user/register
). I wanted to print markers to get the position in the code that is
being executed so I can infer the flow behind this situation. the
request.toolbar() doesn't give me that, although it seems very useful.
Any ideas on how to read prints done in WSGI web2py apps?
Thank you
On Jun 16, 4:55 pm, Massimo Di Pierro massimo.dipie...@gmail.com
wrote:
does the {{=response.toolbar()}} help?
On Jun 16, 10:20 am, blackthorne francisco@gmail.com wrote:
I'm trying to debug a web2py app working with WSGI on webfaction.
First, I've activated the Logging = True in the wsgihandler and now I
can read the httpserver.log.
I've also read many things on exposing request/response objects but
what I really wanted would be the possibility to read print calls in
the app so I can check on variables content throughout the whole
process.
Offline it is easy but how can we do this on a WSGI deployed web2py
app?
Thank you,
Best regards
[web2py] Refreshing component
Hi
I have a component on my page that displays the auth_users that have
membership the specific auth_group. I have some the following js to
remove someone from a group:
function deleteMembership(userId, groupId) {
$.ajax({
type: POST,
url:'../groupUserDelete',
data:'userId=' + userId + 'groupId=' + groupId,
success: web2py_component('../groupUsers/{{=groupId}}'),
});
}
it is working except for my 'success' case. I'm trying to reload just
the component and not the entire page. I've verified the rest of this
works by specifying location.reload() in the success case and that
successfully reloads then entire page. I'm trying to just reload the
component. This javascript is in the .load file for the component. Any
clues as to what I'm doing incorrectly?
-Jim
[web2py] Re: debugging WSGI web2py python apps
I use this logger which works well: https://groups.google.com/d/msg/web2py/P4G0-UWGldU/0afuX8Tpa_cJ
[web2py] Re: Auth over SSL
Is this a theoretical issue or an actual issue?
[web2py] Re: Linking directly to an uploaded image
Is your foto filed type 'upload'?
Field http://web2py.com/book/default/docstring/Field('file', 'upload')
Can you make it look like this:
img src={{=URL http://web2py.com/book/default/docstring/URL('download',
args=image.file)}} /
*http://web2py.com/book/default/chapter/03#An-Image-Blog
*
[web2py] Re: Refreshing component
Try replace
success: web2py_component('../groupUsers/{{=groupId}}'),
with
success: function() { web2py_component('../groupUsers/
{{=groupId}}'); },
On Jun 16, 12:02 pm, Jim Steil j...@qlf.com wrote:
Hi
I have a component on my page that displays the auth_users that have
membership the specific auth_group. I have some the following js to
remove someone from a group:
function deleteMembership(userId, groupId) {
$.ajax({
type: POST,
url:'../groupUserDelete',
data:'userId=' + userId + 'groupId=' + groupId,
success: web2py_component('../groupUsers/{{=groupId}}'),
});
}
it is working except for my 'success' case. I'm trying to reload just
the component and not the entire page. I've verified the rest of this
works by specifying location.reload() in the success case and that
successfully reloads then entire page. I'm trying to just reload the
component. This javascript is in the .load file for the component. Any
clues as to what I'm doing incorrectly?
-Jim
[web2py] typo in documentation
At http://web2py.com/book/default/chapter/08?search=openid#Other-Login-Methods-and-Login-Forms the documentation says OpenIDAUth requires the python-open installed separately. It should be OpenIDAUth requires the python-openid installed separately, as I verified by looking into the comments in the code.
[web2py] Making a field non-editable, but writable using SQLFORM
I have a situation where I need to adjust an SQLFORM field to be non-editable. I can do that with .writable = False, but that seems to also prevents database I/O for that field. What I'm trying to do is set a default that cannot be changed. Is there a way to set an SQLFORM field so that it appears as a label on the form itself, but is still writable for the database? For reference, I'm doing this with a field in the form returned by auth.register, so I cannot insert code between the form creation and the accepts call. I believe I'm restricted to working with the model before calling auth.register, or by using custom forms. Jay
Re: [web2py] Making a field non-editable, but writable using SQLFORM
You can change this on the fly, no need to do it only in models, it can be done in controllers. ### controllers/comecontroller.py db.table.field.writable = False # change the field to writable false form = SQLFORM(db.table) # build the form db.table.field.writable = True #change it again return dict(form=form) -- Bruno Rocha [ About me: http://zerp.ly/rochacbruno ] On Thu, Jun 16, 2011 at 3:05 PM, Jay Shaffstall jshaffst...@gmail.comwrote: I have a situation where I need to adjust an SQLFORM field to be non-editable. I can do that with .writable = False, but that seems to also prevents database I/O for that field. What I'm trying to do is set a default that cannot be changed. Is there a way to set an SQLFORM field so that it appears as a label on the form itself, but is still writable for the database? For reference, I'm doing this with a field in the form returned by auth.register, so I cannot insert code between the form creation and the accepts call. I believe I'm restricted to working with the model before calling auth.register, or by using custom forms. Jay
Re: [web2py] Making a field non-editable, but writable using SQLFORM
Sorry, I answered before read entire message, if you want to chamhe it in form only, better to use the 'represent' attribute db.table.field.represent = lambda f: label %s /label % f -- Bruno Rocha [ About me: http://zerp.ly/rochacbruno ] On Thu, Jun 16, 2011 at 3:05 PM, Jay Shaffstall jshaffst...@gmail.comwrote: I have a situation where I need to adjust an SQLFORM field to be non-editable. I can do that with .writable = False, but that seems to also prevents database I/O for that field. What I'm trying to do is set a default that cannot be changed. Is there a way to set an SQLFORM field so that it appears as a label on the form itself, but is still writable for the database? For reference, I'm doing this with a field in the form returned by auth.register, so I cannot insert code between the form creation and the accepts call. I believe I'm restricted to working with the model before calling auth.register, or by using custom forms. Jay
[web2py] Re: Refreshing component
The target is missing
success: function() { web2py_component('../groupUsers/{{=groupId}}',
'target'); },
where 'target' must be the id (in quotes) of the component to be
refreshed.
On Jun 16, 1:13 pm, Jim Steil j...@qlf.com wrote:
Massimo
Thanks for the reply. I made the change you recommended. I can see
that the function is called using firebug, but the component doesn't
refresh. Would it have something to do with this running inside the
component?
