Re: [web2py] sqlform.grid : checkbox in header and confirmation before submit
Johann, 2. I also get Submit Query button below the table. I've managed to rename this to Delete Selected - Is there a way to show a confirmation dialog like Are you sure you want to delete all the selected entries (or some such) - before the records are deleted ? I use this: bevestig = T('Are you sure you want to delete the selected articles?') try: form.element('.web2py_table input[type=submit]')['_value'] = T('Delete selected articles') form.element('.web2py_table input[type=submit]')['_onclick'] = return confirm ('%s') % bevestig except: pass Didn't know about _onclick I had managed to rename the button, but looking at your suggestion - mine was clumsy/hackish. This one is cleaner/better option. Thanks a lot. !! -Mandar --
[web2py] Re: Appliances, before 2.0 and after 2.0, (friendship)
Hi Nico, I agree. Your approach is better than mine. Regards, Ashraf --
Re: [web2py] Question about the necessity to have 2 auth_user tables in a web2py app.... ?
I'd just use one app and one auth_user table. And then use groups or some sort of permissioning. Keep it simple. On Friday, September 14, 2012 6:02:30 PM UTC-7, Don_X wrote: Richard ... Villas ... thank you both for your insights ... for now .. I will go on ... and will try to figure it out as I go along ... I will probably end up trying both approach and see / compare etc .. I foresee issues of various bottlenecks in an app like this .. so .. ... lately .. I am in the process of transforming what I already have done and adopt it to the modelless approach ... when I am almost where there will be a need for access to the socceradmin functions in the app ( depending on who or which group ) .. I will look both of you up for further insights ... thanks again Don --
Re: [web2py] Layout for forms
On 19 September 2012 19:54, BlueShadow kevin.bet...@gmail.com wrote: Hi, I like to change the layout of a couple forms for example for the login form. in my default/user.html the form is just called by {{=form}} I found this on the webtopy site: {{=form.custom.begin}} Image name: div{{=form.custom.widget.name}}/div Image file: div{{=form.custom.widget.file}}/div Click here to upload: {{=form.custom.submit}} {{=form.custom.end}} but I got no idea how to view the checkbox etc. Is there a more comprehensible example The 'checkbox etc' will be part of the Field definition of the form as in this example 'name' and 'file'. So if you have a field using a checkbox widget (say 'your_preference') you will see the checkbox when you put {{=form.custom.widget.your_preference}} in the above example. Regards Johann -- Because experiencing your loyal love is better than life itself, my lips will praise you. (Psalm 63:3) --
Re: [web2py] Layout for forms
I'm using the standard auth_user. there is a checkbox remember me for 30 days. I can't find anything like that in the db. On Thu, Sep 20, 2012 at 9:09 AM, Johann Spies johann.sp...@gmail.comwrote: On 19 September 2012 19:54, BlueShadow kevin.bet...@gmail.com wrote: Hi, I like to change the layout of a couple forms for example for the login form. in my default/user.html the form is just called by {{=form}} I found this on the webtopy site: {{=form.custom.begin}} Image name: div{{=form.custom.widget.name}}/div Image file: div{{=form.custom.widget.file}}/div Click here to upload: {{=form.custom.submit}} {{=form.custom.end}} but I got no idea how to view the checkbox etc. Is there a more comprehensible example The 'checkbox etc' will be part of the Field definition of the form as in this example 'name' and 'file'. So if you have a field using a checkbox widget (say 'your_preference') you will see the checkbox when you put {{=form.custom.widget.your_preference}} in the above example. Regards Johann -- Because experiencing your loyal love is better than life itself, my lips will praise you. (Psalm 63:3) -- --
Re: [web2py] Layout for forms
That's in gluon\tools.py On Thu, Sep 20, 2012 at 5:44 PM, Kevin Bethke kevin.bet...@gmail.com wrote: I'm using the standard auth_user. there is a checkbox remember me for 30 days. I can't find anything like that in the db. On Thu, Sep 20, 2012 at 9:09 AM, Johann Spies johann.sp...@gmail.com wrote: On 19 September 2012 19:54, BlueShadow kevin.bet...@gmail.com wrote: Hi, I like to change the layout of a couple forms for example for the login form. in my default/user.html the form is just called by {{=form}} I found this on the webtopy site: {{=form.custom.begin}} Image name: div{{=form.custom.widget.name}}/div Image file: div{{=form.custom.widget.file}}/div Click here to upload: {{=form.custom.submit}} {{=form.custom.end}} but I got no idea how to view the checkbox etc. Is there a more comprehensible example The 'checkbox etc' will be part of the Field definition of the form as in this example 'name' and 'file'. So if you have a field using a checkbox widget (say 'your_preference') you will see the checkbox when you put {{=form.custom.widget.your_preference}} in the above example. Regards Johann -- Because experiencing your loyal love is better than life itself, my lips will praise you. (Psalm 63:3) -- -- --
[web2py] Send Email After Registration
Dear ALL, How can I send an email to the user after he registers automatically ? Best Regards, --
[web2py] Re: Using original or custom filename on uploads
book! http://web2py.com/books/default/chapter/29/07#Storing-the-original-filename On Thursday, September 20, 2012 4:47:54 AM UTC+2, Tito Garrido wrote: Hi, Is there a way to use the original filename on a upload field or custom filenames? I guess it is possible since we can upload files in appadmin and choose the name but I couldn't find how to do it. Thanks in advance, Tito -- Linux User #387870 . _/_õ|__| ..º[ .-.___.-._| . . . . .__( o)__( o).:___ --
[web2py] CAPTCHA and reCAPTCHA in registration form
Dear ALL , I am trying to use reCAPTCHA in my default/user.html page on registration form , now i added this in the db.py : from gluon.tools import Recaptcha auth.settings.captcha = Recaptcha(request, 'PUBLIC_KEY', 'PRIVATE_KEY') But now whats next ?? Best Regards, --
Re: [web2py] Send Email After Registration
Isn't there an example in the scaffolding app? https://github.com/web2py/web2py/blob/master/gluon/tools.py#L816 Just set that to True (in your db.py), and it will require verification. If you want to send an email not for verification, just scroll down to the code for verification and edit it to just be a normal: welcome email. On Thu, Sep 20, 2012 at 5:56 PM, Hassan Alnatour halna...@gardeniatelco.com wrote: Dear ALL, How can I send an email to the user after he registers automatically ? Best Regards, -- --
Re: [web2py] CAPTCHA and reCAPTCHA in registration form
Go to the reCAPTCHA page and generate yourself a public and private key pair. http://www.google.com/recaptcha On Thu, Sep 20, 2012 at 6:04 PM, Hassan Alnatour halna...@gardeniatelco.com wrote: Dear ALL , I am trying to use reCAPTCHA in my default/user.html page on registration form , now i added this in the db.py : from gluon.tools import Recaptcha auth.settings.captcha = Recaptcha(request, 'PUBLIC_KEY', 'PRIVATE_KEY') But now whats next ?? Best Regards, -- --
Re: [web2py] Send Email After Registration
Dear Alec , I Dont want email verification , i just want to send an email that says welcome . Best Regards, --
Re: [web2py] CAPTCHA and reCAPTCHA in registration form
Dear Alec , I DID that , but whats next , how will i apply it to my registration form ? On Thu, Sep 20, 2012 at 11:06 AM, Alec Taylor alec.tayl...@gmail.comwrote: Go to the reCAPTCHA page and generate yourself a public and private key pair. http://www.google.com/recaptcha On Thu, Sep 20, 2012 at 6:04 PM, Hassan Alnatour halna...@gardeniatelco.com wrote: Dear ALL , I am trying to use reCAPTCHA in my default/user.html page on registration form , now i added this in the db.py : from gluon.tools import Recaptcha auth.settings.captcha = Recaptcha(request, 'PUBLIC_KEY', 'PRIVATE_KEY') But now whats next ?? Best Regards, -- -- --
Re: [web2py] Layout for forms
It comes from following settings ... its time out for login session ... auth.settings.long_expiration = 3600*24*30 # one month auth.settings.remember_me_form = True See here: http://web2py.com/books/default/chapter/29/09?search=remember+me Dne čtvrtek, 20. září 2012 9:44:48 UTC+2 Alec Taylor napsal(a): That's in gluon\tools.py On Thu, Sep 20, 2012 at 5:44 PM, Kevin Bethke kevin@gmail.comjavascript: wrote: I'm using the standard auth_user. there is a checkbox remember me for 30 days. I can't find anything like that in the db. On Thu, Sep 20, 2012 at 9:09 AM, Johann Spies johann...@gmail.comjavascript: wrote: On 19 September 2012 19:54, BlueShadow kevin@gmail.comjavascript: wrote: Hi, I like to change the layout of a couple forms for example for the login form. in my default/user.html the form is just called by {{=form}} I found this on the webtopy site: {{=form.custom.begin}} Image name: div{{=form.custom.widget.name}}/div Image file: div{{=form.custom.widget.file}}/div Click here to upload: {{=form.custom.submit}} {{=form.custom.end}} but I got no idea how to view the checkbox etc. Is there a more comprehensible example The 'checkbox etc' will be part of the Field definition of the form as in this example 'name' and 'file'. So if you have a field using a checkbox widget (say 'your_preference') you will see the checkbox when you put {{=form.custom.widget.your_preference}} in the above example. Regards Johann -- Because experiencing your loyal love is better than life itself, my lips will praise you. (Psalm 63:3) -- -- --
Re: [web2py] CAPTCHA and reCAPTCHA in registration form
Well replace/set those variables with the generated pub/priv pair. Then you probably want to set this: auth.settings.login_captcha = False What that does is obvious. On Thu, Sep 20, 2012 at 6:09 PM, hasan alnator halna...@gardeniatelco.com wrote: Dear Alec , I DID that , but whats next , how will i apply it to my registration form ? On Thu, Sep 20, 2012 at 11:06 AM, Alec Taylor alec.tayl...@gmail.com wrote: Go to the reCAPTCHA page and generate yourself a public and private key pair. http://www.google.com/recaptcha On Thu, Sep 20, 2012 at 6:04 PM, Hassan Alnatour halna...@gardeniatelco.com wrote: Dear ALL , I am trying to use reCAPTCHA in my default/user.html page on registration form , now i added this in the db.py : from gluon.tools import Recaptcha auth.settings.captcha = Recaptcha(request, 'PUBLIC_KEY', 'PRIVATE_KEY') But now whats next ?? Best Regards, -- -- -- --
[web2py] registration message
Hello After a new user is created I want to show the flash message and redirect a user back to home page. The redirection is done with auth.settings.register_next = URL('school','index', vars=dict(school=database)) and for message auth.messages.registration_pending ('bklabafbaklva') but the message is not shown? why? thank you --
Re: [web2py] Send Email After Registration
Ok I DID it like this : auth.settings.register_next = URL('Welcome') def Welcome(): User_Email = auth.user.email mail.send(User_Email,'Welcome To website','Welcome To website') if request.vars.lan == 'En': redirect('index',vars={'lan':'En'}) else: redirect('index') Best Regards, On Thu, Sep 20, 2012 at 11:09 AM, hasan alnator halna...@gardeniatelco.comwrote: Dear Alec , I Dont want email verification , i just want to send an email that says welcome . Best Regards, --
Re: [web2py] Send Email After Registration
Nicely done. On Thu, Sep 20, 2012 at 7:13 PM, hasan alnator halna...@gardeniatelco.com wrote: Ok I DID it like this : auth.settings.register_next = URL('Welcome') def Welcome(): User_Email = auth.user.email mail.send(User_Email,'Welcome To website','Welcome To website') if request.vars.lan == 'En': redirect('index',vars={'lan':'En'}) else: redirect('index') Best Regards, On Thu, Sep 20, 2012 at 11:09 AM, hasan alnator halna...@gardeniatelco.com wrote: Dear Alec , I Dont want email verification , i just want to send an email that says welcome . Best Regards, -- --
[web2py] Re: How do I implement this using auth groups ?
