Re: [web2py] Re: Help for creating template

[Miroslav Gojic]

What if I need more than one menu.

Usually I have 2 or 3 menus (top, bottom, and side)

Can I do someting like this:
in controller
var1 = (response .menu
=(...))
var2 = (response .menu
=(...))

in layout
{{=MENU(var1,_class='sf-menu')}}
{{=MENU(var2,_class='sf-menu')}}


- - Miroslav Gojic - -



On Fri, Oct 7, 2011 at 22:07, Anthony  wrote:

> See http://web2py.com/book/default/chapter/05#Custom-Helpers for details
> on using the MENU helper. You can see an example of using it in conjunction
> with Superfish (which is a Javascript library that turns the list structure
> generated by MENU into a dynamic menu) in the 'welcome' app:
> http://code.google.com/p/web2py/source/browse/applications/welcome/views/layout.html#102
>
> Anthony
>
>
> On Friday, October 7, 2011 3:08:37 PM UTC-4, miroslavgojic wrote:
>
>> this is my controller
>>
>> from gluon.tools import Crud
>> crud = Crud(db)
>>
>> def index():
>> form=SQLFORM(db.poruke,fields=**['poruka','post_author'])
>> if form.accepts(request.vars,**session):
>> session.flash="new post accepted!"
>> redirect(URL(r=request))
>> poruke=db().select(db.poruke.**ALL)
>> return dict(form=form,poruke=poruke)
>>
>> def people():
>> crud.settings.formstyle = ('divs')
>> form = crud.create(db.person,next=**URL('people'),message=T("**record
>> created"))
>> persons = crud.select(db.person,fields=[**'name'],headers={'name':
>> 'Name'})
>> return dict(form = form,persons=persons)
>>
>> def user():
>> auth.settings.formstyle = ('divs')
>> return dict(form=auth())
>>
>> this is my layout
>>
>> 
>> 
>> 
>> Web2Py
>> 
>> 
>> 
>> {{try:}}{{=auth.navbar(action=**URL('default','user'))}}{{**except:pass}}> />
>> {{include}}
>>
>>  
>>  {{block mysidebar}}
>> default sidebar
>>  {{end}}
>>  
>>
>>  
>>   {{=T('Copyright')}} © 2010 -
>>   {{=T('Powered by')}} http://www.web2py.com";>**
>> web2py
>> 
>> 
>> 
>>
>> this is my view
>>
>> {{extend 'layout.html'}}
>>
>> {{for poruke in poruke:}}
>> {{if poruke.post_author:}}
>> {{=poruke.post_author}} says {{=poruke.poruka}} 
>> {{else:}}
>> Anonymous says {{=poruke.poruka}}
>> {{pass}}
>> {{pass}}
>>
>> {{=form}}
>>
>> {{include 'test.html'}}
>>
>> {{block mysidebar}}
>> my block
>> {{end}}
>>
>> How t make implementation of
>>
>> response .menu = 
>> [('Google', False, 'http://www.google.com',[]),
>>
>>
>>  ('Index',  True,  URL 
>> ('index'), [])]
>>
>> *
>> *
>>
>>
>>
>> - - Miroslav Gojic - -
>>
>>
>>
>> On Fri, Oct 7, 2011 at 18:58, Anthony  wrote:
>>
>>> On Friday, October 7, 2011 1:31:08 AM UTC-4, miroslavgojic wrote:

 Thanks for blocks - that work, this is similar to modules in joomla, I
 can write small block and get content on specific place at layout.

 I tray to use next code:
 response .menu = 
 [('Google', False, 'http://www.google.com',[]),


  ('Index',  True,  URL 
 ('index'), [])]

 but without any success.
 I reed in book that mentioned code I must put in controller but how to
 get same than in layout and does in controller I must use definition or 
 haw.

>>>
>>> Can you show the relevant controller and view code related to the menu?
>>> What do you expect to see, and what do you actually see? Note, typically you
>>> would pass response.menu to the MENU() helper, which will turn it into a
>>> nested unordered list, which can then be styled/displayed as a menu via CSS
>>> and/or Javascript (e.g., the 'welcome' app uses the Superfish Javascript
>>> menu).
>>>
>>> Anthony
>>>
>>>
>>

Re: [web2py] Re: Major vulnerability in Janrain+AOL

[Bruno Rocha]

it is a bad idea to populate the email field with a dummy email generated
based in registration_id ?

[web2py] Re: Major vulnerability in Janrain+AOL

[Massimo Di Pierro]

Found a better solution that involved disallowing login when
username=false (registration_id field not present) and when janrain
reports no email. basically this prevents AOL logins.

Let's all think whether there is a better way to handle it in a
backward compatible way.

On Oct 9, 12:18 am, Massimo Di Pierro 
wrote:
> Correction. The identifier is there. The problem is that web2py only
> uses the janrain identifier as an identifier if
> auth.define_tables(username=True) else it uses email. AOL login does
> not passes the email along.
>
> We could modify tools.py so that to always add a registration_id field
> to the table even if auth.define_tables(username=False). This solves
> the problem above but it will force a migration of your auth_user
> table and your app will no longer recognize users who have previously
> logged in. Suggestions?
>
> For now if you use janrain or other third party federated ID, make
> sure
>
> auth.define_tables(username=True)
>
> Massimo
>
> On Oct 8, 11:55 pm, Massimo Di Pierro 
> wrote:
>
>
>
>
>
>
>
> > A major vulnerability has been discovered.
>
> > When a user logs in with Janrain using AOL, Janrain reports an
> > identifier=None instead of a valid unique id for the user as it
> > normally does. Therefore is two different people login in a web2py
> > application using different AOL accounts, Janrain reports them as the
> > same person.
>
> > I have just pushed a partial fix to trunk that prevents login when the
> > Janrain identifier is set to None. that means you cannot login in
> > web2py with AOL.
>
> > According to the Janrain online docs, the identifier should be unique
> > for every user but it does not appear to be the case for AOL users.
>
> > Even if you do not wish to upgrade, copy gluon/contrib/login_methods/
> > rpx_account.py from trunk into your version.
>
> > Massimo

Re: [web2py] Re: Web2py/modj/tomcat

[Vasile Ermicioi]

isn't jython with web2py default webserver (rocket) better?

as I understand jython inherits true threading functionality from java,
so rocket should perform even better on jython

[web2py] Re: Major vulnerability in Janrain+AOL

[Massimo Di Pierro]

Correction. The identifier is there. The problem is that web2py only
uses the janrain identifier as an identifier if
auth.define_tables(username=True) else it uses email. AOL login does
not passes the email along.

We could modify tools.py so that to always add a registration_id field
to the table even if auth.define_tables(username=False). This solves
the problem above but it will force a migration of your auth_user
table and your app will no longer recognize users who have previously
logged in. Suggestions?

For now if you use janrain or other third party federated ID, make
sure

auth.define_tables(username=True)

Massimo

On Oct 8, 11:55 pm, Massimo Di Pierro 
wrote:
> A major vulnerability has been discovered.
>
> When a user logs in with Janrain using AOL, Janrain reports an
> identifier=None instead of a valid unique id for the user as it
> normally does. Therefore is two different people login in a web2py
> application using different AOL accounts, Janrain reports them as the
> same person.
>
> I have just pushed a partial fix to trunk that prevents login when the
> Janrain identifier is set to None. that means you cannot login in
> web2py with AOL.
>
> According to the Janrain online docs, the identifier should be unique
> for every user but it does not appear to be the case for AOL users.
>
> Even if you do not wish to upgrade, copy gluon/contrib/login_methods/
> rpx_account.py from trunk into your version.
>
> Massimo

[web2py] clueTip + Web2Py Not Caching

[luismurciano]

Hello everyone

Im using  clueTip http://plugins.learningjquery.com/cluetip/ a fancy
tooltip js lib to show some adition info. That information is loaded
via AJAX.
clueTip is very easy, works well with web2py and loads asynchronously.
I want to cache the requested information for efficiency but it seems
to do cache only from statics pages.

Example:
Hover
over me
$('h4').cluetip({attribute: 'id', hoverClass: 'highlight'});

but if the page isnt static, defined in a controller,  clueTip doesn't
cache the request at all.