-Jim
On 6/16/2011 12:37 PM, Massimo Di Pierro wrote:
Try replace
success: web2py_component('../groupUsers/{{=groupId}}'),
with
success: function() { web2py_component('../groupUsers/
{{=groupId}}'); },
On Jun 16, 12:02 pm, Jim Steilj...@qlf.com wrote:
Hi
I have a component on my page that displays the auth_users that have
membership the specific auth_group. I have some the following js to
remove someone from a group:
function deleteMembership(userId, groupId) {
$.ajax({
type: POST,
url:'../groupUserDelete',
data:'userId=' + userId + 'groupId=' + groupId,
success: web2py_component('../groupUsers/{{=groupId}}'),
});
}
it is working except for my 'success' case. I'm trying to reload just
the component and not the entire page. I've verified the rest of this
works by specifying location.reload() in the success case and that
successfully reloads then entire page. I'm trying to just reload the
component. This javascript is in the .load file for the component. Any
clues as to what I'm doing incorrectly?
-Jim
Re: [web2py] Re: Refreshing component
Massimo
Thanks for the reply. I made the change you recommended. I can see
that the function is called using firebug, but the component doesn't
refresh. Would it have something to do with this running inside the
component?
-Jim
On 6/16/2011 12:37 PM, Massimo Di Pierro wrote:
Try replace
success: web2py_component('../groupUsers/{{=groupId}}'),
with
success: function() { web2py_component('../groupUsers/
{{=groupId}}'); },
On Jun 16, 12:02 pm, Jim Steilj...@qlf.com wrote:
Hi
I have a component on my page that displays the auth_users that have
membership the specific auth_group. I have some the following js to
remove someone from a group:
function deleteMembership(userId, groupId) {
$.ajax({
type: POST,
url:'../groupUserDelete',
data:'userId=' + userId + 'groupId=' + groupId,
success: web2py_component('../groupUsers/{{=groupId}}'),
});
}
it is working except for my 'success' case. I'm trying to reload just
the component and not the entire page. I've verified the rest of this
works by specifying location.reload() in the success case and that
successfully reloads then entire page. I'm trying to just reload the
component. This javascript is in the .load file for the component. Any
clues as to what I'm doing incorrectly?
-Jim
Re: [web2py] Making a field non-editable, but writable using SQLFORM
That doesn't seem to affect the HTML form output at all for me. I've also tried changing the widget to LABEL, but that results in the same problem with the value not being transmitted back via the form. What I'd like to be able to do is set the readonly attribute of the input tag; but I don't know how to do that in this context, where I cannot insert code between the creation on the SQLFORM and the accepts call. Jay On Thu, Jun 16, 2011 at 2:21 PM, Bruno Rocha rochacbr...@gmail.com wrote: Sorry, I answered before read entire message, if you want to chamhe it in form only, better to use the 'represent' attribute db.table.field.represent = lambda f: label %s /label % f -- Bruno Rocha [ About me: http://zerp.ly/rochacbruno ] On Thu, Jun 16, 2011 at 3:05 PM, Jay Shaffstall jshaffst...@gmail.com wrote: I have a situation where I need to adjust an SQLFORM field to be non-editable. I can do that with .writable = False, but that seems to also prevents database I/O for that field. What I'm trying to do is set a default that cannot be changed. Is there a way to set an SQLFORM field so that it appears as a label on the form itself, but is still writable for the database? For reference, I'm doing this with a field in the form returned by auth.register, so I cannot insert code between the form creation and the accepts call. I believe I'm restricted to working with the model before calling auth.register, or by using custom forms. Jay
[web2py] Re: Auth over SSL
Someone please correct me if I am wrong, but this issue is one of architecting your applications/environment properly. If you only ever use https (ie: no http) then all is fine. If you use mixed http https, then you likely want to set session.secure() (this will set the cookie 'secure' attribute, identifying that the browser should never send the cookie over a non secure channel). The issue is that first connection you use to obtain the cookie. If it is over a non secure channel, the server will send you a cookie with your session id and the secure attribute set. This is an issue in that a 3rd party can acquire your session id over this nonsecure channel. Solution: Unfortunately the cookie is sent whether you are authenticated or not... I believe the only solution is to ensure all web2py calls are over a secure channel. Your settings can still identify that other calls may not be over secure channels though (think static files, etc... in which you bypass web2py). Thoughts??
[web2py] The multi-tenant feature and validators ...
Is the new multi-tenant feature preserved by validators? I mean validators like IS_IN_DB, when applied on table with multi-tenant feature enabled, is IS_IN_DB validator filtering my records only? Also can this feature be enabled for web2py auth mechanism? Means each tenant will have own user accouns, roles, goups and auth decorators will preserve this? Thanks, David
[web2py] Re: Chunked downloads and corrupt files with Internet Explorer 8 (IE8)
(This answer was moved to another group with another signature. Don't
know what's wrong here in Google Groups.)
The higher value for chunk_size didn't work with a 33 MiB file. Even
in Firefox 4.
So I tried 1.96.4 (Rocket 1.2.2) on Windows XP.
Made a new and simple app (dtest). The download there uses
response.download(request,db) as well.
1 simple table: db.define_table('stuff', Field('file', 'upload'))
Upload of the 33 MiB file via db admin, content listed on
http://127.0.0.1:8001/dtest/default/data/select/stuff (default
function data with return dict(form=3Dcrud()). Download with
Internet Explorer 8 (after removing the tag that switches to Chrome
Frame, to have a realistic test like normal users).
Download was broken. A few KiB were missing. This was on localhost.
Remote tests have even worse results.
On May 6, 5:51 pm, Massimo Di Pierro massimo.dipie...@gmail.com
wrote:
Can you try 1.95.1
On May 6, 6:03 am, Stefan Scholl stefan.sch...@gmail.com wrote:
The classic download function:
def download():
return response.download(request, db)
I'm developing on localhost (127.0.0.1, no SSL) and one strange thing
happened: Downloads in IE8 (Windows XP) were all corrupt/brokenif
they weren't below 64KiB in size. Very easy to see with large images.