e.g. auth.add_group('wiki_editor', 'Editor') On Wednesday, September 19, 2012 9:30:28 PM UTC+1, Pystar wrote: Hi guys, I need help on how to implement having a super user being able to create admins to administrate db tables using groups. Auth.addgroup() eg? --
[web2py] Problem with DAL query self join
I am trying to convert the below sql query to DAL query. SQL query: SELECT L1_alt_obj.objid,L1_obj.objid FROM tbl_alt_objects JOIN tbl_objects on tbl_objects.horid = tbl_alt_objects.horid AND tbl_objects.objid = tbl_alt_objects.objid LEFT JOIN tbl_objects L1_obj ON L1_obj.horid = tbl_objects.horid AND L1_obj.objid = tbl_objects.rlord LEFT JOIN tbl_alt_objects L1_alt_obj ON L1_alt_obj.horid = tbl_objects.horid AND L1_alt_obj.objid = tbl_alt_objects.rlord WHERE tbl_alt_objects.horid=1076 AND tbl_alt_objects.objid=1 SQL is working fine and getting result +---+---+ | objid | objid | +---+---+ | 4 | 5 | +---+---+ DAL query: L1_obj = db.tbl_objects.with_alias('l1_obj') L1_alt_obj = db.tbl_alt_objects.with_alias('l1_alt_obj') query = (db.tbl_alt_objects.horid==1076) \ (db.tbl_alt_objects.horid==db.tbl_objects.horid) \ (db.tbl_objects.objid==1) (db.tbl_alt_objects.objid==db.tbl_objects.objid) result = db(query).select(L1_obj.objid,L1_alt_obj.objid, left=[ L1_obj.on((L1_obj.horid==horid) (db.tbl_objects.rlord == L1_obj.objid)), L1_alt_obj.on((L1_alt_obj.horid==horid) (L1_alt_obj.objid==db.tbl_alt_objects.rlord)) ] ).first() But I am getting an error as File /var/www/vhosts/astrozon/web2py/applications/astrozon/controllers/horoscope.py, line 104, in testing L1_alt_obj.on((L1_alt_obj.horid==horid) (L1_alt_obj.objid==db.tbl_alt_objects.rlord)) File /var/www/vhosts/astrozon/web2py/gluon/dal.py, line 7578, in select return adapter.select(self.query,fields,attributes) File /var/www/vhosts/astrozon/web2py/gluon/dal.py, line 1315, in select rows = response(sql) File /var/www/vhosts/astrozon/web2py/gluon/dal.py, line 1305, in response self.execute(sql) File /var/www/vhosts/astrozon/web2py/gluon/dal.py, line 1392, in execute return self.log_execute(*a, **b) File /var/www/vhosts/astrozon/web2py/gluon/dal.py, line 1386, in log_execute ret = self.cursor.execute(*a, **b) File /var/www/vhosts/astrozon/web2py/gluon/contrib/pymysql/cursors.py, line 108, in execute self.errorhandler(self, exc, value) File /var/www/vhosts/astrozon/web2py/gluon/contrib/pymysql/connections.py, line 184, in defaulterrorhandler raise errorclass, errorvalue InternalError: (1054, uUnknown column 'tbl_objects.rlord' in 'on clause') --
[web2py] Re: hideerror=True is being ignored in 2.0.x
Please open a ticket pointing to this thread. Thanks. On Thursday, 20 September 2012 00:11:49 UTC-5, Matt wrote: Hi there, I use custom forms in my app. I'm getting a problem whereby form errors divs are now appearing in the output of widgets. Even though I've suppressed them via hideerror=True. i.e. logging.info(form.custom.widget[field]) returns input class=string invalidinput id=x_name name=name type=text value= /div class=error_wrapperdiv class=error id=name__errorenter a value/div/div When it used to only return: input class=string invalidinput id=x_name name=name type=text value= / I'm doing something along the lines of: def test_salon(): response.view = 'testing/form.html' form = SQLFORM(db.x) if form.process(hideerror = True).accepted: session.flash = 'YAY' elif form.errors: response.flash = None return dict(form = form) Then in the form.html {{= form.custom.begin }} {{ for field in form.fields: }} {{= form.custom.widget[field] }} {{ pass }} {{= BUTTON('Submit', _type = 'submit') }} {{= form.custom.end }} Cheers, Matt --
[web2py] vimeo and auth.wiki
I want to embedd a vimeo video in a auth.wiki page. In the plugin_wiki I had to write for example *``* *name: vimeo* *code: 8952354 * *width: 533* *height: 400* *``:widget* How can I do the same in auth.wiki? Regards, Martin --
[web2py] Re: vimeo and auth.wiki
You simply cut and paste a link to the video in the text as below: http://vimeo.com/8952354 You cannot choose width and height. Vimeo choses that for you. On Thursday, 20 September 2012 07:46:43 UTC-5, mweissen wrote: I want to embedd a vimeo video in a auth.wiki page. In the plugin_wiki I had to write for example *``* *name: vimeo* *code: 8952354 * *width: 533* *height: 400* *``:widget* How can I do the same in auth.wiki? Regards, Martin --
[web2py] Re: Problem with DAL query self join
I do not not know but in the DAL query I see: db.tbl_objects.rlord In the original query I see tbl_objects.horid and tbl_alt_objects.rlord but not tbl_objects.rlord. I do not know the model but I suspect you simply have some typos. On Thursday, 20 September 2012 06:35:31 UTC-5, Pradeeshnarayan wrote: I am trying to convert the below sql query to DAL query. SQL query: SELECT L1_alt_obj.objid,L1_obj.objid FROM tbl_alt_objects JOIN tbl_objects on tbl_objects.horid = tbl_alt_objects.horid AND tbl_objects.objid = tbl_alt_objects.objid LEFT JOIN tbl_objects L1_obj ON L1_obj.horid = tbl_objects.horid AND L1_obj.objid = tbl_objects.rlord LEFT JOIN tbl_alt_objects L1_alt_obj ON L1_alt_obj.horid = tbl_objects.horid AND L1_alt_obj.objid = tbl_alt_objects.rlord WHERE tbl_alt_objects.horid=1076 AND tbl_alt_objects.objid=1 SQL is working fine and getting result +---+---+ | objid | objid | +---+---+ | 4 | 5 | +---+---+ DAL query: L1_obj = db.tbl_objects.with_alias('l1_obj') L1_alt_obj = db.tbl_alt_objects.with_alias('l1_alt_obj') query = (db.tbl_alt_objects.horid==1076) \ (db.tbl_alt_objects.horid==db.tbl_objects.horid) \ (db.tbl_objects.objid==1) (db.tbl_alt_objects.objid==db.tbl_objects.objid) result = db(query).select(L1_obj.objid,L1_alt_obj.objid, left=[ L1_obj.on((L1_obj.horid==horid) (db.tbl_objects.rlord == L1_obj.objid)), L1_alt_obj.on((L1_alt_obj.horid==horid) (L1_alt_obj.objid==db.tbl_alt_objects.rlord)) ] ).first() But I am getting an error as File /var/www/vhosts/astrozon/web2py/applications/astrozon/controllers/horoscope.py, line 104, in testing L1_alt_obj.on((L1_alt_obj.horid==horid) (L1_alt_obj.objid==db.tbl_alt_objects.rlord)) File /var/www/vhosts/astrozon/web2py/gluon/dal.py, line 7578, in select return adapter.select(self.query,fields,attributes) File /var/www/vhosts/astrozon/web2py/gluon/dal.py, line 1315, in select rows = response(sql) File /var/www/vhosts/astrozon/web2py/gluon/dal.py, line 1305, in response self.execute(sql) File /var/www/vhosts/astrozon/web2py/gluon/dal.py, line 1392, in execute return self.log_execute(*a, **b) File /var/www/vhosts/astrozon/web2py/gluon/dal.py, line 1386, in log_execute ret = self.cursor.execute(*a, **b) File /var/www/vhosts/astrozon/web2py/gluon/contrib/pymysql/cursors.py, line 108, in execute self.errorhandler(self, exc, value) File /var/www/vhosts/astrozon/web2py/gluon/contrib/pymysql/connections.py, line 184, in defaulterrorhandler raise errorclass, errorvalue InternalError: (1054, uUnknown column 'tbl_objects.rlord' in 'on clause') --
Re: [web2py] Re: Using original or custom filename on uploads
Thanks I have read it before but I didn't undertand... so I will be able to call the 'download' function using image_filename instead of image.image? Just to clarify I'd like to call a mnemonic filename due SEO optimizations. Regards, Tito On Thu, Sep 20, 2012 at 4:57 AM, Niphlod niph...@gmail.com wrote: book! http://web2py.com/books/default/chapter/29/07#Storing-the-original-filename On Thursday, September 20, 2012 4:47:54 AM UTC+2, Tito Garrido wrote: Hi, Is there a way to use the original filename on a upload field or custom filenames? I guess it is possible since we can upload files in appadmin and choose the name but I couldn't find how to do it. Thanks in advance, Tito -- Linux User #387870 . _/_õ|__| ..º[ .-.___.-._| . . . . .__( o)__( o).:___ -- -- Linux User #387870 . _/_õ|__| ..º[ .-.___.-._| . . . . .__( o)__( o).:___ --
[web2py] Improving SSL Support