I dont know why thats happens, and I dont even know if is an issue
from clueTip or Web2py.
I can do it using some hacks (loading the info in a div and showing it
on mouseover) but isnt very clean.

Any thoughts?

[web2py] Major vulnerability in Janrain+AOL

[Massimo Di Pierro]

A major vulnerability has been discovered.

When a user logs in with Janrain using AOL, Janrain reports an
identifier=None instead of a valid unique id for the user as it
normally does. Therefore is two different people login in a web2py
application using different AOL accounts, Janrain reports them as the
same person.

I have just pushed a partial fix to trunk that prevents login when the
Janrain identifier is set to None. that means you cannot login in
web2py with AOL.

According to the Janrain online docs, the identifier should be unique
for every user but it does not appear to be the case for AOL users.

Even if you do not wish to upgrade, copy gluon/contrib/login_methods/
rpx_account.py from trunk into your version.

Massimo

[web2py] Re: problem displaying db query result in view, inside {{for}}

[IK]

Out of 6 listing_item records, 2 didn't had price records.  I deleted those 
two listing_item records but I'm still getting the same problem.

To recap
{{for item ...

{{prices=db(db.price.listing==item.id).select(orderby=db.price.weekly,distinct=True)}}
 

{{=prices.weekly.last()}}
   OR
  {{=prices.weekly}}

throws this error

('Rows' object has no attribute 'weekly')


if  {{=prices}} is used I'm getting beautify output will all fields and 
records displayed


Starting to think that this is maybe a bug. From what I know about web2py 
{{=prices.weekly}} should work, and it works outside for loop. So, problem 
happens only when called from within {{for}} loop!? I'm still on  Version 
1.99.1 (2011-09-22 16:59:24) stable. 

To say a word on your prevision post: As I'm still learning web2py, I left 
"joins" for later stage, but I guess there is no time like now :) .I'm aware 
join is way forward and once I get working sample, I'll post the code here. 
Thanks for code.


p.s.
This just came to me: community that never sleep, web2py. As I’m in GMT zone 
(I know know - it's Saturday nite - no life) I wasn't expecting so prompt 
answer. ..even if you are in  EST,  it's still late :)  This is what I call 
dedication!! web2py community rocks

[web2py] Re: problem displaying db query result in view, inside {{for}}

[Anthony]

On Saturday, October 8, 2011 11:50:17 PM UTC-4, IK wrote:
>
> I tried your suggestion, but it would still throw the same error.
>
> so:
>
> {for item in items:}} ### item in controller is changed to items
> Listing {{=item.title}} max price
>
> 
> {{prices=db(db.price.listing==item.id).select(orderby=db.price.weekly,distinct=True)}}
>  
>
> {{=prices.last().weekly}}
> 
>
> ('NoneType' object has no attribute 
> 'weekly')
>
Is it possible that some items don't have any prices, so the query isn't 
returning any rows for those items? In that case, you'd first want to test 
to make a result was returned.

[web2py] Re: problem displaying db query result in view, inside {{for}}

[Anthony]

Also, rather than doing a separate query for each item in the view, you 
might do a join and get the max value directly in the controller. This might 
not be quite right, but something like:

max = db.price.weekly.max()
items = db(db.listing_item.id == 
db.price.listing).select(db.listing_item.id,
db.listing_item.title, max, groupby=db.listing_item.id)

Anthony

On Saturday, October 8, 2011 10:44:33 PM UTC-4, Anthony wrote:
>
> On Saturday, October 8, 2011 10:31:18 PM UTC-4, IK wrote:
>>
>>
>> {{for item in item:}}
>>  Listing  {{item.title}} and max price:
>>
>> {{prices=db((db.price.id>0) & 
>> (db.price.listing==item)).select(db.price.weekly,distinct=True)}}
>>
>
> 'item' is an entire row -- instead, you want item.id:
>
> (db.price.listing==item.id)
>
> Also, you shouldn't need the (db.price.id>0).
>
> You might also want to name the result of the select in the controller 
> 'items' instead of 'item' to avoid confusion.
>  
>
>> {{priceMax= prices.last()}}
>>
>
> Are the prices inserted in order, so the last is always the max?
>  
>
>> {{=priceMax}}
>>
>
> If you don't need to re-use priceMax elsewhere, you can just do:
>
> {{=prices.last().weekly}}
>  
> Anthony
>

[web2py] Re: problem displaying db query result in view, inside {{for}}

[IK]

Jonathan,

When I started with web2py I tried to use different names, as per book, but 
it would throw name error as items wasn't specified ((name 'items' is not defined)) and I stayed with 
first thing that worked for me i.e. item in item. Thanks for that, now when 
I think about it makes sense; variable passed from controller function 
should be placed second in for loop (talking about going back to basics) :).


Anthony,

Thanks for the advices, some of them were just my  mistakes/typo, for rest 
I'll implement as you suggested. I should know better, by reading so many 
posts in this group, to use actual code, but I wanted to make it as simple 
as possible... My real issue was/is, how to display that one record without 
web2py adding extra syntax to the result. e.g. ('NoneType' object has no attribute 
'weekly') 

But this


{{prices=db(db.price.listing==item.id).select(orderby=db.price.weekly,distinct=True)}}
 

{{=prices.last()}}

doesn't throw any errors but problem is how data is displayed: all fields in 
this format

* Are the prices inserted in order, so the last is always the max?
Sorry, I didn't include in original code orderby. If I specify  orderby in 
select() and by using last() function, it would display biggest number or 
with .first() smallest number. maybe a chaet not to use use min max 
functions.

I was playing with .min() and .max() functions ,but couldn't find 
appropriate usage example for my requirements and I was getting similar 
result. 

I should mention that if second for loop  (nested) is used instead. I'm 
getting proper output, but problem is that all weekly records are displayed 
and not one (biggest or smallest number).

e.g.
{{for item in items:}}

{{prices=db(db.price.listing==item.id).select(orderby=db.price.weekly,distinct=True)}}
 

{{for price in prices:}}
{{=price.weekly}}
{{pass}}
{{pass}}


Cheers
IK

Re: [web2py] problem displaying db query result in view, inside {{for}}

[Anthony]

On Saturday, October 8, 2011 11:42:37 PM UTC-4, pbreit wrote:
>
> I spotted that too. I'd be surprised if it worked.


Actually, I think it does work, but probably not a good practice.

Re: [web2py] problem displaying db query result in view, inside {{for}}

[pbreit]

I spotted that too. I'd be surprised if it worked.

If you have a query that returns multiple records, best to use a plural 
variable like "items". Then you'd have:

for item in items:

[web2py] Re: problem displaying db query result in view, inside {{for}}

[Anthony]

On Saturday, October 8, 2011 10:31:18 PM UTC-4, IK wrote:
>
>
> {{for item in item:}}
>  Listing  {{item.title}} and max price:
>
> {{prices=db((db.price.id>0) & 
> (db.price.listing==item)).select(db.price.weekly,distinct=True)}}
>

'item' is an entire row -- instead, you want item.id:

(db.price.listing==item.id)

Also, you shouldn't need the (db.price.id>0).

You might also want to name the result of the select in the controller 
'items' instead of 'item' to avoid confusion.
 

> {{priceMax= prices.last()}}
>

Are the prices inserted in order, so the last is always the max?
 

> {{=priceMax}}
>

If you don't need to re-use priceMax elsewhere, you can just do:

{{=prices.last().weekly}}
 
Anthony

Re: [web2py] problem displaying db query result in view, inside {{for}}

[Jonathan Lundell]

On Oct 8, 2011, at 7:31 PM, IK wrote:

> if I try: 
> {{for item in item:}}

Just a side note: using the same name (item) both places here doesn't seem 
safe. Maybe it is, but...

[web2py] problem displaying db query result in view, inside {{for}}

[IK]

Hi,

This is wrecking my head. If anybody can advise please.