Using a higher value for the argument 'chunk_size' solves this
problem, up to this new maximum.
web2py 1.91.6
[web2py] Re: pyodbc access to Teradata (via web2py)
Hi Denesl, I was misinterpreting the list of databases in Chapter 6 of the web2py book. I read it as a 2 column list, not realising that the pyodbc reference was specifically relating to SQLServer and DB2.I would say that Teradata SQL would be closer to DB2 than MSSQL. I'll give it a try but there will be some dbms specific things that won't match.
[web2py] Oulu Open Hack Coming and looking for partners...
If your in Oulu on the 23rd of September I am organizing and competing in Oulu Open Hack. I want to developer a few of my ideas in Web2py and we have 30 hours to do it. :D Anyone in the area? Best Regards, Jason Brower
[web2py] Re: debugging WSGI web2py python apps
Personally, I use the python logging module which we have setup to read it's options from a config file. http://docs.python.org/library/logging.html http://docs.python.org/library/configparser.html The logging module allows you to send your logs to files, standard out (usually httpserver.log for wsgi), syslog for *nix systems, email, Windows Log??, etc.. If you using configparser, I believe you are able to change the logging settings on the fly and have then redirect wherever you need.
[web2py] Re: fyi: web2py 1.96.4 breaks with pywin32-2.16 - fine with pywin32-2.14
My setup involves an apache 2.2.17, mod_wsgi 3.3, python 2.7.2, trac 0.12.2, mercurial 1.8.4. Two issues surfaced: 1. mercurial demandimport initialization order 2. mercurial unable to load DLLs in site-packages. I solved the problem as follows: 1. change hgwebdir.wsgi to disable demandimport: from mercurial import demandimport; demandimport.disable() 2. create a pure (no pyd) mercurial package and install. E:\Dist\mercurial-1.8.4setup.py --pure build E:\Dist\mercurial-1.8.4setup.py --pure install The compiled versions (with Microsoft Visual Studio 2008) fail to load the DLL: [Thu Jun 16 21:46:28 2011] [error] [client 192.168.178.24] mod_wsgi (pid=6092): Exception occurred processing WSGI script 'D:/Home/web/ apache/cgi-bin/hgwebdir.wsgi'. [Thu Jun 16 21:46:28 2011] [error] [client 192.168.178.24] Traceback (most recent call last): [Thu Jun 16 21:46:28 2011] [error] [client 192.168.178.24] File D:/ Home/web/apache/cgi-bin/hgwebdir.wsgi, line 9, in module [Thu Jun 16 21:46:28 2011] [error] [client 192.168.178.24] from mercurial.hgweb.hgwebdir_mod import hgwebdir [Thu Jun 16 21:46:28 2011] [error] [client 192.168.178.24] File C:\ \Apps\\Python27\\lib\\site-packages\\mercurial\\hgweb\\__init__.py, line 10, in module [Thu Jun 16 21:46:28 2011] [error] [client 192.168.178.24] import hgweb_mod, hgwebdir_mod [Thu Jun 16 21:46:28 2011] [error] [client 192.168.178.24] File C:\ \Apps\\Python27\\lib\\site-packages\\mercurial\\hgweb\\hgweb_mod.py, line 10, in module [Thu Jun 16 21:46:28 2011] [error] [client 192.168.178.24] from mercurial import ui, hg, hook, error, encoding, templater [Thu Jun 16 21:46:28 2011] [error] [client 192.168.178.24] File C:\ \Apps\\Python27\\lib\\site-packages\\mercurial\\ui.py, line 10, in module [Thu Jun 16 21:46:28 2011] [error] [client 192.168.178.24] import config, util, error [Thu Jun 16 21:46:28 2011] [error] [client 192.168.178.24] File C:\ \Apps\\Python27\\lib\\site-packages\\mercurial\\config.py, line 9, in module [Thu Jun 16 21:46:28 2011] [error] [client 192.168.178.24] import error, util [Thu Jun 16 21:46:28 2011] [error] [client 192.168.178.24] File C:\ \Apps\\Python27\\lib\\site-packages\\mercurial\\util.py, line 17, in module [Thu Jun 16 21:46:28 2011] [error] [client 192.168.178.24] import error, osutil, encoding [Thu Jun 16 21:46:28 2011] [error] [client 192.168.178.24] ImportError: DLL load failed: The specified module could not be found. Regards, Andreas On Jun 16, 10:24 am, baloan balo...@googlemail.com wrote: No, this is a fresh install from the Windows source version ofwww.web2py.com. The error occured when asking for /admin. To me it seems like the portalocker.lock(response.session_file, portalocker.LOCK_EX) call imports pywin32 mercurial(!) in a strange way. Regards, Andreas On Jun 15, 11:14 pm, Massimo Di Pierro massimo.dipie...@gmail.com wrote: This traceback is not compatible with the code: try: ... import pywintypes os_locking = 'windows' except: pass if os_locking == 'windows': __overlapped = pywintypes.OVERLAPPED() Did you change the code? On Jun 15, 3:39 pm, baloan balo...@googlemail.com wrote: After a system upgrade I found that web2py 1.96.4 breaks with pywin32 2.16. It works fine with pywin32 2.14. The installation features mercurial 1.7.5. I can't use mercurial 1.8.4 because it breaks my trac 0.12.2 installation. With web2py 1.96.4, pywin32 2.16, mercurial 1.7.5 I see the following error: Traceback (most recent call last): File D:\\Home\\web\\web2py\\gluon\\main.py, line 516, in wsgibase session._try_store_on_disk(request, response) File D:\\Home\\web\\web2py\\gluon\\globals.py, line 494, in _try_store_on_disk portalocker.lock(response.session_file, portalocker.LOCK_EX) File C:\\Apps\\Python27\\lib\\site-packages\\mercurial\ \demandimport.py, line 75, in __getattribute__ self._load() File C:\\Apps\\Python27\\lib\\site-packages\\mercurial\ \demandimport.py, line 47, in _load mod = _origimport(head, globals, locals) File D:\\Home\\web\\web2py\\gluon\\portalocker.py, line 69, in module __overlapped = pywintypes.OVERLAPPED() File C:\\Apps\\Python27\\lib\\site-packages\\mercurial\ \demandimport.py, line 75, in __getattribute__ self._load() File C:\\Apps\\Python27\\lib\\site-packages\\mercurial\ \demandimport.py, line 47, in _load mod = _origimport(head, globals, locals) File C:\\Apps\\Python27\\lib\\site-packages\\win32\\lib\ \pywintypes.py, line 124, in module __import_pywin32_system_module__(pywintypes, globals()) File C:\\Apps\\Python27\\lib\\site-packages\\win32\\lib\ \pywintypes.py, line 98, in __import_pywin32_system_module__ raise ImportError(No system module \'%s\' (%s) % (modname, filename)) ImportError: No system module \'pywintypes\' (pywintypes27.dll)
[web2py] Re: Auth over SSL