A proposal for improving SSL support in web2py For authenticated web applications, there are two grades of SSL implementions: Forcing SSL on login, vs forcing SSL on the entire authenticated session. In the first case, HTTPS is forced on login/registration, but reverts back to HTTP upon authentication. This protects against passwords from being sent unencrypted, but won't prevent session hijacking as the session cookie can still be compromised on subsequent HTTP requests. (See Firesheephttp://codebutler.com/firesheepfor details). Nonetheless, many sites choose this approach for performance reasons, as SSL-delivered content is not cached by browsers as efficiently (discussed on 37signals bloghttp://37signals.com/svn/posts/1431-mixed-content-warning-how-i-loathe-thee ). The second option is to secure the entire authenticated session: This is done by forcing all traffic to go over HTTPS while a user is logged in, *and * by securing the session cookie so that it will only be sent by the browser over HTTPS. (Also discussed in web2py users group - Auth over SSLhttps://groups.google.com/d/msg/web2py/7qoHMs-4Va8/jRFOqYHri4gJ ) web2py should make it easier to deal with these scenarios. I just implemented a case-1 type solution and it took quite a bit of work. Moreover, web2py currently provides two SSL-control functions, which, taken on their own, can lead to problems for the uninitiated: - session.secure() will ensure that the session cookie is only transmitted over HTTPS, but doesn't force HTTPS, so that for any subsequent session calls made over HTTP will simply not have access to the auth session, but this is not obvious (Correct me if I'm wrong) - request.requires_https() (undocumented?) is a misnomer, because if forces HTTPS but then assumes a case-2 scenario and secures the session cookie *Proposals:* - SSL auth settings - auth.settings.force_ssl_login - Forces HTTPS for login/registration - auth.settings.force_ssl_session - Forces HTTPS throughout an authenticated session, and secure the session cookie (If True, force_ssl_login not necessary) - Other more granular controls - @requires_https() - decorator for controller functions that forces HTTPS for that function only - 'secure=True' option on forms ensures submission over HTTPS --
Re: [web2py] Send Email After Registration
Hello I am getting an error User_Email = auth.user.email AttributeError: 'NoneType' object has no attribute 'email' On Thursday, September 20, 2012 11:15:31 AM UTC+2, Alec Taylor wrote: Nicely done. On Thu, Sep 20, 2012 at 7:13 PM, hasan alnator haln...@gardeniatelco.com javascript: wrote: Ok I DID it like this : auth.settings.register_next = URL('Welcome') def Welcome(): User_Email = auth.user.email mail.send(User_Email,'Welcome To website','Welcome To website') if request.vars.lan == 'En': redirect('index',vars={'lan':'En'}) else: redirect('index') Best Regards, On Thu, Sep 20, 2012 at 11:09 AM, hasan alnator haln...@gardeniatelco.com javascript: wrote: Dear Alec , I Dont want email verification , i just want to send an email that says welcome . Best Regards, -- --
Re: [web2py] Send Email After Registration
Dear Yebach , Are you logged in ? Best Regards, On Thu, Sep 20, 2012 at 5:13 PM, Yebach vid.og...@gmail.com wrote: Hello I am getting an error User_Email = auth.user.email AttributeError: 'NoneType' object has no attribute 'email' On Thursday, September 20, 2012 11:15:31 AM UTC+2, Alec Taylor wrote: Nicely done. On Thu, Sep 20, 2012 at 7:13 PM, hasan alnator haln...@gardeniatelco.com wrote: Ok I DID it like this : auth.settings.register_next = URL('Welcome') def Welcome(): User_Email = auth.user.email mail.send(User_Email,'Welcome To website','Welcome To website') if request.vars.lan == 'En': redirect('index',vars={'lan':'**En'}) else: redirect('index') Best Regards, On Thu, Sep 20, 2012 at 11:09 AM, hasan alnator haln...@gardeniatelco.com wrote: Dear Alec , I Dont want email verification , i just want to send an email that says welcome . Best Regards, -- -- --
Re: [web2py] Re: Using original or custom filename on uploads
no. in the scaffolding app the index/download function calls response.download. However, it works only with the original naming scheme of web2py. Given that you want your own, you must save/alter the original filename in another field of the table, and then write YOUR function to retrieve the file (e.g. looking at the altered/original filename, not the one set by web2py) and call response.stream on that file. Look into http://web2py.com/books/default/chapter/29/06#More-on-uploads for dealing with store() and retrieve(). On Thursday, September 20, 2012 3:46:09 PM UTC+2, Tito Garrido wrote: Thanks I have read it before but I didn't undertand... so I will be able to call the 'download' function using image_filename instead of image.image? Just to clarify I'd like to call a mnemonic filename due SEO optimizations. Regards, Tito On Thu, Sep 20, 2012 at 4:57 AM, Niphlod nip...@gmail.com javascript:wrote: book! http://web2py.com/books/default/chapter/29/07#Storing-the-original-filename On Thursday, September 20, 2012 4:47:54 AM UTC+2, Tito Garrido wrote: Hi, Is there a way to use the original filename on a upload field or custom filenames? I guess it is possible since we can upload files in appadmin and choose the name but I couldn't find how to do it. Thanks in advance, Tito -- Linux User #387870 . _/_õ|__| ..º[ .-.___.-._| . . . . .__( o)__( o).:___ -- -- Linux User #387870 . _/_õ|__| ..º[ .-.___.-._| . . . . .__( o)__( o).:___ --
Re: [web2py] Re: Using original or custom filename on uploads
I have did what is written on More on Uploads: db.myfile.insert(image=db.myfile.image.store(stream, filename)) But it uses the filename just to get the extension and save it using web2py naming convention... So I guess I can't use type upload field at all to avoid web2py naming convention... :( On Thu, Sep 20, 2012 at 11:19 AM, Niphlod niph...@gmail.com wrote: no. in the scaffolding app the index/download function calls response.download. However, it works only with the original naming scheme of web2py. Given that you want your own, you must save/alter the original filename in another field of the table, and then write YOUR function to retrieve the file (e.g. looking at the altered/original filename, not the one set by web2py) and call response.stream on that file. Look into http://web2py.com/books/default/chapter/29/06#More-on-uploads for dealing with store() and retrieve(). On Thursday, September 20, 2012 3:46:09 PM UTC+2, Tito Garrido wrote: Thanks I have read it before but I didn't undertand... so I will be able to call the 'download' function using image_filename instead of image.image? Just to clarify I'd like to call a mnemonic filename due SEO optimizations. Regards, Tito On Thu, Sep 20, 2012 at 4:57 AM, Niphlod nip...@gmail.com wrote: book! http://web2py.com/books/**default/chapter/29/07#Storing-** the-original-filenamehttp://web2py.com/books/default/chapter/29/07#Storing-the-original-filename On Thursday, September 20, 2012 4:47:54 AM UTC+2, Tito Garrido wrote: Hi, Is there a way to use the original filename on a upload field or custom filenames? I guess it is possible since we can upload files in appadmin and choose the name but I couldn't find how to do it. Thanks in advance, Tito -- Linux User #387870 . _/_õ|__| ..º[ .-.___.-._| . . . . .__( o)__( o).:___ -- -- Linux User #387870 . _/_õ|__| ..º[ .-.___.-._| . . . . .__( o)__( o).:___ -- -- Linux User #387870 . _/_õ|__| ..º[ .-.___.-._| . . . . .__( o)__( o).:___ --
[web2py] Re: vimeo and auth.wiki
Well but it should be possible. Here's how it could be done def vimeo(code, width=400, height=250): ## Embeds a vimeo video (by code) - ``code`` is the code of the video - ``width`` is the width you want the video to have - ``height`` is the height you want the video to have return XML(iframe src=http://player.vimeo.com/video/%(code)s width=%(width)s height=%(height)s frameborder=0 webkitAllowFullScreen mozallowfullscreen allowFullScreen/iframe % dict(code=code, width=width, height=height)) Quinta-feira, 20 de Setembro de 2012 14:31:31 UTC+1, Massimo Di Pierro escreveu: You simply cut and paste a link to the video in the text as below: http://vimeo.com/8952354 You cannot choose width and height. Vimeo choses that for you. On Thursday, 20 September 2012 07:46:43 UTC-5, mweissen wrote: I want to embedd a vimeo video in a auth.wiki page. In the plugin_wiki I had to write for example *``* *name: vimeo* *code: 8952354 * *width: 533* *height: 400* *``:widget* How can I do the same in auth.wiki? Regards, Martin --
[web2py] Re: Problem with DAL query self join