I have two tables (simplified version)

db.define_table("listing_item",
Field('title',length=32),
Field('short_description',length=512)


db.define_table("price", ###there are number of weekly records for one 
listing_item record
Field('listing',db.listing_item), 
Field("name", "string", length=64),
Field("weekly","decimal(13,2)"),


#Controller#

def index():
item = db(db.listing_item.id>0).select()
return dict(item=item)

View

{{for item in item:}}
 Listing  {{item.title}} and max price:

{{prices=db((db.price.id>0) & 
(db.price.listing==item)).select(db.price.weekly,distinct=True)}} 
{{priceMax= prices.last()}}
{{=priceMax}}



{{pass}}


Result###
 Listing Test1 and max price is 
 Listing Test2 and max price is 


What I'm trying to achieve is as follows:
Listing Test1 and max price is 100.00
Listing Test2 and max price is 100.00
...


if I try: 
{{for item in item:}}
 Listing  {{item.title}} and max prices:
 {{prices=db((db.price.id>0) & 
(db.price.listing==item)).select(db.price.weekly,distinct=True)}} 
{{priceMax= prices.last()}}
   * {{=priceMax.weekly}}*


{{pass}}


it throws exception error
('NoneType' object has no attribute 
'weekly')

Funny enough if I place this outside for loop and specify id, it works

 {{prices=db((db.price.id>0) & 
(*db.price.listing==2*)).select(db.price.weekly,distinct=True)}} 

{{priceMax= prices.last()}}
{{=priceMax.weekly}}

{{for item...

Rresult###
100.00


Sorry for the lengthy post but I wanted to make it as clear as possible what 
I'm trying to achieve here,on the another hand If it's not clear... double 
sorry :) Also, I'm not too happy to place this logic in view, but so far it 
seems most simpler way to accomplish desired result, I'm open to better 
suggestions where all logic is in controller.

Thanks
IK

[web2py] Re: error in making wiki using rss feed

[Anthony]

That example needs to be updated. It is relying on the generic.rss view, but 
by default, generic views are disabled. Either copy generic.rss to 
/default/news.rss, or add the following to the news() function:

response.generic_patterns = ['rss']

Anthony

On Saturday, October 8, 2011 9:18:41 PM UTC-4, mohamed basem wrote:
>
> i wrote the code at the default controller but when trying to open 
> http://127.0.0.1:8000/mywiki/default/news.rss 
> there is an error ?!! >>saying >> " invalid view (default/news.rss) " 
> i don`t know why ?? i reviewed the code many times and there is no 
> faults in it , it`s like the code in the book !

[web2py] error in making wiki using rss feed

[mohamed basem]

i wrote the code at the default controller but when trying to open
http://127.0.0.1:8000/mywiki/default/news.rss
there is an error ?!! >>saying >> " invalid view (default/news.rss) "
i don`t know why ?? i reviewed the code many times and there is no
faults in it , it`s like the code in the book !

[web2py] Re: manual file upload using SQLFORM.factory

[TheSweetlink]

Yes a user can by default can download() but how would the user know
the renamed filename though?  I cannot say as I do not have much
detail behind your app.  Depending on where you're saving what will
dictate what you should do better than any advice I can give.  web2py
enables a great deal of security enhancements by default so generally
speaking you should be just fine with store() renaming your file.

Yes, I too have found web2py to be an invaluable tool as well as this
community being one of the most helpful and nicest around.

Best,
David

On Oct 8, 6:48 am, Alex  wrote:
> Upload should be save since its handled by web2py. But with the
> download the user possible could pass any path for the filename and
> download files also from other folders. Should I check for '..' in the
> filename? Would it be sufficient?
>
> btw, the community is great here. as is web2py :)
>
> Alex
>

[web2py] Re: Web2py/modj/tomcat

[Sergio]

> That is awesome! What version of web2py and Jython have you got
> working? Could you share your patches?

Jythin 2.5.2 and latest Web2py work ok for me as long as apps do'nt
use decorators.

> > I ran into two problems so far:
> >  - web2py is looking for its version file in tomcat/bin. Why the hell?

Because I hadn't set web2py_path. My bad

> >  - my servlet "gets in the way". Let's say its address 
> > ishttp://host:8080/myservlet/
> > When called without an app name, web2py will try to run the "welcome"
> > app, and redirects me tohttp://host:8080/welcome/default/indexwhen
> > it should redirect me tohttp://host:8080/myservlet/welcome/default/index
> > instead. I have tried to play with routes_out to add the servlet's
> > name to the path but I couldn't get it to work. Any ideas?

Got the routes working. Only the admin app doesn't work because it
redirects without using URL so no route is computed

> Are you using snakefight to generate config files for modjy or
> creating by hand?

By hand. I didn't even know about snakefight.

I've had problems with jython being run from Tomcat (5.5 BTW) and that
has to do with unicode strings.
I had to:

- remove the utf-8 first bline from all app's .py files
- replace isinstance(string) with isinstance(basestring) in some
places
- comment out a call to string.translate in Cookie (that one hurt!)

Any ideas welcome on how to fix this unicode problem.

One last remark : why do we have to have sqlite installed just in
order to use jdbc??

Sergio

[web2py] Re: IS_NOT_IN_DATABASE with a formatted value

[Ed Greenberg]

Thank you both, Massimo and Anthony.  This is exactly the kind of
pointer I was looking for.

Ed

On Oct 8, 3:37 pm, Anthony  wrote:
> I think he wants to check to make sure the cleaned number isn't already in
> the database, so if defining a custom validator for the cleaning, wouldn't
> both validators be needed?
>
> FORM(INPUT(_name='phone', requires=[MyValidator(), IS_NOT_IN_DB(db,
> 'tablename.phone')]))
>
> In this case, MyValidator returns the cleaned version of the number, and
> that value is then passed to the IS_NOT_IN_DB validator.
>
> The lambda version should work too, though, no? I suppose another option
> would be:
>
> FORM(INPUT(_name='phone', requires=[lambda v: (cleanUpNumber(v), None),
> IS_NOT_IN_DB(db, 'tablename.phone')]))
>
> Of course, if the cleaning validator needs to do any error checking and
> possibly return an error, then it would be better to write a full custom
> validator.
>
> Note, in all these cases, the validator(s) end up transforming the submitted
> number to the cleaned version, so form.vars.phone will end up cleaned, so
> you won't need to do a separate cleaning step.
>
> Anthony
>
>
>
>
>
>
>
> On Saturday, October 8, 2011 11:17:16 AM UTC-4, Massimo Di Pierro wrote:
>
> > More like this:
>
> > class MyValidator(object):
> >      def __call__(self,value):
> >            return (cleanUpNumber(value), None)
>
> > FORM(INPUT(_name='phone',requires=MyValidator())
>
> > On Oct 8, 7:48 am, Anthony  wrote:
> > > Something like:
>
> > > FORM(INPUT(_name='phone',
> > >     requires=lambda v: IS_NOT_IN_DB(db,
> > > 'yourtable.phone')(cleanUpNumber(v
>
> > > Anthony
>
> > > On Saturday, October 8, 2011 8:10:51 AM UTC-4, Ed Greenberg wrote:
>
> > > > I have a table of US phone numbers in ten digit form. When I store
> > > > them, I take out all non-numeric characters using:
>
> > > > def cleanUpNumber(number):
> > > >     return re.sub(r'\D',"",number)[-10:]
>
> > > > I use a FORM() to get the numbers. Not a SQLFORM or CRUD.
>
> > > > I would like to use IS_NOT_IN_DATABASE(...) to make sure that I don't
> > > > get duplicates.
>
> > > > How can I get the validator to run the values through cleanUpNumber()
> > > > before looking in the database?
>
> > > > Ed

[web2py] Re: How to create SQLFORM forms in a "for" loop

[Anthony]

Also, note that depending on how many tags there are, this method could be 
inefficient -- when a single form is submitted, the action still has to 
process and return all the forms again. You might consider a way to have the 
submissions happen via Ajax so only the submitted form has to be processed 
on the server side and updated on the client side.