On Thursday, June 16, 2011 3:04:06 PM UTC-4, Richard G wrote: Someone please correct me if I am wrong, but this issue is one of architecting your applications/environment properly. If you only ever use https (ie: no http) then all is fine. If you use mixed http https, then you likely want to set session.secure() (this will set the cookie 'secure' attribute, identifying that the browser should never send the cookie over a non secure channel). The issue is that first connection you use to obtain the cookie. If it is over a non secure channel, the server will send you a cookie with your session id and the secure attribute set. This is an issue in that a 3rd party can acquire your session id over this nonsecure channel. Solution: Unfortunately the cookie is sent whether you are authenticated or not... I believe the only solution is to ensure all web2py calls are over a secure channel. Your settings can still identify that other calls may not be over secure channels though (think static files, etc... in which you bypass web2py). Maybe we should also have something like session.regenerate(), which could optionally be called by session.secure(). This would regenerate the session ID (but keep the existing session). So, upon login, you could call session.secure(regenerate=True), and it would change the session ID and secure the cookie. Would that work? Anthony
[web2py] Re: Making a field non-editable, but writable using SQLFORM
Jay, you can do:
form.element('#tablename_fieldname')['_readonly']=True
On Jun 16, 2:57 pm, Jay Shaffstall jshaffst...@gmail.com wrote:
That doesn't seem to affect the HTML form output at all for me. I've
also tried changing the widget to LABEL, but that results in the same
problem with the value not being transmitted back via the form.
What I'd like to be able to do is set the readonly attribute of the
input tag; but I don't know how to do that in this context, where I
cannot insert code between the creation on the SQLFORM and the accepts
call.
Jay
On Thu, Jun 16, 2011 at 2:21 PM, Bruno Rocha rochacbr...@gmail.com wrote:
Sorry, I answered before read entire message,
if you want to chamhe it in form only, better to use the 'represent'
attribute
db.table.field.represent = lambda f: label %s /label % f
--
Bruno Rocha
[ About me: http://zerp.ly/rochacbruno ]
On Thu, Jun 16, 2011 at 3:05 PM, Jay Shaffstall jshaffst...@gmail.com
wrote:
I have a situation where I need to adjust an SQLFORM field to be
non-editable. I can do that with .writable = False, but that seems to
also prevents database I/O for that field. What I'm trying to do is
set a default that cannot be changed.
Is there a way to set an SQLFORM field so that it appears as a label
on the form itself, but is still writable for the database?
For reference, I'm doing this with a field in the form returned by
auth.register, so I cannot insert code between the form creation and
the accepts call. I believe I'm restricted to working with the model
before calling auth.register, or by using custom forms.
Jay
[web2py] Re: Making a field non-editable, but writable using SQLFORM
On Thursday, June 16, 2011 2:05:34 PM UTC-4, JayShaffstall wrote: I have a situation where I need to adjust an SQLFORM field to be non-editable. I can do that with .writable = False, but that seems to also prevents database I/O for that field. What I'm trying to do is set a default that cannot be changed. How are you setting the default? If you specify the 'default' argument for the Field object, it should enter that default even if you set writable=False (at least it does for me, though I haven't tested it specifically on the auth_user table). Can you show some of your code? For reference, I'm doing this with a field in the form returned by auth.register, so I cannot insert code between the form creation and the accepts call. I believe I'm restricted to working with the model before calling auth.register, or by using custom forms. Depending on what you need to do, I think you should be able to alter the auth form before it gets passed on to the view. In your user() function, do something like this: def user(): form=auth() # This creates the appropriate auth form, depending on request.args. if request.args and request.args(0)=='register': # code to alter the registration form return dict(form=form) Note, if you want to do something after registration form validation but before the form is accepted, you can also specify auth.settings.register_onvalidation (see http://web2py.com/book/default/chapter/08#Settings-and-Messages). Anthony
Re: [web2py] Re: Making a field non-editable, but writable using SQLFORM
I'd been thinking I needed to do that between form creation and the
accepts call, but you're right, it works even after that point. I
make the call to auth.register, and then modify the readonly
attribute, and it works fine.
Thanks!
Jay
On Thu, Jun 16, 2011 at 5:06 PM, DenesL denes1...@yahoo.ca wrote:
Jay, you can do:
form.element('#tablename_fieldname')['_readonly']=True
On Jun 16, 2:57 pm, Jay Shaffstall jshaffst...@gmail.com wrote:
That doesn't seem to affect the HTML form output at all for me. I've
also tried changing the widget to LABEL, but that results in the same
problem with the value not being transmitted back via the form.
What I'd like to be able to do is set the readonly attribute of the
input tag; but I don't know how to do that in this context, where I
cannot insert code between the creation on the SQLFORM and the accepts
call.
Jay
On Thu, Jun 16, 2011 at 2:21 PM, Bruno Rocha rochacbr...@gmail.com wrote:
Sorry, I answered before read entire message,
if you want to chamhe it in form only, better to use the 'represent'
attribute
db.table.field.represent = lambda f: label %s /label % f
--
Bruno Rocha
[ About me: http://zerp.ly/rochacbruno ]
On Thu, Jun 16, 2011 at 3:05 PM, Jay Shaffstall jshaffst...@gmail.com
wrote:
I have a situation where I need to adjust an SQLFORM field to be
non-editable. I can do that with .writable = False, but that seems to
also prevents database I/O for that field. What I'm trying to do is
set a default that cannot be changed.
Is there a way to set an SQLFORM field so that it appears as a label
on the form itself, but is still writable for the database?
For reference, I'm doing this with a field in the form returned by
auth.register, so I cannot insert code between the form creation and
the accepts call. I believe I'm restricted to working with the model
before calling auth.register, or by using custom forms.