I have rechecked again. There is a valid field rlord in tbl_objects. You can see the field 'tbl_objects.rlord' in the 6th line of SQL query. SQL is working fine. In the error description I have noticed a difference. File /var/www/vhosts/astrozon/web2py/applications/astrozon/controllers/horoscope.py, line 104, in testing L1_alt_obj.on((L1_alt_obj.horid==horid) (L1_alt_obj.objid==db.tbl_alt_objects.rlord)) here it is showing the 104 line has problem. but the in last line InternalError: (1054, uUnknown column 'tbl_objects.rlord' in 'on clause'). it is telling the error is in field 'tbl_objects.rlord' which is in the previos line(103). I think it is a small syntax error. But I am unable to find out that. On Thursday, 20 September 2012 15:34:30 UTC+2, Massimo Di Pierro wrote: I do not not know but in the DAL query I see: db.tbl_objects.rlord In the original query I see tbl_objects.horid and tbl_alt_objects.rlord but not tbl_objects.rlord. I do not know the model but I suspect you simply have some typos. On Thursday, 20 September 2012 06:35:31 UTC-5, Pradeeshnarayan wrote: I am trying to convert the below sql query to DAL query. SQL query: SELECT L1_alt_obj.objid,L1_obj.objid FROM tbl_alt_objects JOIN tbl_objects on tbl_objects.horid = tbl_alt_objects.horid AND tbl_objects.objid = tbl_alt_objects.objid LEFT JOIN tbl_objects L1_obj ON L1_obj.horid = tbl_objects.horid AND L1_obj.objid = tbl_objects.rlord LEFT JOIN tbl_alt_objects L1_alt_obj ON L1_alt_obj.horid = tbl_objects.horid AND L1_alt_obj.objid = tbl_alt_objects.rlord WHERE tbl_alt_objects.horid=1076 AND tbl_alt_objects.objid=1 SQL is working fine and getting result +---+---+ | objid | objid | +---+---+ | 4 | 5 | +---+---+ DAL query: L1_obj = db.tbl_objects.with_alias('l1_obj') L1_alt_obj = db.tbl_alt_objects.with_alias('l1_alt_obj') query = (db.tbl_alt_objects.horid==1076) \ (db.tbl_alt_objects.horid==db.tbl_objects.horid) \ (db.tbl_objects.objid==1) (db.tbl_alt_objects.objid==db.tbl_objects.objid) result = db(query).select(L1_obj.objid,L1_alt_obj.objid, left=[ L1_obj.on((L1_obj.horid==horid) (db.tbl_objects.rlord == L1_obj.objid)), L1_alt_obj.on((L1_alt_obj.horid==horid) (L1_alt_obj.objid==db.tbl_alt_objects.rlord)) ] ).first() But I am getting an error as File /var/www/vhosts/astrozon/web2py/applications/astrozon/controllers/horoscope.py, line 104, in testing L1_alt_obj.on((L1_alt_obj.horid==horid) (L1_alt_obj.objid==db.tbl_alt_objects.rlord)) File /var/www/vhosts/astrozon/web2py/gluon/dal.py, line 7578, in select return adapter.select(self.query,fields,attributes) File /var/www/vhosts/astrozon/web2py/gluon/dal.py, line 1315, in select rows = response(sql) File /var/www/vhosts/astrozon/web2py/gluon/dal.py, line 1305, in response self.execute(sql) File /var/www/vhosts/astrozon/web2py/gluon/dal.py, line 1392, in execute return self.log_execute(*a, **b) File /var/www/vhosts/astrozon/web2py/gluon/dal.py, line 1386, in log_execute ret = self.cursor.execute(*a, **b) File /var/www/vhosts/astrozon/web2py/gluon/contrib/pymysql/cursors.py, line 108, in execute self.errorhandler(self, exc, value) File /var/www/vhosts/astrozon/web2py/gluon/contrib/pymysql/connections.py, line 184, in defaulterrorhandler raise errorclass, errorvalue InternalError: (1054, uUnknown column 'tbl_objects.rlord' in 'on clause') --
[web2py] Re: Improving SSL Support
ok, i got the point on having a hard time implementing case-1 with web2py. Please humour me, what I didn't got over those kind of requirements is basically...case-1 adds 0% security. If there is a man in the middle, he can scoop the cookie just as he would scoop the password in the case of no HTTPS at all on the site (so, user A gets access to whatever B can see). Is it just to reassure the majority of dumb users with a nice padlock on the login page or it gives some kind of *actual *protection? PS: leave aside the fact that SSL certificate allows your site to be trustworthy (user A knows that the site at http*S*://example.com is managed by Yarin). If you are trustworthy for only *some *of the urls, you publish something at http*S*://example.com and something at http://example.com, and users need to know *in advance* that your login is on a http*S*, *and pay attention before hitting login* to avoid a simple dns poisoning attack (i.e. for their computer http://example.com points to the site managed by a - very bad - Niphlod, that can fake whatever is there on Yarin's http*S*://example.com/login on Niphlod's http://example.com/login). That is a nice theoretical security gain (Niphlod can't have a working http*S*://example.com/login because he doesn't get to know the private key of the certificate, and users are at least warned that the certificate is not right) but with normal users (click everything shiny? yes!, install this toolbar? yes! format the c: drive? yes!) means more or less 0% achieved security (given that they hardly know in advance that a padlock on the page is required to be there). Am I missing something ? --
[web2py] list:reference database selection
Hello I have a field in my table defined like so Field('region', 'list:reference region'), The data entered is multiple regions in the form, Gibsons, Sechelt I am wondering since it is not an id how I can pass the name of the town as an argument, so it only selects entries from that town this is the view from the search_methods/region page ul data-role=listview data-inset=true {{for region in region_query:}} lia href={{=URL('views', 'region', args=(region.id))}} target=_blank data-transition=fade title={{=region.title}} {{=region.title}}/a/li {{pass}} /ul I need to change the *a* tag I think here so I can pass the correct argument here is the controller function for the views/region page (where the above a tag points to) not sure what to change here any ideas are greatly appreciated def region(): region = request.args(0) query = db.listing.region == region orderby = db.listing.title pcache = (cache.ram, 15) paginate = Pagination(db, query, orderby, display_count=10, cache=pcache, r=request, res=response) region_query = paginate.get_set(set_links=True) region_text = db(db.region.id == region).select() return dict(region_query = region_query, region_text=region_text) *cheers and ty Andrew --
Re: [web2py] Re: Using original or custom filename on uploads
What you are missing is that if you want to use webpy's facilities you must adapt to its standards. Web2py needs a complicated filename to be able to store it in the uploads/ folder a file without overwriting it with new records (e.g. two users submitting a file named image.jpg, or different uploads on different tables). If you want to make your own download function, you have all the pieces to glue together what you need (store the original filename (on the first link I provided), retrieve the file and serve that (the second link I provided)). Then, you can call myapp/defauly/myseodownloadof/image.jpg or whatever you need. On Thursday, September 20, 2012 4:27:55 PM UTC+2, Tito Garrido wrote: I have did what is written on More on Uploads: db.myfile.insert(image=db.myfile.image.store(stream, filename)) But it uses the filename just to get the extension and save it using web2py naming convention... So I guess I can't use type upload field at all to avoid web2py naming convention... :( On Thu, Sep 20, 2012 at 11:19 AM, Niphlod nip...@gmail.com javascript:wrote: no. in the scaffolding app the index/download function calls response.download. However, it works only with the original naming scheme of web2py. Given that you want your own, you must save/alter the original filename in another field of the table, and then write YOUR function to retrieve the file (e.g. looking at the altered/original filename, not the one set by web2py) and call response.stream on that file. Look into http://web2py.com/books/default/chapter/29/06#More-on-uploads for dealing with store() and retrieve(). On Thursday, September 20, 2012 3:46:09 PM UTC+2, Tito Garrido wrote: Thanks I have read it before but I didn't undertand... so I will be able to call the 'download' function using image_filename instead of image.image? Just to clarify I'd like to call a mnemonic filename due SEO optimizations. Regards, Tito On Thu, Sep 20, 2012 at 4:57 AM, Niphlod nip...@gmail.com wrote: book! http://web2py.com/books/**default/chapter/29/07#Storing-** the-original-filenamehttp://web2py.com/books/default/chapter/29/07#Storing-the-original-filename On Thursday, September 20, 2012 4:47:54 AM UTC+2, Tito Garrido wrote: Hi, Is there a way to use the original filename on a upload field or custom filenames? I guess it is possible since we can upload files in appadmin and choose the name but I couldn't find how to do it. Thanks in advance, Tito -- Linux User #387870 . _/_õ|__| ..º[ .-.___.-._| . . . . .__( o)__( o).:___ -- -- Linux User #387870 . _/_õ|__| ..º[ .-.___.-._| . . . . .__( o)__( o).:___ -- -- Linux User #387870 . _/_õ|__| ..º[ .-.___.-._| . . . . .__( o)__( o).:___ --
Re: [web2py] Re: Using original or custom filename on uploads