Anthony

On Saturday, October 8, 2011 8:01:08 PM UTC-4, Anthony wrote:
>
> There may be other problems, but if you want to build a list of forms, you 
> need to do taglist.append(thisform). The .extend() method inserts a list 
> at the end of an existing list, and since HTML helpers act as lists with 
> respect to their components, taglist.extend(thisform) ends up inserting the 
> first (and only) component of thisform, which is the table object inside the 
> form object (so, you're getting a list of tables instead of a list of 
> forms). See if that fix helps.
>
> Anthony
>
> On Saturday, October 8, 2011 7:40:14 PM UTC-4, monotasker wrote:
>>
>> I need to present a list of edit forms, one for each tag in db.tags. I've 
>> written the controller below, but it doesn't work because (I think) the 
>> variable "thisform" is identical for each form. I think the problem is that 
>> I need to assign a unique variable name to each form (i.e., each time 
>> through the "for" loop). But since you can't use operators in a variable 
>> name, I'm not sure if this is possible. Is there a simple solution?
>>
>> tags = db(db.tags).select()
>> taglist = []
>> for tag in tags:
>> thisform = SQLFORM(db.tags, record=tag.id, deletable = True, 
>> showid=False, fields=['tag'], labels = {'tag':''}, submit_button = 'update', 
>> delete_label = 'delete ', record_id = None, formstyle = 'table2cols', 
>> separator = '', _name=tag.tag)
>> if thisform.accepts(request.vars, formname=tag.tag):
>> response.flash = 'updated'
>> else:
>> response.flash = 'form has errors'
>> taglist.extend(thisform)
>>
>

[web2py] Re: How to create SQLFORM forms in a "for" loop

[Anthony]

There may be other problems, but if you want to build a list of forms, you 
need to do taglist.append(thisform). The .extend() method inserts a list at 
the end of an existing list, and since HTML helpers act as lists with 
respect to their components, taglist.extend(thisform) ends up inserting the 
first (and only) component of thisform, which is the table object inside the 
form object (so, you're getting a list of tables instead of a list of 
forms). See if that fix helps.

Anthony

On Saturday, October 8, 2011 7:40:14 PM UTC-4, monotasker wrote:
>
> I need to present a list of edit forms, one for each tag in db.tags. I've 
> written the controller below, but it doesn't work because (I think) the 
> variable "thisform" is identical for each form. I think the problem is that 
> I need to assign a unique variable name to each form (i.e., each time 
> through the "for" loop). But since you can't use operators in a variable 
> name, I'm not sure if this is possible. Is there a simple solution?
>
> tags = db(db.tags).select()
> taglist = []
> for tag in tags:
> thisform = SQLFORM(db.tags, record=tag.id, deletable = True, 
> showid=False, fields=['tag'], labels = {'tag':''}, submit_button = 'update', 
> delete_label = 'delete ', record_id = None, formstyle = 'table2cols', 
> separator = '', _name=tag.tag)
> if thisform.accepts(request.vars, formname=tag.tag):
> response.flash = 'updated'
> else:
> response.flash = 'form has errors'
> taglist.extend(thisform)
>

[web2py] How to create SQLFORM forms in a "for" loop

[monotasker]

I need to present a list of edit forms, one for each tag in db.tags. I've 
written the controller below, but it doesn't work because (I think) the 
variable "thisform" is identical for each form. I think the problem is that 
I need to assign a unique variable name to each form (i.e., each time 
through the "for" loop). But since you can't use operators in a variable 
name, I'm not sure if this is possible. Is there a simple solution?

tags = db(db.tags).select()
taglist = []
for tag in tags:
thisform = SQLFORM(db.tags, record=tag.id, deletable = True, 
showid=False, fields=['tag'], labels = {'tag':''}, submit_button = 'update', 
delete_label = 'delete ', record_id = None, formstyle = 'table2cols', 
separator = '', _name=tag.tag)
if thisform.accepts(request.vars, formname=tag.tag):
response.flash = 'updated'
else:
response.flash = 'form has errors'
taglist.extend(thisform)

[web2py] Re: Localhost and web2py

[horridohobbyist]

Now that I think about it, I'm wondering:  Is web2py actually using
its internal server? I installed web2py using the One Step Production
Deployment recipe in the Official web2py Book. Since the Ubuntu system
with Apache2 supports WSGI, am I not using Apache instead of the
internal server? In that case, is "localhost:8000", for example, even
relevant? I'm confused.

Normally, the Seaside app was using localhost:8080 with its internal
server. How is the above interfering with that?

Richard

On Oct 8, 5:37 pm, Anthony  wrote:
> Have you tried running web2py on a different port:
>
> python web2py.py -a your_password -i 127.0.0.1 -p 
>
> Also, on production, you might consider using something other than web2py's
> built-in server.
>
> Anthony
>
>
>
>
>
>
>
> On Saturday, October 8, 2011 5:22:42 PM UTC-4, horridohobbyist wrote:
>
> > I seem to have made a boo-boo. I installed web2py on a production
> > server that is also running a Seaside app. Like web2py, Seaside runs
> > its own internal server, so the app references localhost:8080, for
> > example.
>
> > Since installing web2py, I can access web2py, for example, with
> > localhost:8000. But now, I can't access the Seaside app -- I get a
> > forbidden access error. I surmise that it's because localhost is no
> > longer Seaside's internal server but web2py's. Oops.
>
> > So how do I back out of this? More importantly, how do I make web2py
> > coexist with Seaside, when each runs its own internal server?
>
> > Please, I hope somebody can help me.
>
> > Thanks,
> > Richard

[web2py] Re: Google Cloud SQL

[Massimo Di Pierro]

I do not have any performance information at this time.
I do not think Google has published any.
Eventually we should run our own benchmarks.

On Oct 8, 3:19 pm, Kurt Fehlhauer  wrote:
> Massimo,
>
> Thanks for your reply. This may not be the appropriate forum to ask
> this. As far as performance is concerned will Google Cloud SQL handle
> blobs as well as Big Table does running on Google's infrastructure? I
> suspect the answer will be that the differences are so negligible that
> it won't matter. On large applications I suspect it may be useful to
> use both Big Table and Google Cloud SQL at the same time. Have you
> given this any thought on when it is better to use Big Table versus
> Google Cloud SQL or even both? I get the impression that Google only
> implemented Cloud SQL in order to remain competitive with other PaaS
> offerings.
>
> Thanks,
> Kurt
>
> On Oct 8, 9:13 am, Massimo Di Pierro 
> wrote:
>
>
>
>
>
>
>
> > In can do both. In fact you can have a
> > db1=DAL('google:sql://...')
> > and a
> > db2=DAL('google:datastore://...')
> > and store some data in db1 and some in db2.
>
> > I will add this in the howto I plan to write.
>
> > On Oct 7, 11:47 pm, Kurt Fehlhauer  wrote:
>
> > > Massimo,
>
> > > I am creating a photo gallery application and have questions in regard
> > > to Google Cloud SQL. Do you have any best-practice advice on storing
> > > images in GAE when using SQL? Should it go in the database as a blob
> > > or should it be stored as a blob property in the Google datastore?
>
> > > Thanks,
> > > Kurt
>
> > > On Oct 6, 7:34 pm, Massimo Di Pierro 
> > > wrote:
>
> > > > I guess this finally relieves me from the non-disclosure agreement ;-)
>
> > > > web2py has already been running on GAE+SQL since March:
>
> > > >      http://web2py-tests.appspot.com/mysql/tests
>
> > > > All web2py apps can now run GAE. Just use a connection string like:
>
> > > >     DAL('google:sql://gmailcom:web2pytests/guestbook')
>
> > > > including:
> > > > - migrations
> > > > - all types of web2py queries (or, joins, like, etc.)
> > > > - transactions
>
> > > > By the week-end I will post a more detailed howto.
> > > > If you have used web2py to build your apps, this is the moment it pays
> > > > off.
>
> > > > Massimo
>
> > > > On Oct 6, 6:29 pm, pbreit  wrote:
>
> > > > >http://googlecode.blogspot.com/2011/10/google-cloud-sql-your-database...

[web2py] jsrpc

[Massimo Di Pierro]

https://github.com/barneygale/JSRPC#readme

[web2py] Re: Multiple instances of a table in a SQLFORM

[Anthony]

First, I think you want your options table to be linked to your query table 
(i.e., add a reference field referring to the query table).

What you would like to do is probably doable, but I don't think very easily. 
As a simpler alternative, instead of two separate tables, maybe consider a 
single query table that includes a sufficiently larger number of fixed 
options fields. If you will know the number of options needed before the 
form is presented, you can simply hide the extra option fields by setting 
readable=writeable=False for each of them. On the other hand, if the user 
should be allowed to add options dynamically on the client side, then you 
can use jQuery to initially hide some or all of the options and to 
progressively show them as the user requests more options.