Jay
[web2py] Re: Auth over SSL
Anthony: I don't really understand how would that solve the problem. The problem has to do with transmission of the session cookie in a non secure channel. Regenerate it won't solve the problem. We need to enforce not to allow the transmission of authenticated sessions threw non secure channels. I think this should be the default behavior. pbreit: this is a real issue. Facebook, Twitter and Google Mail are doing this as they acknowledged the problem. If you need proof of concepts and you can get it easily with a simple firefox extension that performs this attack called Firesheep. I think the solution requires to automatically redirect this data to be transmitted over HTTPS and not even support logins and authenticated sessions over non secure channels to prevent people's mistakes. Makes no sense to allow logins and show login forms in a non secure channel while there is a secure one. There is no need to changed non authenticated sessions because they only provide, by design, publicly available data. Now, I know Massimo will probably change this default behavior because of backward compatibility (even though this is a real problem requiring a fix) but that doesn't prevent us from making some option/ argument that will automatically enforce this behavior for an entire application (at least) when activated. What do you think? Francisco On Jun 16, 9:43 pm, Anthony abasta...@gmail.com wrote: On Thursday, June 16, 2011 3:04:06 PM UTC-4, Richard G wrote: Someone please correct me if I am wrong, but this issue is one of architecting your applications/environment properly. If you only ever use https (ie: no http) then all is fine. If you use mixed http https, then you likely want to set session.secure() (this will set the cookie 'secure' attribute, identifying that the browser should never send the cookie over a non secure channel). The issue is that first connection you use to obtain the cookie. If it is over a non secure channel, the server will send you a cookie with your session id and the secure attribute set. This is an issue in that a 3rd party can acquire your session id over this nonsecure channel. Solution: Unfortunately the cookie is sent whether you are authenticated or not... I believe the only solution is to ensure all web2py calls are over a secure channel. Your settings can still identify that other calls may not be over secure channels though (think static files, etc... in which you bypass web2py). Maybe we should also have something like session.regenerate(), which could optionally be called by session.secure(). This would regenerate the session ID (but keep the existing session). So, upon login, you could call session.secure(regenerate=True), and it would change the session ID and secure the cookie. Would that work? Anthony
[web2py] Re: Auth over SSL
Anthony: I don't really understand how would that solve the problem. The problem has to do with transmission of the session cookie in a non secure channel. Regenerate it won't solve the problem. We need to enforce not to allow the transmission of authenticated sessions threw non secure channels. I think this should be the default behavior. pbreit: this is a real issue. Facebook, Twitter and Google Mail are doing this as they acknowledged the problem. If you need proof of concepts and you can get it easily with a simple firefox extension that performs this attack called Firesheep. I think the solution requires to automatically redirect this data to be transmitted over HTTPS and not even support logins and authenticated sessions over non secure channels to prevent people's mistakes. Makes no sense to allow logins and show login forms in a non secure channel while there is a secure one. There is no need to change anything in non authenticated sessions because they only provide, by design, publicly available data so there we are ok. Now, I know Massimo will probably not change this default behavior because of backward compatibility (even though this is a real problem requiring a fix) but that doesn't prevent us from making some option/ argument that will automatically enforce this behavior for an entire application (at least) when activated. What do you think? Francisco On Jun 16, 9:43 pm, Anthony abasta...@gmail.com wrote: On Thursday, June 16, 2011 3:04:06 PM UTC-4, Richard G wrote: Someone please correct me if I am wrong, but this issue is one of architecting your applications/environment properly. If you only ever use https (ie: no http) then all is fine. If you use mixed http https, then you likely want to set session.secure() (this will set the cookie 'secure' attribute, identifying that the browser should never send the cookie over a non secure channel). The issue is that first connection you use to obtain the cookie. If it is over a non secure channel, the server will send you a cookie with your session id and the secure attribute set. This is an issue in that a 3rd party can acquire your session id over this nonsecure channel. Solution: Unfortunately the cookie is sent whether you are authenticated or not... I believe the only solution is to ensure all web2py calls are over a secure channel. Your settings can still identify that other calls may not be over secure channels though (think static files, etc... in which you bypass web2py). Maybe we should also have something like session.regenerate(), which could optionally be called by session.secure(). This would regenerate the session ID (but keep the existing session). So, upon login, you could call session.secure(regenerate=True), and it would change the session ID and secure the cookie. Would that work? Anthony
[web2py] autocomplete widget error when inserting record
I get this error when trying to insert a record manually from a
sqlform:
SyntaxError: Field _autocomplete_name_aux does not belong to the table
Controller line is:
form.vars.id = table.insert(**dict(form.vars))
Model definition has a field using the autocomplete widget:
db.define_table('order',
Field('product', db.product,
widget = SQLFORM.widgets.autocomplete(request,
db.product.name, id_field=db.product.id)),
[web2py] Re: Strange Error: Field does not belong to the table
Looks like the form.accepts is trying to update the database with the
is_administrator value. You may need to deal with the update
explicitly. Have you tried form.accepts(request.vars, session,
dbio=False)?
On Jun 14, 1:21 pm, Ross Peoples ross.peop...@gmail.com wrote:
I am trying to provide an editor for auth_user using SQLFORM. I also am
trying to add a checkbox to the bottom of the form to set whether or not the
user is an administrator. If so, then the user gets added to an
Administrators group when calling form.accepts().