Thanks! I will try! On Thu, Sep 20, 2012 at 11:55 AM, Niphlod niph...@gmail.com wrote: What you are missing is that if you want to use webpy's facilities you must adapt to its standards. Web2py needs a complicated filename to be able to store it in the uploads/ folder a file without overwriting it with new records (e.g. two users submitting a file named image.jpg, or different uploads on different tables). If you want to make your own download function, you have all the pieces to glue together what you need (store the original filename (on the first link I provided), retrieve the file and serve that (the second link I provided)). Then, you can call myapp/defauly/myseodownloadof/image.jpg or whatever you need. On Thursday, September 20, 2012 4:27:55 PM UTC+2, Tito Garrido wrote: I have did what is written on More on Uploads: db.myfile.insert(image=db.**myfile.image.store(stream, filename)) But it uses the filename just to get the extension and save it using web2py naming convention... So I guess I can't use type upload field at all to avoid web2py naming convention... :( On Thu, Sep 20, 2012 at 11:19 AM, Niphlod nip...@gmail.com wrote: no. in the scaffolding app the index/download function calls response.download. However, it works only with the original naming scheme of web2py. Given that you want your own, you must save/alter the original filename in another field of the table, and then write YOUR function to retrieve the file (e.g. looking at the altered/original filename, not the one set by web2py) and call response.stream on that file. Look into http://web2py.com/books/**default/chapter/29/06#More-on-**uploadshttp://web2py.com/books/default/chapter/29/06#More-on-uploads for dealing with store() and retrieve(). On Thursday, September 20, 2012 3:46:09 PM UTC+2, Tito Garrido wrote: Thanks I have read it before but I didn't undertand... so I will be able to call the 'download' function using image_filename instead of image.image? Just to clarify I'd like to call a mnemonic filename due SEO optimizations. Regards, Tito On Thu, Sep 20, 2012 at 4:57 AM, Niphlod nip...@gmail.com wrote: book! http://web2py.com/books/**defaul**t/chapter/29/07#Storing-**the-** original-filenamehttp://web2py.com/books/default/chapter/29/07#Storing-the-original-filename On Thursday, September 20, 2012 4:47:54 AM UTC+2, Tito Garrido wrote: Hi, Is there a way to use the original filename on a upload field or custom filenames? I guess it is possible since we can upload files in appadmin and choose the name but I couldn't find how to do it. Thanks in advance, Tito -- Linux User #387870 . _/_õ|__| ..º[ .-.___.-._| . . . . .__( o)__( o).:___ -- -- Linux User #387870 . _/_õ|__| ..º[ .-.___.-._| . . . . .__( o)__( o).:___ -- -- Linux User #387870 . _/_õ|__| ..º[ .-.___.-._| . . . . .__( o)__( o).:___ -- -- Linux User #387870 . _/_õ|__| ..º[ .-.___.-._| . . . . .__( o)__( o).:___ --
Re: [web2py] Re: Using original or custom filename on uploads
Just got a problem here... using first link I will put the filename on a field image_filename but the image is not stored as image_filename... So will probably need to create a download function that will query the filename, return and return the web2py filename so I can use it on URL(). It is not nice but I guess it is the only way :( On Thu, Sep 20, 2012 at 12:09 PM, Tito Garrido titogarr...@gmail.comwrote: Thanks! I will try! On Thu, Sep 20, 2012 at 11:55 AM, Niphlod niph...@gmail.com wrote: What you are missing is that if you want to use webpy's facilities you must adapt to its standards. Web2py needs a complicated filename to be able to store it in the uploads/ folder a file without overwriting it with new records (e.g. two users submitting a file named image.jpg, or different uploads on different tables). If you want to make your own download function, you have all the pieces to glue together what you need (store the original filename (on the first link I provided), retrieve the file and serve that (the second link I provided)). Then, you can call myapp/defauly/myseodownloadof/image.jpg or whatever you need. On Thursday, September 20, 2012 4:27:55 PM UTC+2, Tito Garrido wrote: I have did what is written on More on Uploads: db.myfile.insert(image=db.**myfile.image.store(stream, filename)) But it uses the filename just to get the extension and save it using web2py naming convention... So I guess I can't use type upload field at all to avoid web2py naming convention... :( On Thu, Sep 20, 2012 at 11:19 AM, Niphlod nip...@gmail.com wrote: no. in the scaffolding app the index/download function calls response.download. However, it works only with the original naming scheme of web2py. Given that you want your own, you must save/alter the original filename in another field of the table, and then write YOUR function to retrieve the file (e.g. looking at the altered/original filename, not the one set by web2py) and call response.stream on that file. Look into http://web2py.com/books/**default/chapter/29/06#More-on-**uploadshttp://web2py.com/books/default/chapter/29/06#More-on-uploads for dealing with store() and retrieve(). On Thursday, September 20, 2012 3:46:09 PM UTC+2, Tito Garrido wrote: Thanks I have read it before but I didn't undertand... so I will be able to call the 'download' function using image_filename instead of image.image? Just to clarify I'd like to call a mnemonic filename due SEO optimizations. Regards, Tito On Thu, Sep 20, 2012 at 4:57 AM, Niphlod nip...@gmail.com wrote: book! http://web2py.com/books/**defaul**t/chapter/29/07#Storing-**the-** original-filenamehttp://web2py.com/books/default/chapter/29/07#Storing-the-original-filename On Thursday, September 20, 2012 4:47:54 AM UTC+2, Tito Garrido wrote: Hi, Is there a way to use the original filename on a upload field or custom filenames? I guess it is possible since we can upload files in appadmin and choose the name but I couldn't find how to do it. Thanks in advance, Tito -- Linux User #387870 . _/_õ|__| ..º[ .-.___.-._| . . . . .__( o)__( o).:___ -- -- Linux User #387870 . _/_õ|__| ..º[ .-.___.-._| . . . . .__( o)__( o).:___ -- -- Linux User #387870 . _/_õ|__| ..º[ .-.___.-._| . . . . .__( o)__( o).:___ -- -- Linux User #387870 . _/_õ|__| ..º[ .-.___.-._| . . . . .__( o)__( o).:___ -- Linux User #387870 . _/_õ|__| ..º[ .-.___.-._| . . . . .__( o)__( o).:___ --
Re: [web2py] Re: Using original or custom filename on uploads
let me explain better. You could write all the logic to store filenames on your custom folders and all the logic to retrieve (given a certan value) the file itself. But, you can skip most of the hassle while retaining some useful chunks of web2py code. 1) let web2py store the file the way it does so you don't have to come up with some weirdo code to avoid collision between similar names 2) store in the same table (another field) store the original filename/seo friendly filename 3) code a function that searches your table using the original/seo friendly filename. you get a row where with retrieve() you can return the file (contents). The name of the file is up to you, as is the format of the url you want to use for your seo friendly purposes. On Thursday, September 20, 2012 5:17:43 PM UTC+2, Tito Garrido wrote: Just got a problem here... using first link I will put the filename on a field image_filename but the image is not stored as image_filename... So will probably need to create a download function that will query the filename, return and return the web2py filename so I can use it on URL(). It is not nice but I guess it is the only way :( On Thu, Sep 20, 2012 at 12:09 PM, Tito Garrido titog...@gmail.comjavascript: wrote: Thanks! I will try! On Thu, Sep 20, 2012 at 11:55 AM, Niphlod nip...@gmail.com javascript: wrote: What you are missing is that if you want to use webpy's facilities you must adapt to its standards. Web2py needs a complicated filename to be able to store it in the uploads/ folder a file without overwriting it with new records (e.g. two users submitting a file named image.jpg, or different uploads on different tables). If you want to make your own download function, you have all the pieces to glue together what you need (store the original filename (on the first link I provided), retrieve the file and serve that (the second link I provided)). Then, you can call myapp/defauly/myseodownloadof/image.jpg or whatever you need. On Thursday, September 20, 2012 4:27:55 PM UTC+2, Tito Garrido wrote: I have did what is written on More on Uploads: db.myfile.insert(image=db.**myfile.image.store(stream, filename)) But it uses the filename just to get the extension and save it using web2py naming convention... So I guess I can't use type upload field at all to avoid web2py naming convention... :( On Thu, Sep 20, 2012 at 11:19 AM, Niphlod nip...@gmail.com wrote: no. in the scaffolding app the index/download function calls response.download. However, it works only with the original naming scheme of web2py. Given that you want your own, you must save/alter the original filename in another field of the table, and then write YOUR function to retrieve the file (e.g. looking at the altered/original filename, not the one set by web2py) and call response.stream on that file. Look into http://web2py.com/books/**default/chapter/29/06#More-on-**uploadshttp://web2py.com/books/default/chapter/29/06#More-on-uploads for dealing with store() and retrieve(). On Thursday, September 20, 2012 3:46:09 PM UTC+2, Tito Garrido wrote: Thanks I have read it before but I didn't undertand... so I will be able to call the 'download' function using image_filename instead of image.image? Just to clarify I'd like to call a mnemonic filename due SEO optimizations. Regards, Tito On Thu, Sep 20, 2012 at 4:57 AM, Niphlod nip...@gmail.com wrote: book! http://web2py.com/books/**defaul**t/chapter/29/07#Storing-**the-** original-filenamehttp://web2py.com/books/default/chapter/29/07#Storing-the-original-filename On Thursday, September 20, 2012 4:47:54 AM UTC+2, Tito Garrido wrote: Hi, Is there a way to use the original filename on a upload field or custom filenames? I guess it is possible since we can upload files in appadmin and choose the name but I couldn't find how to do it. Thanks in advance, Tito -- Linux User #387870 . _/_õ|__| ..º[ .-.___.-._| . . . . .__( o)__( o).:___ -- -- Linux User #387870 . _/_õ|__| ..º[ .-.___.-._| . . . . .__( o)__( o).:___ -- -- Linux User #387870 . _/_õ|__| ..º[ .-.___.-._| . . . . .__( o)__( o).:___ -- -- Linux User #387870 . _/_õ|__| ..º[ .-.___.-._| . . . . .__( o)__( o).:___ -- Linux User #387870 . _/_õ|__| ..º[ .-.___.-._| . . . . .__( o)__( o).:___ --