Anthony

On Saturday, October 8, 2011 5:43:15 AM UTC-4, faultyzebra wrote:
>
>
> 
> Application: Poll Application
>
> *Database design:*
>
> question body: db.t_query
>
> option body: db.t_option
>
> *model(db_wizard.py):*
>
> 
> db.define_table('t_query',
> Field('f_content', type='text', requires=IS_NOT_EMPTY(),
>   label=T('Content')),
> SQLField('is_active',db.auth_user,writable=False,readable=False),
> auth.signature,
> migrate=settings.migrate)
>
> db.define_table('t_query_archive',db.t_query,Field('current_record','reference
>  
> t_query',readable=False,writable=False))
>
> 
> db.define_table('t_option',
> Field('f_ocontent', type='string',
>   label=T('Option')),
> auth.signature,
> migrate=settings.migrate)
>
> db.define_table('t_option_archive',db.t_option,Field('current_record','reference
>  
> t_option',readable=False,writable=False))
>
> *controller(default.py):*
> @auth.requires_login()
> def ask():
> form=SQLFORM.factory(db.t_query,db.t_option,db.t_option)
> if form.process().accepted:
> id = db.t_query.insert(**db.t_query._filter_fields(form.vars))
> form.vars.client=id
> id = db.option.insert(**db.t_option._filter_fields(form.vars))
> response.flash='Thanks for filling the form'
> id = db.option.insert(**db.t_option._filter_fields(form.vars))
> response.flash='Thanks for filling the form'
> return dict(form=form)
>
> *view(ask.html)*
> {{extend 'layout.html'}}
>
> Start a Poll
> {{=form}}
>
> *Output:*
> See top for screenshot
> Only one instance of db.t_option is seen in the form. How do I get multiple 
> instances of the option field in the form? Is it possible? If not what can I 
> do for a workaround?
>
> Thank you in advance. Also thanks for web2py.
>
>

[web2py] Re: Localhost and web2py

[Anthony]

Have you tried running web2py on a different port:

python web2py.py -a your_password -i 127.0.0.1 -p 

Also, on production, you might consider using something other than web2py's 
built-in server.

Anthony

On Saturday, October 8, 2011 5:22:42 PM UTC-4, horridohobbyist wrote:
>
> I seem to have made a boo-boo. I installed web2py on a production 
> server that is also running a Seaside app. Like web2py, Seaside runs 
> its own internal server, so the app references localhost:8080, for 
> example. 
>
> Since installing web2py, I can access web2py, for example, with 
> localhost:8000. But now, I can't access the Seaside app -- I get a 
> forbidden access error. I surmise that it's because localhost is no 
> longer Seaside's internal server but web2py's. Oops. 
>
> So how do I back out of this? More importantly, how do I make web2py 
> coexist with Seaside, when each runs its own internal server? 
>
> Please, I hope somebody can help me. 
>
> Thanks, 
> Richard

[web2py] Localhost and web2py

[horridohobbyist]

I seem to have made a boo-boo. I installed web2py on a production
server that is also running a Seaside app. Like web2py, Seaside runs
its own internal server, so the app references localhost:8080, for
example.

Since installing web2py, I can access web2py, for example, with
localhost:8000. But now, I can't access the Seaside app -- I get a
forbidden access error. I surmise that it's because localhost is no
longer Seaside's internal server but web2py's. Oops.

So how do I back out of this? More importantly, how do I make web2py
coexist with Seaside, when each runs its own internal server?

Please, I hope somebody can help me.

Thanks,
Richard

Re: [web2py] Re: To DAL or not to DAL, that is the question!

[pbreit]

It's pretty much db([where clauses]).select()

Add .first() or last() when you want one record.

select * from item where id=1

 rows = db(db.item.id==1).select().first()

& for compound queries:

 rows = db((db.item.id>5)&(db.item.id<10)).select()

[web2py] Re: date variables, json and jqplot

[Rick]

Thanks, your answer inspired me. The solution that works is this:



>From the controller file:

points=[[point.thedate.strftime('%Y-%m-%d'), point.value] for point in
pointlist]



>From the view file:








On Oct 8, 7:09 pm, DenesL  wrote:
> try
>
> points=[[point.thedate.strftime('%Y%m%d'), point.value] for point in
> pointlist]
>
> or some other format that suits your needs.
>
> On Oct 8, 10:29 am, Rick  wrote:
>
>
>
>
>
>
>
> > Hi,
> > I want to draw a graph with jqplot, where the x-axis is a date-
> > timeline, but I get this message:
> > TypeError: datetime.date(2011, 10, 2) is not JSON serializable
> > Does anyone know an easy way to pass date variable to json?
>
> > Thanks in advance for help. Here is some code from the files:
>
> > 
>
> > From the controller file:
> > points=[[point.thedate, point.value] for point in pointlist]
> > return dict(points=points)
>
> > 
>
> > from the view file:
> > 
> > 
> > 
> > 
> > 

[web2py] Re: Google Cloud SQL

[Kurt Fehlhauer]

Massimo,

Thanks for your reply. This may not be the appropriate forum to ask
this. As far as performance is concerned will Google Cloud SQL handle
blobs as well as Big Table does running on Google's infrastructure? I
suspect the answer will be that the differences are so negligible that
it won't matter. On large applications I suspect it may be useful to
use both Big Table and Google Cloud SQL at the same time. Have you
given this any thought on when it is better to use Big Table versus
Google Cloud SQL or even both? I get the impression that Google only
implemented Cloud SQL in order to remain competitive with other PaaS
offerings.

Thanks,
Kurt

On Oct 8, 9:13 am, Massimo Di Pierro 
wrote:
> In can do both. In fact you can have a
> db1=DAL('google:sql://...')
> and a
> db2=DAL('google:datastore://...')
> and store some data in db1 and some in db2.
>
> I will add this in the howto I plan to write.
>
> On Oct 7, 11:47 pm, Kurt Fehlhauer  wrote:
>
>
>
>
>
>
>
> > Massimo,
>
> > I am creating a photo gallery application and have questions in regard
> > to Google Cloud SQL. Do you have any best-practice advice on storing
> > images in GAE when using SQL? Should it go in the database as a blob
> > or should it be stored as a blob property in the Google datastore?
>
> > Thanks,
> > Kurt
>
> > On Oct 6, 7:34 pm, Massimo Di Pierro 
> > wrote:
>
> > > I guess this finally relieves me from the non-disclosure agreement ;-)
>
> > > web2py has already been running on GAE+SQL since March:
>
> > >      http://web2py-tests.appspot.com/mysql/tests
>
> > > All web2py apps can now run GAE. Just use a connection string like:
>
> > >     DAL('google:sql://gmailcom:web2pytests/guestbook')
>
> > > including:
> > > - migrations
> > > - all types of web2py queries (or, joins, like, etc.)
> > > - transactions
>
> > > By the week-end I will post a more detailed howto.
> > > If you have used web2py to build your apps, this is the moment it pays
> > > off.
>
> > > Massimo
>
> > > On Oct 6, 6:29 pm, pbreit  wrote:
>
> > > >http://googlecode.blogspot.com/2011/10/google-cloud-sql-your-database...

[web2py] Re: IS_NOT_IN_DATABASE with a formatted value

[Anthony]

I think he wants to check to make sure the cleaned number isn't already in 
the database, so if defining a custom validator for the cleaning, wouldn't 
both validators be needed?

FORM(INPUT(_name='phone', requires=[MyValidator(), IS_NOT_IN_DB(db, 
'tablename.phone')]))

In this case, MyValidator returns the cleaned version of the number, and 
that value is then passed to the IS_NOT_IN_DB validator.

The lambda version should work too, though, no? I suppose another option 
would be:

FORM(INPUT(_name='phone', requires=[lambda v: (cleanUpNumber(v), None), 
IS_NOT_IN_DB(db, 'tablename.phone')]))

Of course, if the cleaning validator needs to do any error checking and 
possibly return an error, then it would be better to write a full custom 
validator.

Note, in all these cases, the validator(s) end up transforming the submitted 
number to the cleaned version, so form.vars.phone will end up cleaned, so 
you won't need to do a separate cleaning step.