The strange part is, the code works fine if you check the box, then click
submit, but if you try to uncheck the box, that's when you get the following
traceback:
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
Traceback (most recent call last):
File /media/psf/Python/web2py/gluon/restricted.py, line 192, in restricted
exec ccode in environment
File
/Users/rosspeoples/Dropbox/Code/Python/web2py/applications/init/controllers/administration.py
http://127.0.0.1:8001/admin/edit/init/controllers/administration.py, line
650, in module
File /media/psf/Python/web2py/gluon/globals.py, line 137, in lambda
self._caller = lambda f: f()
File /Users/rosspeoples/Dropbox/Code/Python/web2py/gluon/tools.py, line
2485, in f
return action(*a, **b)
File
/Users/rosspeoples/Dropbox/Code/Python/web2py/applications/init/controllers/administration.py
http://127.0.0.1:8001/admin/edit/init/controllers/administration.py, line
148, in security
return update()
File
/Users/rosspeoples/Dropbox/Code/Python/web2py/applications/init/controllers/administration.py
http://127.0.0.1:8001/admin/edit/init/controllers/administration.py, line
143, in update
return user_form(user)
File
/Users/rosspeoples/Dropbox/Code/Python/web2py/applications/init/controllers/administration.py
http://127.0.0.1:8001/admin/edit/init/controllers/administration.py, line
120, in user_form
if form.accepts(request.vars, session):
File /media/psf/Python/web2py/gluon/sqlhtml.py, line 1203, in accepts
self.table._db(self.table._id == self.record.id).update(**fields)
File /Users/rosspeoples/Dropbox/Code/Python/web2py/gluon/dal.py, line
5401, in update
fields = self.db[tablename]._listify(update_fields,update=True)
File /Users/rosspeoples/Dropbox/Code/Python/web2py/gluon/dal.py, line
4677, in _listify
raise SyntaxError, 'Field %s does not belong to the table' % name
SyntaxError: Field is_administrator does not belong to the table
And here is the controller that is adding the checkbox:
form = SQLFORM(db.auth_user, user, showid=False)
form[0].insert(-1, TR((
TD(LABEL('Is Administrator',
_for='auth_user_is_administrator')),
TD(INPUT(_type='checkbox', _name='is_administrator',
_id='auth_user_is_administrator'))
)))
form.vars.is_administrator = False
if user:
if auth.has_membership(user_id=user.id, role='Administrators'):
form.vars.is_administrator = True
if form.accepts(request.vars, session):
admin_group =
db(db.auth_group.role=='Administrators').select().first()
db((db.auth_membership.user_id==user.id)
(db.auth_membership.group_id==admin_group.id)).delete()
if form.vars.is_administrator:
db.auth_membership.insert(group_id=admin_group.id,
user_id=user.id)
return 'OK'
return dict(form=form)
The thing that is driving me nuts is that I am doing exactly what the book
says to do:
http://web2py.com/book/default/chapter/07#Adding-extra-form-elements-...
Any thoughts? Thanks.
[web2py] Re: Auth over SSL
On Thursday, June 16, 2011 6:02:00 PM UTC-4, blackthorne wrote: Anthony: I don't really understand how would that solve the problem. The problem has to do with transmission of the session cookie in a non secure channel. Regenerate it won't solve the problem. It will solve the problem of transitioning from an insecure/pre-login session to a secure/post-login session, which is a separate issue. We need to enforce not to allow the transmission of authenticated sessions threw non secure channels. I think this should be the default behavior. I'm not sure the framework should absolutely require SSL in order for the auth system to work at all. Anthony
[web2py] Re: typo in documentation
On Jun 16, 6:58 pm, amit in4tu...@gmail.com wrote: OpenIDAUth requires the python-open installed separately. It should be OpenIDAUth requires the python-openid installed separately, Fixed, many thanks.
[web2py] Re: Auth over SSL
On Jun 16, 11:08 pm, Anthony abasta...@gmail.com wrote: On Thursday, June 16, 2011 6:02:00 PM UTC-4, blackthorne wrote: Anthony: I don't really understand how would that solve the problem. The problem has to do with transmission of the session cookie in a non secure channel. Regenerate it won't solve the problem. It will solve the problem of transitioning from an insecure/pre-login session to a secure/post-login session, which is a separate issue. I see you assume that the pre-login established session is the same after login. I consider them as 2 different sessions, so yes regenerate=True as you say is what I assume that should be the default behavior when creating an authenticated session. At least, your proposal should be available if we want to be able to warrant authenticity. We need to enforce not to allow the transmission of authenticated sessions threw non secure channels. I think this should be the default behavior. I'm not sure the framework should absolutely require SSL in order for the auth system to work at all. Using any sort of method, providing authentication is more than just saying who you are which is technically the only thing you are doing when transmitting a session cookie in a non secure channel. it's about proving that you are who do you say. While sending a username, password to a website the user is trusting in the best practices on handling those credentials safely. Those expectations should be met by making the possible to prevent, at least, the publicly known cheap attacks. So, I'm not against the possibility of allowing non secure channels, just defending this behavior as the one I consider that should be default. Anthony
[web2py] Re: autocomplete widget error when inserting record
Maybe try:
form.vars.id = table.insert(**table._filter_fields(form.vars))
The _filter_fields method should pull out only the dict keys that are fields
in the table. See
http://web2py.com/book/default/chapter/07#One-form-for-multiple-tables for
an example of this.
Anthony
On Thursday, June 16, 2011 6:04:27 PM UTC-4, apple wrote:
I get this error when trying to insert a record manually from a
sqlform:
SyntaxError: Field _autocomplete_name_aux does not belong to the table
Controller line is:
form.vars.id = table.insert(**dict(form.vars))
Model definition has a field using the autocomplete widget:
db.define_table('order',
Field('product', db.product,
widget = SQLFORM.widgets.autocomplete(request,
db.product.name, id_field=db.product.id)),
[web2py] Re: Auth over SSL
I don't think the situation is that dire. The web has worked like this for 20 years and it hasn't been an actual issue. I think as long as the tools are available to go all-SSL that's fine.
[web2py] Re: Auth over SSL
On Thursday, June 16, 2011 6:43:42 PM UTC-4, blackthorne wrote: On Jun 16, 11:08 pm, Anthony abas...@gmail.com wrote: On Thursday, June 16, 2011 6:02:00 PM UTC-4, blackthorne wrote: Anthony: I don't really understand how would that solve the problem. The problem has to do with transmission of the session cookie in a non secure channel. Regenerate it won't solve the problem. It will solve the problem of transitioning from an insecure/pre-login session to a secure/post-login session, which is a separate issue. I see you assume that the pre-login established session is the same after login. I consider them as 2 different sessions, so yes regenerate=True as you say is what I assume that should be the default behavior when creating an authenticated session. Are you saying that once the user logs in, any existing session they had should be erased and a new one started? I don't think that's how it works now, and I'm not sure that would always be the thing to do, but maybe it should be an option. I was just suggesting regenerating the session id, but keeping the session itself. We need to enforce not to allow the transmission of authenticated sessions threw non secure channels. I think this should be the default behavior. I'm not sure the framework should absolutely require SSL in order for the auth system to work at all. Using any sort of method, providing authentication is more than just saying who you are which is technically the only thing you are doing when transmitting a session cookie in a non secure channel. it's about proving that you are who do you say. While sending a username, password to a website the user is trusting in the best practices on handling those credentials safely. Those expectations should be met by making the possible to prevent, at least, the publicly known cheap attacks. So, I'm not against the possibility of allowing non secure channels, just defending this behavior as the one I consider that should be default. I hear you. Do you have a specific proposal for how auth and post-login routing should work? If a request comes in and the session includes an auth user, should web2py reject/redirect the request if it's not over SSL (at least that would be the default behavior, perhaps with the option to configure auth to allow non-secure sessions)? Anthony
[web2py] Re: autocomplete widget error when inserting record
thanks. that works albeit a bit esoteric.