[web2py][outsource] Need a plugin that integrate jsTree or other tree plugin with closure table app
Hello, I would like to outsource the integration of jsTree (http://www.jstree.com/) or other mainstream js tree plugin into an app that use closure table ( http://fr.slideshare.net/billkarwin/models-for-hierarchical-data, start at page 40) to store hierarchical data. Will also need to integrate multiselect plugin (like this one : http://quasipartikel.at/multiselect/) to allow manipulation of the hierarchical data. I only need a tree of hyperlink nodes with their relation that will redirect on differents pages, not all the features provided by jsTree like renaming node or folder, etc. I would prefer someone that can make it a generic web2py plugin that could be use by others web2py community member under open source licence. Any interesting person, please write me in private. Thank you! Richard --
Re: [web2py][outsource] Need a plugin that integrate jsTree or other tree plugin with closure table app
Oups! My email : ml.richard.vez...@gmail.com On Thu, Sep 20, 2012 at 11:44 AM, Richard ml.richard.vez...@gmail.comwrote: Hello, I would like to outsource the integration of jsTree ( http://www.jstree.com/) or other mainstream js tree plugin into an app that use closure table ( http://fr.slideshare.net/billkarwin/models-for-hierarchical-data, start at page 40) to store hierarchical data. Will also need to integrate multiselect plugin (like this one : http://quasipartikel.at/multiselect/) to allow manipulation of the hierarchical data. I only need a tree of hyperlink nodes with their relation that will redirect on differents pages, not all the features provided by jsTree like renaming node or folder, etc. I would prefer someone that can make it a generic web2py plugin that could be use by others web2py community member under open source licence. Any interesting person, please write me in private. Thank you! Richard -- --
[web2py] Re: Improving SSL Support
Was wrestling with these points myself... With respect to case-1 adding 0% security: - Is a hijacked session the same as an exposed password? a hijacked session compromises a single session on a single system, while a stolen password constitutes a cross-session and (because passwords are re-used) often a cross-system breach. At the very least, probably better to keep the damage temporary and in-house rather than be the system that's used to compromise everyone else? - Also, consider OAuth- it issues tokens in lieu of passwords to allow for third party access, which provides the safety of limiting access and duration of access, and of invalidating the token if required. To me a session cookie is somewhere between a token and a password in that respect. - Many major sites implement case-1 security- Facebook for example. There's got to be *some* reason for that? - The login-only vs all-the-time SSL options aren't my idea, I took it from WordPress (http://codex.wordpress.org/Administration_Over_SSL). Again, assuming there must be a reason. As for your PS, I don't see how the scenario you describe would be any different from a site that is all SSL all the time? The user has to start at an HTTPS login screen somehow- are you saying the whole HTTPS concept is BS? Feel free to keep this going- I'm no security expert, just trying to get a handle on in it all-- On Thursday, September 20, 2012 10:47:22 AM UTC-4, Niphlod wrote: ok, i got the point on having a hard time implementing case-1 with web2py. Please humour me, what I didn't got over those kind of requirements is basically...case-1 adds 0% security. If there is a man in the middle, he can scoop the cookie just as he would scoop the password in the case of no HTTPS at all on the site (so, user A gets access to whatever B can see). Is it just to reassure the majority of dumb users with a nice padlock on the login page or it gives some kind of *actual *protection? PS: leave aside the fact that SSL certificate allows your site to be trustworthy (user A knows that the site at http*S*://example.com is managed by Yarin). If you are trustworthy for only *some *of the urls, you publish something at http*S*://example.com and something at http://example.com, and users need to know *in advance* that your login is on a http*S*, *and pay attention before hitting login* to avoid a simple dns poisoning attack (i.e. for their computer http://example.com points to the site managed by a - very bad - Niphlod, that can fake whatever is there on Yarin's http*S* ://example.com/login on Niphlod's http://example.com/login). That is a nice theoretical security gain (Niphlod can't have a working http*S*://example.com/login because he doesn't get to know the private key of the certificate, and users are at least warned that the certificate is not right) but with normal users (click everything shiny? yes!, install this toolbar? yes! format the c: drive? yes!) means more or less 0% achieved security (given that they hardly know in advance that a padlock on the page is required to be there). Am I missing something ? --
[web2py] Re: list:reference database selection
I have since added format='%(title)s %(id)s' to the region table but the listing is not being selected Is it because it is a list? I have entered multiple region entries for a single listing any idea how to select that listing in each of those regions when using the region search method? *cheers and ty On Thu, Sep 20, 2012 at 7:53 AM, Andrew Evans ade.ca...@gmail.com wrote: Hello I have a field in my table defined like so Field('region', 'list:reference region'), The data entered is multiple regions in the form, Gibsons, Sechelt I am wondering since it is not an id how I can pass the name of the town as an argument, so it only selects entries from that town this is the view from the search_methods/region page ul data-role=listview data-inset=true {{for region in region_query:}} lia href={{=URL('views', 'region', args=(region.id))}} target=_blank data-transition=fade title={{=region.title}} {{=region.title}}/a/li {{pass}} /ul I need to change the *a* tag I think here so I can pass the correct argument here is the controller function for the views/region page (where the above a tag points to) not sure what to change here any ideas are greatly appreciated def region(): region = request.args(0) query = db.listing.region == region orderby = db.listing.title pcache = (cache.ram, 15) paginate = Pagination(db, query, orderby, display_count=10, cache=pcache, r=request, res=response) region_query = paginate.get_set(set_links=True) region_text = db(db.region.id == region).select() return dict(region_query = region_query, region_text=region_text) *cheers and ty Andrew --
[web2py] Re: Monitoring scheduler with supervisord
Any luck with this Simone? On Friday, September 14, 2012 12:39:19 PM UTC-4, Niphlod wrote: ok, give me a few hours, I need to get home first :P --
[web2py] Re: 2.0.9 control-f firefox/chrome on mac doesn't work
I have same bug in Windows 7, Chrome/IE, Web2py 2.0.8 with more than 1200 lines in one controller. It happens occasionally, but when I move the scrolls, then it works as it should. It really bothers me, so that I installed WingIDE and plan to purchase it. On Tuesday, September 18, 2012 10:44:24 PM UTC+9, Adi wrote: tried search via control/f in welcome app 2.0.9 stable (firefox and chrome) on mac, and it's not responding. did editor commands change? thanks, Adi --
[web2py] Re: Monitoring scheduler with supervisord
no free time at home to test on every platform, but the code part is done. in a few days. On Thursday, September 20, 2012 6:09:59 PM UTC+2, Yarin wrote: Any luck with this Simone? On Friday, September 14, 2012 12:39:19 PM UTC-4, Niphlod wrote: ok, give me a few hours, I need to get home first :P --
[web2py] Any updates on this problem (boolean for MySQL from CHAR to TINYINT)?