Anthony

On Saturday, October 8, 2011 11:17:16 AM UTC-4, Massimo Di Pierro wrote:
>
> More like this: 
>
> class MyValidator(object): 
>  def __call__(self,value): 
>return (cleanUpNumber(value), None) 
>
> FORM(INPUT(_name='phone',requires=MyValidator()) 
>
> On Oct 8, 7:48 am, Anthony  wrote: 
> > Something like: 
> > 
> > FORM(INPUT(_name='phone', 
> > requires=lambda v: IS_NOT_IN_DB(db, 
> > 'yourtable.phone')(cleanUpNumber(v 
> > 
> > Anthony 
> > 
> > 
> > 
> > 
> > 
> > 
> > 
> > On Saturday, October 8, 2011 8:10:51 AM UTC-4, Ed Greenberg wrote: 
> > 
> > > I have a table of US phone numbers in ten digit form. When I store 
> > > them, I take out all non-numeric characters using: 
> > 
> > > def cleanUpNumber(number): 
> > > return re.sub(r'\D',"",number)[-10:] 
> > 
> > > I use a FORM() to get the numbers. Not a SQLFORM or CRUD. 
> > 
> > > I would like to use IS_NOT_IN_DATABASE(...) to make sure that I don't 
> > > get duplicates. 
> > 
> > > How can I get the validator to run the values through cleanUpNumber() 
> > > before looking in the database? 
> > 
> > > Ed

[web2py] Re: how can I get a class from a model file

[apple]

To answer my own question models are executed and not imported so are
already in the globals namespace.

Therefore instead of using getattr one can use:

globals()[tablename]()

On Oct 8, 5:57 pm, apple  wrote:
> tableclass=getattr(tableclasses, tablename)
>
> Works fine when tableclasses is in modules but not when it is in
> models - says "global name tableclasses is not defined".
>
> Is it possible to access by name a class defined in models?

Re: [web2py] Re: Cascading Drop Down Lists with Ajax

[Pepe Araya]

Great!
thank you!!

On Fri, Oct 7, 2011 at 11:04 AM, Omi Chiba  wrote:

> Pepe,
>
> It's up now. Thank you for letting me know.
>
> My web2py version was back to 1.98.2 and all app was gone... I don't
> know why.
> I deployed the new version 1.99.2 and re-create the app from slice.
> It's actually pretty easy !
>
> On Oct 7, 4:00 am, Pepe Araya  wrote:
> > hi! the demo site is down :(
>

Re: [web2py] who wrote grafpad?

[Kenneth Lundström]

http://groups.google.com/group/web2py/browse_thread/thread/dd0b2b7d67bed3db/81bbec475a1e7102?lnk=gst&q=grafpad#81bbec475a1e7102

tells a lot about it.


Kenneth


http://www.grafpad.com/

it is listed under http://web2py.com/poweredby
congratulations!

[web2py] Re: date variables, json and jqplot

[DenesL]

try

points=[[point.thedate.strftime('%Y%m%d'), point.value] for point in
pointlist]

or some other format that suits your needs.



On Oct 8, 10:29 am, Rick  wrote:
> Hi,
> I want to draw a graph with jqplot, where the x-axis is a date-
> timeline, but I get this message:
> TypeError: datetime.date(2011, 10, 2) is not JSON serializable
> Does anyone know an easy way to pass date variable to json?
>
> Thanks in advance for help. Here is some code from the files:
>
> 
>
> From the controller file:
> points=[[point.thedate, point.value] for point in pointlist]
> return dict(points=points)
>
> 
>
> from the view file:
> 
> 
> 
> 
> 

[web2py] how can I get a class from a model file

[apple]

tableclass=getattr(tableclasses, tablename)

Works fine when tableclasses is in modules but not when it is in
models - says "global name tableclasses is not defined".

Is it possible to access by name a class defined in models?

[web2py] Re: Subdomain based on blog users in routes.py

[GoldenTiger]

I love playing with subdomains and multiple domains,
The * as dns entry is ok (be carefull with dns entries order),
you can do it in routes.py, but I see more apropiate on models or
controllers
If you don't success, contact me and sure I'll solve it

On Oct 5, 5:10 pm, Farsheed Ashouri 
wrote:
> ya, I am trying to solve it. Let's see what'll come up with this night! :))
> Thank you Jonathan!
>
> On Wed, Oct 5, 2011 at 6:38 PM, Jonathan Lundell  wrote:
> > On Oct 5, 2011, at 8:03 AM, Farsheed Ashouri wrote:
>
> > Well it worked!! but with many problems in Ajax loading! Thank you, but any
> > improvements??
>
> > You might want to look at request.controller (and .function and .extension)
> > to detect Ajax requests and do something else with them (depending on what
> > the Ajax problems are). Otherwise all your Ajax requests coming from the
> > subdomain will be sent to pages/blog, which is probably wrong.
>
> --
> Sincerely,
> Farsheed Ashouri,
> ourway.ir
> Tel: +98 9388801504

[web2py] Re: Google Cloud SQL

[guruyaya]

+1.

On Oct 7, 3:34 am, Massimo Di Pierro 
wrote:
> I guess this finally relieves me from the non-disclosure agreement ;-)
>
> web2py has already been running on GAE+SQL since March:
>
>      http://web2py-tests.appspot.com/mysql/tests
>
> All web2py apps can now run GAE. Just use a connection string like:
>
>     DAL('google:sql://gmailcom:web2pytests/guestbook')
>
> including:
> - migrations
> - all types of web2py queries (or, joins, like, etc.)
> - transactions
>
> By the week-end I will post a more detailed howto.
> If you have used web2py to build your apps, this is the moment it pays
> off.
>
> Massimo
>
> On Oct 6, 6:29 pm, pbreit  wrote:
>
>
>
>
>
>
>
> >http://googlecode.blogspot.com/2011/10/google-cloud-sql-your-database...

[web2py] who wrote grafpad?

[Massimo Di Pierro]

http://www.grafpad.com/

it is listed under http://web2py.com/poweredby
congratulations!

Re: [web2py] Re: To DAL or not to DAL, that is the question!

[Chris Rowson]

Thanks Massimo,

I'm very new at this and found the DAL a bit intimidating. I'm
beginning to get the hang of it now though so I'm sticking with it. I
think I was trying to overthink it before when in actual fact, the
more I try and get my head around it, the more sense it makes.

Chris

On Sat, Oct 8, 2011 at 4:19 PM, Massimo Di Pierro
 wrote:
> You don't mind to write engine specific queries but who is going to
> use your app will mind because the app is not going to be portable.
> Almost any query an be build using the dal.
>
> Massimo
>
> On Oct 8, 6:20 am, Chris Rowson  wrote:
>> Call me wierd, but I'm finding it a little hard to get my head around
>> putting together select statements using the DAL. I think I must just
>> be having a stupid couple of weeks!
>>
>> I understand that using the DAL & SQLFORM etc for inserts will help
>> protect me against SQL Injection so I'm happy to keep on doing that,
>> but is there any particular reason I shouldn't just use db.executesql
>> to perform my selects (because I find it easier)?
>>
>> I also understand that raw SQL queries are database specific but I
>> don't mind, as I don't intend to move databases.
>>
>> Chris

[web2py] Re: Documentation on database adapters?

[Massimo Di Pierro]

You will need to write all those defined by GoogleDatastoreAdapter.
It is not easy.

On Oct 8, 9:51 am, ~redShadow~  wrote:
> I am currently working on some projects (mostly experiments at the
> moment) for which I'd need some custom NoSQLAdapters, specifically for
> MongoDB, LDAP and an LDAP-Like json-speaking service I'm working on.
>
> The problem is, I have to reverse-engineer the DAL code in order to try
> figuring out what exactly adapter methods should do, and it's also quite
> hard this way to find the best way to do things, without having a
> complete overview of the thing.
>
> Is there some more detailed documentation about this I could read in
> order to better understand all the DAL mechanism?
> Although the book (in chapter 6) says "Looking at the various adapters
> as examples should be easy to write new ones.", looks like it isn't that
> easy to understand exactly the meaning of every method, especially the
> ones used to build queries..
>
> --
> Samuele ~redShadow~ Santi
> 
>      redshadow[at]hackzine.org - redshadowhack[at]gmail.com
>
>   Blog:http://hackzine.org
>
>   GPG Key signature:
>        050D 3E9F 6E0B 44CE C008 D1FC 166C 3C7E EB26 4933
> 
> /me recommends:
>     Squadra Informatica -http://www.squadrainformatica.com
> 
>  - Proud ThinkPad T-Series owner
>  - Registered Linux-User: #440008
>       * GENTOO User since 1199142000 (2008-01-01)
>       * former DEBIAN SID user
> 
>       "Software is like sex: it's better when it's free!"
>                               -- Linus Torvalds
>
>  signature.asc
> < 1KViewDownload

[web2py] Re: Fetching password field from auth_user table

[Massimo Di Pierro]

Something else is causing the problem. If you do:

row = db(db.auth_user.id == uid).select(db.auth_user.password)

row.password is the hashed user password.