On Jun 17, 12:03 am, Anthony abasta...@gmail.com wrote:
Maybe try:
form.vars.id = table.insert(**table._filter_fields(form.vars))
The _filter_fields method should pull out only the dict keys that are fields
in the table.
Seehttp://web2py.com/book/default/chapter/07#One-form-for-multiple-tablesfor
an example of this.
Anthony
On Thursday, June 16, 2011 6:04:27 PM UTC-4, apple wrote:
I get this error when trying to insert a record manually from a
sqlform:
SyntaxError: Field _autocomplete_name_aux does not belong to the table
Controller line is:
form.vars.id = table.insert(**dict(form.vars))
Model definition has a field using the autocomplete widget:
db.define_table('order',
Field('product', db.product,
widget = SQLFORM.widgets.autocomplete(request,
db.product.name, id_field=db.product.id)),
[web2py] Re: Auth over SSL
Using session.secure() sets the secure flag on the session cookie which prevents it from ever being sent over a nonsecure channel. This should be sufficient to build a Firesheep-proof system.
[web2py] Re: Auth over SSL
On Thursday, June 16, 2011 7:35:18 PM UTC-4, pbreit wrote: Using session.secure() sets the secure flag on the session cookie which prevents it from ever being sent over a nonsecure channel. This should be sufficient to build a Firesheep-proof system. I think setting the secure flag of the cookie simply tells the browser not to send the cookie back to the server over a nonsecure channel -- I don't think it prevents the server from sending the cooking to the browser in the first place (or even from accepting the cookie over a nonsecure channel). So, if you set session.secure() but are not using SSL, you'll still end up sending the cookie to the browser. There's also the scenario where the user session starts out nonsecure (i.e., pre-login on the non-SSL part of the site) and then switches to secure. The problem is, in that case, the session cookie has already been sent over a nonsecure channel before you end up calling session.secure(). Anthony
[web2py] Re: Auth over SSL
That's exactly what the secure cookie flag prevents, sending the cookie over a nonsecure line. The problem as you note is that even if your server is set up to redirect nonsecure traffic to secure traffic, the cookies is still sent over in that first handshake. The secure flag prevents that. At least that's how I interpret the literature. The Firesheep guy provides more info: http://codebutler.com/firesheep-a-day-later
[web2py] Re: Auth over SSL
On Thursday, June 16, 2011 8:26:47 PM UTC-4, pbreit wrote: That's exactly what the secure cookie flag prevents, sending the cookie over a nonsecure line. The problem as you note is that even if your server is set up to redirect nonsecure traffic to secure traffic, the cookies is still sent over in that first handshake. The secure flag prevents that. At least that's how I interpret the literature. The Firesheep guy provides more info: http://codebutler.com/firesheep-a-day-later As I understand it, the secure flag only tells the browser not to send the cookie to the server unless over SSL, but it doesn't prevent the server from sending or receiving the cookie without SSL. In any case, in web2py, session.secure() is useless if you don't actually have an https connection -- in that case, sessions will simply not work at all (because the browser won't be able to send the cookie back). The problem is if you have a non-https part of the site that requires sessions (which cannot use secure cookies) and then transition to a secure part of the site and secure the cookie -- in that case, because the cookie was initially not secure, there is a vulnerability. Anthony
[web2py] change __repr__ for DAL, Table, Row?
Hi, Is it safe if I change the __repr__ functions for DAL, Table, Row to show a much more compact string?. Will I not break anything by doing this?. I need this in order to better debug/analyze objects in the shell. Thanks, Carlos
[web2py] File upload bug?
Would like you help on with this file upload issue. I am trying to read the
contents of a file and process it during file upload (without making any
changes to the file). When I try to read the file contents during an upload,
the uploaded file has no contents (it is empty).
See function below and let me know if I am doing anything wrong -
def UploadData():
CSV file upload and data processer
messg = File successfully uploaded
# file uploads
form = SQLFORM(db.mytable,fields=['file',
'filetype'],labels={'file':T('Attach files: '), 'filetype':T('Select File
Type')}, showid=False)
if request.post_vars.file != None:
wells = request.vars.file.file.read()
## do some processing with wells
if form.accepts(request.post_vars):
session.flash=T(messg)
else: response.flash=T()
return dict(form=form)
[web2py] Re: Auth over SSL
Well, a lot has changed in the past 20 years. ARP Spoofing attacks emerged, Wireless shared channel communications emerged, attackers multiplied and his methods got and more sophisticated. Facebook, Twitter and are examples of very expensive migrations related to social networks considered necessary that may not deal with data as sensitive as some apps in web2py such as medical records management, etc... I invite you to take a look at the other side. Checkout your firewall logs on a public exposed device, checkout the releases found on this website by a group of hackers called LulzSec ( http://lulzsecurity.com/releases/ ) and if you're interested, just take a look at the portal exclusively dedicated to report attacks on websites around the world on a daily basis ( http://www.zone-h.org/archive/special=1 ). On Jun 17, 12:11 am, pbreit pbreitenb...@gmail.com wrote: I don't think the situation is that dire. The web has worked like this for 20 years and it hasn't been an actual issue. I think as long as the tools are available to go all-SSL that's fine.