Sorry for being impatient...any updates on this problem (https://groups.google.com/d/topic/web2py/IukqqZF_PPE/discussion) The problem is changing the web2py type of 'boolean' on MySQL from CHAR(1) to TINYINT. It works except for UPDATEs. Thanks. --
Re: [web2py] Re: Monitoring scheduler with supervisord
You the man On Thu, Sep 20, 2012 at 12:13 PM, Niphlod niph...@gmail.com wrote: no free time at home to test on every platform, but the code part is done. in a few days. On Thursday, September 20, 2012 6:09:59 PM UTC+2, Yarin wrote: Any luck with this Simone? On Friday, September 14, 2012 12:39:19 PM UTC-4, Niphlod wrote: ok, give me a few hours, I need to get home first :P -- --
[web2py] Re: list:reference database selection
Not sure I read your question carefully enough, but maybe you need something like: query = db.listing.region.contains(region) Anyhow, contains has a special usage for list fields. On Thursday, September 20, 2012 5:07:46 PM UTC+1, Andrew Evans wrote: I have since added format='%(title)s %(id)s' to the region table but the listing is not being selected Is it because it is a list? I have entered multiple region entries for a single listing any idea how to select that listing in each of those regions when using the region search method? *cheers and ty On Thu, Sep 20, 2012 at 7:53 AM, Andrew Evans ade@gmail.comjavascript: wrote: Hello I have a field in my table defined like so Field('region', 'list:reference region'), The data entered is multiple regions in the form, Gibsons, Sechelt I am wondering since it is not an id how I can pass the name of the town as an argument, so it only selects entries from that town this is the view from the search_methods/region page ul data-role=listview data-inset=true {{for region in region_query:}} lia href={{=URL('views', 'region', args=(region.id))}} target=_blank data-transition=fade title={{=region.title}} {{=region.title}}/a/li {{pass}} /ul I need to change the *a* tag I think here so I can pass the correct argument here is the controller function for the views/region page (where the above a tag points to) not sure what to change here any ideas are greatly appreciated def region(): region = request.args(0) query = db.listing.region == region orderby = db.listing.title pcache = (cache.ram, 15) paginate = Pagination(db, query, orderby, display_count=10, cache=pcache, r=request, res=response) region_query = paginate.get_set(set_links=True) region_text = db(db.region.id == region).select() return dict(region_query = region_query, region_text=region_text) *cheers and ty Andrew --
[web2py] Re: vimeo and auth.wiki
You can still define your own extension but the the suggested behavior is designed to be more intuitive and leave the width and height size to the CSS. On Thursday, 20 September 2012 09:35:06 UTC-5, Leonel Câmara wrote: Well but it should be possible. Here's how it could be done def vimeo(code, width=400, height=250): ## Embeds a vimeo video (by code) - ``code`` is the code of the video - ``width`` is the width you want the video to have - ``height`` is the height you want the video to have return XML(iframe src=http://player.vimeo.com/video/%(code)s width=%(width)s height=%(height)s frameborder=0 webkitAllowFullScreen mozallowfullscreen allowFullScreen/iframe % dict(code=code, width=width, height=height)) Quinta-feira, 20 de Setembro de 2012 14:31:31 UTC+1, Massimo Di Pierro escreveu: You simply cut and paste a link to the video in the text as below: http://vimeo.com/8952354 You cannot choose width and height. Vimeo choses that for you. On Thursday, 20 September 2012 07:46:43 UTC-5, mweissen wrote: I want to embedd a vimeo video in a auth.wiki page. In the plugin_wiki I had to write for example *``* *name: vimeo* *code: 8952354 * *width: 533* *height: 400* *``:widget* How can I do the same in auth.wiki? Regards, Martin --
Re: [web2py] Re: list:reference database selection
OMG You are a genius! That worked and worked beautifully thank you so much *cheers Andrew On Thu, Sep 20, 2012 at 9:43 AM, villas villa...@gmail.com wrote: Not sure I read your question carefully enough, but maybe you need something like: query = db.listing.region.contains(region) Anyhow, contains has a special usage for list fields. On Thursday, September 20, 2012 5:07:46 PM UTC+1, Andrew Evans wrote: I have since added format='%(title)s %(id)s' to the region table but the listing is not being selected Is it because it is a list? I have entered multiple region entries for a single listing any idea how to select that listing in each of those regions when using the region search method? *cheers and ty On Thu, Sep 20, 2012 at 7:53 AM, Andrew Evans ade@gmail.com wrote: Hello I have a field in my table defined like so Field('region', 'list:reference region'), The data entered is multiple regions in the form, Gibsons, Sechelt I am wondering since it is not an id how I can pass the name of the town as an argument, so it only selects entries from that town this is the view from the search_methods/region page ul data-role=listview data-inset=true {{for region in region_query:}} lia href={{=URL('views', 'region', args=(region.id))}} target=_blank data-transition=fade title={{=region.title}} {{=region.title}}/a/li {{pass}} /ul I need to change the *a* tag I think here so I can pass the correct argument here is the controller function for the views/region page (where the above a tag points to) not sure what to change here any ideas are greatly appreciated def region(): region = request.args(0) query = db.listing.region == region orderby = db.listing.title pcache = (cache.ram, 15) paginate = Pagination(db, query, orderby, display_count=10, cache=pcache, r=request, res=response) region_query = paginate.get_set(set_links=**True) region_text = db(db.region.id == region).select() return dict(region_query = region_query, region_text=region_text) *cheers and ty Andrew -- --
[web2py] Re: Problem with DAL query self join
If you send me the models I wil try it. On Thursday, 20 September 2012 09:40:01 UTC-5, Pradeeshnarayan wrote: I have rechecked again. There is a valid field rlord in tbl_objects. You can see the field 'tbl_objects.rlord' in the 6th line of SQL query. SQL is working fine. In the error description I have noticed a difference. File /var/www/vhosts/astrozon/web2py/applications/astrozon/controllers/horoscope.py, line 104, in testing L1_alt_obj.on((L1_alt_obj.horid==horid) (L1_alt_obj.objid==db.tbl_alt_objects.rlord)) here it is showing the 104 line has problem. but the in last line InternalError: (1054, uUnknown column 'tbl_objects.rlord' in 'on clause'). it is telling the error is in field 'tbl_objects.rlord' which is in the previos line(103). I think it is a small syntax error. But I am unable to find out that. --
[web2py] Re: Improving SSL Support
I think we should do something like this. I think we should have auth.settings.force_ssl_login and auth.settings.force_ssl_login. We could add secure=True option to existing requires validators. This should not be enforced from localhost. On Thursday, 20 September 2012 09:07:14 UTC-5, Yarin wrote: A proposal for improving SSL support in web2py For authenticated web applications, there are two grades of SSL implementions: Forcing SSL on login, vs forcing SSL on the entire authenticated session. In the first case, HTTPS is forced on login/registration, but reverts back to HTTP upon authentication. This protects against passwords from being sent unencrypted, but won't prevent session hijacking as the session cookie can still be compromised on subsequent HTTP requests. (See Firesheephttp://codebutler.com/firesheepfor details). Nonetheless, many sites choose this approach for performance reasons, as SSL-delivered content is not cached by browsers as efficiently (discussed on 37signals bloghttp://37signals.com/svn/posts/1431-mixed-content-warning-how-i-loathe-thee ). In the second case, the entire authenticated session is secured by forcing all traffic to go over HTTPS while a user is logged in *and* by securing the session cookie so that it will only be sent by the browser over HTTPS. (Also discussed in web2py users group - Auth over SSLhttps://groups.google.com/d/msg/web2py/7qoHMs-4Va8/jRFOqYHri4gJ ) web2py should make it easier to deal with these scenarios. I just implemented a case-1 type solution and it took quite a bit of work. Moreover, web2py currently provides two SSL-control functions, which, taken on their own, can lead to problems for the uninitiated: - session.secure() will ensure that the session cookie is only transmitted over HTTPS, but doesn't force HTTPS, so that for any subsequent session calls made over HTTP will simply not have access to the auth session, but this is not obvious (Correct me if I'm wrong) - request.requires_https() (undocumented?) is a misnomer, because if forces HTTPS but then assumes a case-2 scenario and secures the session cookie *Proposals:* - SSL auth settings - auth.settings.force_ssl_login - Forces HTTPS for login/registration - auth.settings.force_ssl_session - Forces HTTPS throughout an authenticated session, and secure the session cookie (If True, force_ssl_login not necessary) - Other more granular controls - @requires_https() - decorator for controller functions that forces HTTPS for that function only - 'secure=True' option on forms ensures submission over HTTPS --
[web2py] Re: 2.0.9 control-f firefox/chrome on mac doesn't work
Lat's try adding the search plugin for codemirror and see what happens. On Thursday, 20 September 2012 11:12:56 UTC-5, Jaymin Oh wrote: I have same bug in Windows 7, Chrome/IE, Web2py 2.0.8 with more than 1200 lines in one controller. It happens occasionally, but when I move the scrolls, then it works as it should. It really bothers me, so that I installed WingIDE and plan to purchase it. On Tuesday, September 18, 2012 10:44:24 PM UTC+9, Adi wrote: tried search via control/f in welcome app 2.0.9 stable (firefox and chrome) on mac, and it's not responding. did editor commands change? thanks, Adi --
[web2py] Re: 2.0.9 control-f firefox/chrome on mac doesn't work
Ok, this is helpful. I didn't think of document size before. It seems that CodeMirror doesn't render a whole document to the DOM when it's big. So the browser search function won't pick up parts that are inactive. I don't know how is this handled with Codemirror's internal search, it's something to look into. Regards, Ales On Thursday, September 20, 2012 6:12:56 PM UTC+2, Jaymin Oh wrote: I have same bug in Windows 7, Chrome/IE, Web2py 2.0.8 with more than 1200 lines in one controller. It happens occasionally, but when I move the scrolls, then it works as it should. It really bothers me, so that I installed WingIDE and plan to purchase it. On Tuesday, September 18, 2012 10:44:24 PM UTC+9, Adi wrote: tried search via control/f in welcome app 2.0.9 stable (firefox and chrome) on mac, and it's not responding. did editor commands change? thanks, Adi --
[web2py] Re: Improving SSL Support