The password is treated in a spacial way in forms (not at db level) to
prevent forms from accidentally even retuning a password from server
to client.

There is no per-user salt (I have a patch pending that will add that).
we use HMAC+SHA512 to hash passwords.

On Oct 8, 8:52 am, haggis  wrote:
> I'm trying to fetch the password field in a simple query like this:
>
> row = db(db.auth_user.id == uid).select(db.auth_user.password)
> eturn row
>
> This is returned:
> auth_user.password
> auth_user.password  at 0xa313a2c>
>
> What's so special with the password field that I can query every field
> but password? How would you query the salted hash of an user?
>
> Thanks in advance,
> haggis

[web2py] Re: To DAL or not to DAL, that is the question!

[Massimo Di Pierro]

You don't mind to write engine specific queries but who is going to
use your app will mind because the app is not going to be portable.
Almost any query an be build using the dal.

Massimo

On Oct 8, 6:20 am, Chris Rowson  wrote:
> Call me wierd, but I'm finding it a little hard to get my head around
> putting together select statements using the DAL. I think I must just
> be having a stupid couple of weeks!
>
> I understand that using the DAL & SQLFORM etc for inserts will help
> protect me against SQL Injection so I'm happy to keep on doing that,
> but is there any particular reason I shouldn't just use db.executesql
> to perform my selects (because I find it easier)?
>
> I also understand that raw SQL queries are database specific but I
> don't mind, as I don't intend to move databases.
>
> Chris

[web2py] Re: IS_NOT_IN_DATABASE with a formatted value

[Massimo Di Pierro]

More like this:

class MyValidator(object):
 def __call__(self,value):
   return (cleanUpNumber(value), None)

FORM(INPUT(_name='phone',requires=MyValidator())

On Oct 8, 7:48 am, Anthony  wrote:
> Something like:
>
> FORM(INPUT(_name='phone',
>     requires=lambda v: IS_NOT_IN_DB(db,
> 'yourtable.phone')(cleanUpNumber(v
>
> Anthony
>
>
>
>
>
>
>
> On Saturday, October 8, 2011 8:10:51 AM UTC-4, Ed Greenberg wrote:
>
> > I have a table of US phone numbers in ten digit form. When I store
> > them, I take out all non-numeric characters using:
>
> > def cleanUpNumber(number):
> >     return re.sub(r'\D',"",number)[-10:]
>
> > I use a FORM() to get the numbers. Not a SQLFORM or CRUD.
>
> > I would like to use IS_NOT_IN_DATABASE(...) to make sure that I don't
> > get duplicates.
>
> > How can I get the validator to run the values through cleanUpNumber()
> > before looking in the database?
>
> > Ed

[web2py] Re: Google Cloud SQL

[Massimo Di Pierro]

In can do both. In fact you can have a
db1=DAL('google:sql://...')
and a
db2=DAL('google:datastore://...')
and store some data in db1 and some in db2.

I will add this in the howto I plan to write.

On Oct 7, 11:47 pm, Kurt Fehlhauer  wrote:
> Massimo,
>
> I am creating a photo gallery application and have questions in regard
> to Google Cloud SQL. Do you have any best-practice advice on storing
> images in GAE when using SQL? Should it go in the database as a blob
> or should it be stored as a blob property in the Google datastore?
>
> Thanks,
> Kurt
>
> On Oct 6, 7:34 pm, Massimo Di Pierro 
> wrote:
>
>
>
>
>
>
>
> > I guess this finally relieves me from the non-disclosure agreement ;-)
>
> > web2py has already been running on GAE+SQL since March:
>
> >      http://web2py-tests.appspot.com/mysql/tests
>
> > All web2py apps can now run GAE. Just use a connection string like:
>
> >     DAL('google:sql://gmailcom:web2pytests/guestbook')
>
> > including:
> > - migrations
> > - all types of web2py queries (or, joins, like, etc.)
> > - transactions
>
> > By the week-end I will post a more detailed howto.
> > If you have used web2py to build your apps, this is the moment it pays
> > off.
>
> > Massimo
>
> > On Oct 6, 6:29 pm, pbreit  wrote:
>
> > >http://googlecode.blogspot.com/2011/10/google-cloud-sql-your-database...

Re: [web2py] Re: DAL - Selects

[Chris Rowson]

Sorry, left some cruff in from before.

It should have belongs==(...) it should just be belongs(...)

i.e.


postcodelist=[]
closepostcodes=ukpostcodes.closest_postcodes(session.postcode,
str(session.distance))
for p in closepostcodes:
postcodelist.append(p[1])
rows = db(db.data.postcode.belongs(p for p in
postcodelist)).select(db.data.download, db.data.postcode,
db.data.lat, db.data.lon, 
db.providers.name,

left=db.providers.on(db.data.provider==db.providers.id),
orderby=~db.data.download)
return dict(table=rows, message=postcodelist)

On Sat, Oct 8, 2011 at 3:53 PM, Chris Rowson
 wrote:
> I finally used...
>
>    postcodelist=[]
>    closepostcodes=ukpostcodes.closest_postcodes(session.postcode,
> str(session.distance))
>    for p in closepostcodes:
>        postcodelist.append(p[1])
>    rows = db(db.data.postcode.belongs==(p for p in
> postcodelist)).select(db.data.download, db.data.postcode,
>                                                db.data.lat, db.data.lon, 
> db.providers.name,
>
> left=db.providers.on(db.data.provider==db.providers.id),
>                                                orderby=~db.data.download)
>
> Seems to work!
>
> Thanks for the advice about the range generator. I'm still learning
> all this stuff :-D
>
> Chris
>
> On Sun, Oct 2, 2011 at 7:38 AM, Chris Rowson
>  wrote:
>> Thanks Peter, I'll give that a try.
>>
>> Chris
>>
>> On Sep 30, 2011 8:01 PM, "Peter Etchells" 
>> wrote:
>>> results=db(db.data.belongs([p[1] for p in postcodes).select()
>>
>

Re: [web2py] Re: DAL - Selects

[Chris Rowson]

I finally used...

postcodelist=[]
closepostcodes=ukpostcodes.closest_postcodes(session.postcode,
str(session.distance))
for p in closepostcodes:
postcodelist.append(p[1])
rows = db(db.data.postcode.belongs==(p for p in
postcodelist)).select(db.data.download, db.data.postcode,
db.data.lat, db.data.lon, 
db.providers.name,

left=db.providers.on(db.data.provider==db.providers.id),
orderby=~db.data.download)

Seems to work!

Thanks for the advice about the range generator. I'm still learning
all this stuff :-D

Chris

On Sun, Oct 2, 2011 at 7:38 AM, Chris Rowson
 wrote:
> Thanks Peter, I'll give that a try.
>
> Chris
>
> On Sep 30, 2011 8:01 PM, "Peter Etchells" 
> wrote:
>> results=db(db.data.belongs([p[1] for p in postcodes).select()
>

[web2py] Documentation on database adapters?

[~redShadow~]

I am currently working on some projects (mostly experiments at the
moment) for which I'd need some custom NoSQLAdapters, specifically for
MongoDB, LDAP and an LDAP-Like json-speaking service I'm working on.

The problem is, I have to reverse-engineer the DAL code in order to try
figuring out what exactly adapter methods should do, and it's also quite
hard this way to find the best way to do things, without having a
complete overview of the thing.

Is there some more detailed documentation about this I could read in
order to better understand all the DAL mechanism?
Although the book (in chapter 6) says "Looking at the various adapters
as examples should be easy to write new ones.", looks like it isn't that
easy to understand exactly the meaning of every method, especially the
ones used to build queries..