[web2py] Re: Auth over SSL
Are you saying that once the user logs in, any existing session they had should be erased and a new one started? I don't think that's how it works now, and I'm not sure that would always be the thing to do, but maybe it should be an option. I was just suggesting regenerating the session id, but keeping the session itself. I think this just about semantics. Eegenerating the session id, as you call it, is the right thing to do and I just added that should be default when making a transition to a secure channel. I hear you. Do you have a specific proposal for how auth and post-login routing should work? If a request comes in and the session includes an auth user, should web2py reject/redirect the request if it's not over SSL (at least that would be the default behavior, perhaps with the option to configure auth to allow non-secure sessions)? yes, something like if auth.sslmandatory and request.env.protocol == 'https': normal_auth_code and user funtions with a regenerated session Anthony
[web2py] Markmin question
hi, I like markmin syntax, I am thinking to use it, yet I have a few questions - is there a html to markmin converter? (a markmin to html is - /gluon/ contrib/markmin/markmin2html.py) - how to emebed flash? - what about including css or javascript ? (script, link ) thank you
[web2py] Re: change __repr__ for DAL, Table, Row?
You would not break anything. On Jun 16, 8:02 pm, Carlos carlosgali...@gmail.com wrote: Hi, Is it safe if I change the __repr__ functions for DAL, Table, Row to show a much more compact string?. Will I not break anything by doing this?. I need this in order to better debug/analyze objects in the shell. Thanks, Carlos
[web2py] Re: Markmin question
On Jun 16, 8:19 pm, elffikk elff...@gmail.com wrote: hi, I like markmin syntax, I am thinking to use it, yet I have a few questions - is there a html to markmin converter? (a markmin to html is - /gluon/ contrib/markmin/markmin2html.py) yes from gluon.html import markmin_serializer markmin = TAG(html).flatten(markmin_serializer) - how to emebed flash? yes text= bla ``bla``:flash bla MARKMIN(text,extra=dict(flash=lambda content: 'embed.../embed') - what about including css or javascript ? (script, link ) text= bla ``bla``:js bla MARKMIN(text,extra=dict(js=lambda content: 'script'+content+'/ script') thank you
[web2py] Problem with auth_cas table not getting created
I've recently upgraded to 1.96.4 and I'm having trouble getting the new auth_cas table created on a Postgres DB. It should get created automatically if I have migrate ON, right?
[web2py] Re: Problem with auth_cas table not getting created
I have a custom auth_user table if that matters.
[web2py] Re: Problem with auth_cas table not getting created
The .table file was created and the auth_cas table shows in sql.log (although faked).
[web2py] Re: Problem with auth_cas table not getting created
OK, I think it worked now. I'm not sure what the problem is exactly but might have been a false alarm.
[web2py] Migration problem
I'm having trouble agin getting a new table created. I still don't really understand how Web2py knows how to migrate, how it uses the .table and sql.log files and what fake_migrate does exactly. If I am missing a whole table, how can I prompt Web2py to create it? Do I have to manipulate or delete the .table file or sql.log?
Re: [web2py] Re: import error
2011/6/15 Massimo Di Pierro massimo.dipie...@gmail.com looking into this... Still no news. Should we forget this issue? I really would like to debug but I don't have enough information. It seems the bug is very rare. On Jun 15, 8:12 am, mb_...@yahoo.fr mb_...@yahoo.fr wrote: I wanted to use the w2popenid example application from bitbucket website :https://bitbucket.org/bottiger/web2py-openid/overview I have downloaded and placed the code in the applications directory. I have changed in the models folder the file db.py: this line from applications.cas.modules.w2popenid import OpenIDLogin is replaced with this one from w2popenid import OpenIDLogin or this from applications.w2popenid.modules.import OpenIDLogin. But it don't worked. I get to follow this trace Traceback (most recent call last): File /home/mamadou/Desktop/web2py/gluon/restricted.py, line 192, in restricted exec ccode in environment File /home/mamadou/Desktop/web2py/applications/w2popenid/models/ db.py, line 42, in module from testing import lala File /home/mamadou/Desktop/web2py/gluon/custom_import.py, line 280, in __call__ fromlist, level) File /home/mamadou/Desktop/web2py/gluon/custom_import.py, line 75, in __call__ level) File /home/mamadou/Desktop/web2py/applications/w2popenid/modules/ testing.py, line 7, in module import openid.consumer.consumer File /home/mamadou/Desktop/web2py/gluon/custom_import.py, line 280, in __call__ fromlist, level) File /home/mamadou/Desktop/web2py/gluon/custom_import.py, line 75, in __call__ level) File /usr/lib/pymodules/python2.7/openid/consumer/consumer.py, line 197, in module from openid.consumer.discover import discover, OpenIDServiceEndpoint, \ File /home/mamadou/Desktop/web2py/gluon/custom_import.py, line 280, in __call__ fromlist, level) File /home/mamadou/Desktop/web2py/gluon/custom_import.py, line 75, in __call__ level) File /usr/lib/pymodules/python2.7/openid/consumer/discover.py, line 21, in module from openid.yadis.etxrd import nsTag, XRDSError, XRD_NS_2_0 File /home/mamadou/Desktop/web2py/gluon/custom_import.py, line 280, in __call__ fromlist, level) File /home/mamadou/Desktop/web2py/gluon/custom_import.py, line 75, in __call__ level) File /usr/lib/pymodules/python2.7/openid/yadis/etxrd.py, line 28, in module ElementTree = importElementTree() File /usr/lib/pymodules/python2.7/openid/oidutil.py, line 58, in importElementTree ElementTree = __import__(mod_name, None, None, ['unused']) File /home/mamadou/Desktop/web2py/gluon/custom_import.py, line 258, in __call__ globals.get(__file__, )) AttributeError: 'NoneType' object has no attribute 'get' to fix i must modify the module custom_import in the web2py/gluon folder. starting line 256 try: caller_file_name = os.path.join(self.web2py_path, \globals.get(__file__, )) except AttributeError: caller_file_name = -- A+ - Pierre My blog and profile (http://pierrethibault.posterous.com)http://pierrethibault.posterous.com YouTube page (http://www.youtube.com/user/tubetib)http://www.youtube.com/user/tubetib Twitter (http://twitter.com/pierreth2) http://twitter.com/pierreth2
[web2py] Re: Migration problem
Resolved. Postgres doesn't like field name 'user'.
Re: [web2py] Re: Markmin question
thank you sir