-- 
Samuele ~redShadow~ Santi

 redshadow[at]hackzine.org - redshadowhack[at]gmail.com

  Blog: http://hackzine.org

  GPG Key signature:
   050D 3E9F 6E0B 44CE C008 D1FC 166C 3C7E EB26 4933

/me recommends:
Squadra Informatica - http://www.squadrainformatica.com

 - Proud ThinkPad T-Series owner
 - Registered Linux-User: #440008
  * GENTOO User since 1199142000 (2008-01-01)
  * former DEBIAN SID user

  "Software is like sex: it's better when it's free!"
  -- Linus Torvalds



signature.asc
Description: This is a digitally signed message part

[web2py] date variables, json and jqplot

[Rick]

Hi,
I want to draw a graph with jqplot, where the x-axis is a date-
timeline, but I get this message:
TypeError: datetime.date(2011, 10, 2) is not JSON serializable
Does anyone know an easy way to pass date variable to json?

Thanks in advance for help. Here is some code from the files:



>From the controller file:
points=[[point.thedate, point.value] for point in pointlist]
return dict(points=points)



from the view file:

[web2py] Fetching password field from auth_user table

[haggis]

I'm trying to fetch the password field in a simple query like this:

row = db(db.auth_user.id == uid).select(db.auth_user.password)
eturn row

This is returned:
auth_user.password
auth_user.password  at 0xa313a2c>

What's so special with the password field that I can query every field
but password? How would you query the salted hash of an user?

Thanks in advance,
haggis

[web2py] Re: To DAL or not to DAL, that is the question!

[Anthony]

As noted here (http://web2py.com/book/default/chapter/06#executesql), 
selects executed via executesql are not parsed or transformed by the DAL, so 
instead of getting a DAL Rows object, you get whatever is returned by the DB 
driver (i.e., list of tuples, though there's an option to convert to a list 
of dictionaries). I'm guessing that could cause some headaches, depending on 
what you're doing. (Side note: when selecting a large number of records, it 
should actually be faster because it will be skipping the DAL parsing.)

Anthony

On Saturday, October 8, 2011 7:20:21 AM UTC-4, leftcase wrote:
>
> Call me wierd, but I'm finding it a little hard to get my head around
> putting together select statements using the DAL. I think I must just
> be having a stupid couple of weeks!
>
> I understand that using the DAL & SQLFORM etc for inserts will help
> protect me against SQL Injection so I'm happy to keep on doing that,
> but is there any particular reason I shouldn't just use db.executesql
> to perform my selects (because I find it easier)?
>
> I also understand that raw SQL queries are database specific but I
> don't mind, as I don't intend to move databases.
>
> Chris
>
>

[web2py] Re: Multiple instances of a table in a SQLFORM

[faultyzebra]

Asked the same question on stackoverflow 
http://stackoverflow.com/questions/7696901/multiple-instances-of-a-table-in-a-web2py-form

[web2py] Re: IS_NOT_IN_DATABASE with a formatted value

[Anthony]

Something like:

FORM(INPUT(_name='phone',
requires=lambda v: IS_NOT_IN_DB(db, 
'yourtable.phone')(cleanUpNumber(v

Anthony


On Saturday, October 8, 2011 8:10:51 AM UTC-4, Ed Greenberg wrote:
>
> I have a table of US phone numbers in ten digit form. When I store 
> them, I take out all non-numeric characters using: 
>
> def cleanUpNumber(number): 
> return re.sub(r'\D',"",number)[-10:] 
>
> I use a FORM() to get the numbers. Not a SQLFORM or CRUD. 
>
> I would like to use IS_NOT_IN_DATABASE(...) to make sure that I don't 
> get duplicates. 
>
> How can I get the validator to run the values through cleanUpNumber() 
> before looking in the database? 
>
> Ed

[web2py] Multiple instances of a table in a SQLFORM

[faultyzebra]

Application: Poll Application

*Database design:*

question body: db.t_query

option body: db.t_option

*model(db_wizard.py):*


db.define_table('t_query',
Field('f_content', type='text', requires=IS_NOT_EMPTY(),
  label=T('Content')),
SQLField('is_active',db.auth_user,writable=False,readable=False),
auth.signature,
migrate=settings.migrate)

db.define_table('t_query_archive',db.t_query,Field('current_record','reference 
t_query',readable=False,writable=False))


db.define_table('t_option',
Field('f_ocontent', type='string',
  label=T('Option')),
auth.signature,
migrate=settings.migrate)

db.define_table('t_option_archive',db.t_option,Field('current_record','reference
 
t_option',readable=False,writable=False))

*controller(default.py):*
@auth.requires_login()
def ask():
form=SQLFORM.factory(db.t_query,db.t_option,db.t_option)
if form.process().accepted:
id = db.t_query.insert(**db.t_query._filter_fields(form.vars))
form.vars.client=id
id = db.option.insert(**db.t_option._filter_fields(form.vars))
response.flash='Thanks for filling the form'
id = db.option.insert(**db.t_option._filter_fields(form.vars))
response.flash='Thanks for filling the form'
return dict(form=form)

*view(ask.html)*
{{extend 'layout.html'}}

Start a Poll
{{=form}}

*Output:*
See top for screenshot
Only one instance of db.t_option is seen in the form. How do I get multiple 
instances of the option field in the form? Is it possible? If not what can I 
do for a workaround?

Thank you in advance. Also thanks for web2py.

[web2py] IS_NOT_IN_DATABASE with a formatted value

[Ed Greenberg]

I have a table of US phone numbers in ten digit form. When I store
them, I take out all non-numeric characters using:

def cleanUpNumber(number):
return re.sub(r'\D',"",number)[-10:]

I use a FORM() to get the numbers. Not a SQLFORM or CRUD.

I would like to use IS_NOT_IN_DATABASE(...) to make sure that I don't
get duplicates.

How can I get the validator to run the values through cleanUpNumber()
before looking in the database?

Ed

[web2py] To DAL or not to DAL, that is the question!

[Chris Rowson]

Call me wierd, but I'm finding it a little hard to get my head around
putting together select statements using the DAL. I think I must just
be having a stupid couple of weeks!

I understand that using the DAL & SQLFORM etc for inserts will help
protect me against SQL Injection so I'm happy to keep on doing that,
but is there any particular reason I shouldn't just use db.executesql
to perform my selects (because I find it easier)?

I also understand that raw SQL queries are database specific but I
don't mind, as I don't intend to move databases.

Chris

[web2py] Re: manual file upload using SQLFORM.factory

[Alex]

Upload should be save since its handled by web2py. But with the
download the user possible could pass any path for the filename and
download files also from other folders. Should I check for '..' in the
filename? Would it be sufficient?

btw, the community is great here. as is web2py :)

Alex

On 7 Okt., 21:39, TheSweetlink  wrote:
> I'm happy the upload works for you Alex.
>
> > do I have to take care about directory traversals and other security
> > risks? What's the easiest way to do this?
>
> As I understand it the store() renaming of the file is what takes care
> of the dir traversal protection.
>
> I'm not a web2py dev so don't quote me on that.
>
> Perhaps you lot can confirm?
>
> David

[web2py] Re: web2py hosting

[GoldenTiger]

  I beta tester of a future specific python hosting 
http:/www.pythonanywhere.com

WEB Shell Ipython, Bash, Git, Code Editor, installing web2py tooks me 3 min, 
I configured DEMO MODE and MULTI USER so you can test

  http://web2py.pythonanywhere.com 

[web2py] Re: Why showing a log in option inside of the admin interface

[MidGe]

No, the problem does not go away.

Not having been able to play with web2py yet, awaiting success of a working 
install, I am not sure or confident that the changes I made are being run. I 
think so, but I will take some experience with web2py on my turf of choice 
before I will get there, I guess.  :)


Thanks for the help

Michel

[web2py] Re: Why showing a log in option inside of the admin interface

[Cliff]

Does the problem go away if you store sessions in the database?

If so, it would tend to indicate a file permissions problem.

Put this line in db.py right after the line instantiating DAL:

session.connect(request, response, db, masterapp=None)

On Oct 8, 2:19 am, MidGe  wrote:
> "Unfortunately, Python deployment remains tricky, especially on shared
> hosting."
>
> Interesting. pbreit, as Python is pretty much new for me too.  I find this
> tethering on the edge of an abyss a very strange stance
> in software development deployment and very different from anything I have
> ever done before in the field!  Amazing perhaps but bizarre for sure, I'd
> call it...  :)