Well, this list is often used to discuss good behaviours, so, let's brainstorm. - Is a hijacked session the same as an exposed password? a hijacked session compromises a single session on a single system, while a stolen password constitutes a cross-session and (because passwords are re-used) often a cross-system breach. At the very least, probably better to keep the damage temporary and in-house rather than be the site that compromises everyone else? The only valid point here is a sort of netiquette among web developers (users have a few username-password and use those in each and every site): sort of if only all sites gave secured SSL access... no gain in your's site security at all. Session expiration is another beast to tackle (users will feel good without re-entering the same username-password if yet authenticated some time ago.but the time window is very different from site to site - just think to different requirements as admin dashboards, banking accounts, data entry, blogs, forums, etc etc). - Many major sites implement case-1 security- Facebook for example. There's got to be *some* reason for that? Yep, saving CPU :P. Users and data security was never a level A goal to facebook (and, respectfully, the data in facebook is not superprivate anyhow). They have a default method for non-concerned citizens, but you can tune the preferences to allow only https navigation as well if I remember correctly (I was never a fan of facebook). Probably the netiquette aforementioned works for facebook big times: if you leak to man in the middle passwords for billions users it a worst thing than leaking 1k usernames-passwords. - The login-only vs all-the-time SSL options aren't my idea, I took it from WordPress (http://codex.wordpress.org/Administration_Over_SSL). Again, assuming there must be a reason. Quote: Which Should I Use? FORCE_SSL_LOGIN is for when you want to secure logins so that passwords are not sent in the clear, but you still want to allow non-SSL admin sessions (since SSL can be slow). FORCE_SSL_ADMIN is for when you want to secure logins *and* the admin area so that both passwords and cookies are never sent in the clear. This is the most secure option. This probably has to do with Wordpress being installed on every shared hosting facility in the world. speed vs security just to not leak password (but leak cookie) is not a dealbreaker in 2012 for us (at least until python shared hosting improves the coverage). An addendum to the 37signals link you posted before: is dated 2008! Even IE8 now caches correctly by default if cache headers are set. As for your PS, I don't see how the scenario you describe would be any different from a site that is all SSL all the time? The user has to start at an HTTPS login screen somehow- are you saying the whole HTTPS concept is BS? BS? What am I, mad ? Absolutely not! The obvious big +1 is that no man in the middle can ever see the exchanged data between Yarin server and user A. As for users concerns and dns poisoning, if every page of http://example.com normally redirects to httpS://example.com, then users knows that every page of Yarin site is providing a padlock (and at least a good 70% spots the difference). Phishing is always behind the corner (e.g. https://exampl*3*.com), but if you are concerned you can buy similar domains and manage those yourself. Feel free to keep this going- I'm no security expert, just trying to get a handle on in it all-- Neither am I, but what's the point in 2012 of using partially ssl for your site? If the data is private, needs to be secured (data as in, e.g., personal information, like phone no or address). When a page like http://example.com/profile shows you your address, your man in the middle will read it. Should I really go buying a relatively expensive SSL certificate to provide the sort of netiquette said before: maybe yes, but you're confirming that security on your site is not a level A goal. If the reply here is browser don't cache well ssl resources I can assure you that the situation changed a lot in the last years (mostly from the time big sites like google, yahoo, twitter co. allowed a complete https navigation in their domains). If the reply is SSL encryption and handshaking is hurting my CPU I'd say that also in this realm situation changed a lot: you can get a hell lot of more raw-power/buck than 4 years ago (while instead bandwith-related costs tends to be more statical) --
Re: [web2py][outsource] Need a plugin that integrate jsTree or other tree plugin with closure table app
also here a tree http://www.jeasyui.com/tutorial/app/rssreader/index.html António 2012/9/20 Richard Vézina ml.richard.vez...@gmail.com Oups! My email : ml.richard.vez...@gmail.com On Thu, Sep 20, 2012 at 11:44 AM, Richard ml.richard.vez...@gmail.comwrote: Hello, I would like to outsource the integration of jsTree ( http://www.jstree.com/) or other mainstream js tree plugin into an app that use closure table ( http://fr.slideshare.net/billkarwin/models-for-hierarchical-data, start at page 40) to store hierarchical data. Will also need to integrate multiselect plugin (like this one : http://quasipartikel.at/multiselect/) to allow manipulation of the hierarchical data. I only need a tree of hyperlink nodes with their relation that will redirect on differents pages, not all the features provided by jsTree like renaming node or folder, etc. I would prefer someone that can make it a generic web2py plugin that could be use by others web2py community member under open source licence. Any interesting person, please write me in private. Thank you! Richard -- -- --
Re: [web2py] Re: Using original or custom filename on uploads
Thanks! On Thu, Sep 20, 2012 at 12:40 PM, Niphlod niph...@gmail.com wrote: let me explain better. You could write all the logic to store filenames on your custom folders and all the logic to retrieve (given a certan value) the file itself. But, you can skip most of the hassle while retaining some useful chunks of web2py code. 1) let web2py store the file the way it does so you don't have to come up with some weirdo code to avoid collision between similar names 2) store in the same table (another field) store the original filename/seo friendly filename 3) code a function that searches your table using the original/seo friendly filename. you get a row where with retrieve() you can return the file (contents). The name of the file is up to you, as is the format of the url you want to use for your seo friendly purposes. On Thursday, September 20, 2012 5:17:43 PM UTC+2, Tito Garrido wrote: Just got a problem here... using first link I will put the filename on a field image_filename but the image is not stored as image_filename... So will probably need to create a download function that will query the filename, return and return the web2py filename so I can use it on URL(). It is not nice but I guess it is the only way :( On Thu, Sep 20, 2012 at 12:09 PM, Tito Garrido titog...@gmail.comwrote: Thanks! I will try! On Thu, Sep 20, 2012 at 11:55 AM, Niphlod nip...@gmail.com wrote: What you are missing is that if you want to use webpy's facilities you must adapt to its standards. Web2py needs a complicated filename to be able to store it in the uploads/ folder a file without overwriting it with new records (e.g. two users submitting a file named image.jpg, or different uploads on different tables). If you want to make your own download function, you have all the pieces to glue together what you need (store the original filename (on the first link I provided), retrieve the file and serve that (the second link I provided)). Then, you can call myapp/defauly/myseodownloadof/**image.jpg or whatever you need. On Thursday, September 20, 2012 4:27:55 PM UTC+2, Tito Garrido wrote: I have did what is written on More on Uploads: db.myfile.insert(image=db.**myfi**le.image.store(stream, filename)) But it uses the filename just to get the extension and save it using web2py naming convention... So I guess I can't use type upload field at all to avoid web2py naming convention... :( On Thu, Sep 20, 2012 at 11:19 AM, Niphlod nip...@gmail.com wrote: no. in the scaffolding app the index/download function calls response.download. However, it works only with the original naming scheme of web2py. Given that you want your own, you must save/alter the original filename in another field of the table, and then write YOUR function to retrieve the file (e.g. looking at the altered/original filename, not the one set by web2py) and call response.stream on that file. Look into http://web2py.com/books/**defaul**t/chapter/29/06#More-on-**upload**shttp://web2py.com/books/default/chapter/29/06#More-on-uploads for dealing with store() and retrieve(). On Thursday, September 20, 2012 3:46:09 PM UTC+2, Tito Garrido wrote: Thanks I have read it before but I didn't undertand... so I will be able to call the 'download' function using image_filename instead of image.image? Just to clarify I'd like to call a mnemonic filename due SEO optimizations. Regards, Tito On Thu, Sep 20, 2012 at 4:57 AM, Niphlod nip...@gmail.com wrote: book! http://web2py.com/books/**default/chapter/29/07#Storing-**the-* *or**iginal-filenamehttp://web2py.com/books/default/chapter/29/07#Storing-the-original-filename On Thursday, September 20, 2012 4:47:54 AM UTC+2, Tito Garrido wrote: Hi, Is there a way to use the original filename on a upload field or custom filenames? I guess it is possible since we can upload files in appadmin and choose the name but I couldn't find how to do it. Thanks in advance, Tito -- Linux User #387870 . _/_õ|__| ..º[ .-.___.-._| . . . . .__( o)__( o).:___ -- -- Linux User #387870 . _/_õ|__| ..º[ .-.___.-._| . . . . .__( o)__( o).:___ -- -- Linux User #387870 . _/_õ|__| ..º[ .-.___.-._| . . . . .__( o)__( o).:___ -- -- Linux User #387870 . _/_õ|__| ..º[ .-.___.-._| . . . . .__( o)__( o).:___ -- Linux User #387870 . _/_õ|__| ..º[ .-.___.-._| . . . . .__( o)__( o).:___ -- -- Linux User #387870 . _/_õ|__| ..º[ .-.___.-._| . . . . .__( o)__( o).:___ --
Re: [web2py][outsource] Need a plugin that integrate jsTree or other tree plugin with closure table app
may I ask a few questions 1) (a suggestion) why do you need multiselect if jstree already support drag drop? http://www.jstree.com/documentation/dnd# and I didn't see a better way to manipulate hierarchical data than what it offers an alternative is nestedSortable http://mjsarfatti.com/sandbox/nestedSortable/ but when you want to move a node with a lot of children it has poor performance 2) (interested because I did research some time ago on that field) why did you chose closure data model? --
[web2py] Re: Cookie Based Logon
I guess you could programatically create a dummy user account and then retrieve it and auto login using data on the session. Quinta-feira, 20 de Setembro de 2012 3:22:23 UTC+1, Abhishek Gupta escreveu: Hi First of all, a lot of thanks for such an awesome piece of software. I am working on a website where I need to implement cookie based logon quite similar to the system described here http://www.phpnerds.com/article/using-cookies-in-php/2 in php. The idea is simple. When a user clicks on Explore button for the first time, a cookie is set on his computer with an expiry date far away. And he goes through the sign up process. Whenever users clicks on the button for the next time the cookie is retrieved and used to authenticate user finally leading him to log in. I am comfortable with handling cookies in web2py but I am not able to understand how can I integrate with existing sign in process (my website uses facebook and google based sign in forms too with this). Thanks in advance Abhishek --
Re: [web2py] Re: Cookie Based Logon
Are there any function in web2py which can help me in creating the user, and doing the automatic bare login as in this case? - abhishek On 20 September 2012 14:14, Leonel Câmara leonelcam...@gmail.com wrote: I guess you could programatically create a dummy user account and then retrieve it and auto login using data on the session. Quinta-feira, 20 de Setembro de 2012 3:22:23 UTC+1, Abhishek Gupta escreveu: Hi First of all, a lot of thanks for such an awesome piece of software. I am working on a website where I need to implement cookie based logon quite similar to the system described here http://www.phpnerds.com/** article/using-cookies-in-php/2http://www.phpnerds.com/article/using-cookies-in-php/2 ** in php. The idea is simple. When a user clicks on Explore button for the first time, a cookie is set on his computer with an expiry date far away. And he goes through the sign up process. Whenever users clicks on the button for the next time the cookie is retrieved and used to authenticate user finally leading him to log in. I am comfortable with handling cookies in web2py but I am not able to understand how can I integrate with existing sign in process (my website uses facebook and google based sign in forms too with this). Thanks in advance Abhishek -- --
Re: [web2py] Re: vimeo and auth.wiki
*Massimo*: auth.wiki is great! I have copied http://vimeo.com/8952354 to a page. Ok, it works fine, but the picture is bigger than the page and I have to scroll. Therefore I want to adjust the width. Using CSS: sorry, I did not understand how to use CSS together with a wiki page. Are there special classes? *Leonel*: Thank you this idea. But how can I call a function from a wiki page? 2012/9/20 Massimo Di Pierro massimo.dipie...@gmail.com You can still define your own extension but the the suggested behavior is designed to be more intuitive and leave the width and height size to the CSS. On Thursday, 20 September 2012 09:35:06 UTC-5, Leonel Câmara wrote: Well but it should be possible. Here's how it could be done def vimeo(code, width=400, height=250): ## Embeds a vimeo video (by code) - ``code`` is the code of the video - ``width`` is the width you want the video to have - ``height`` is the height you want the video to have return XML(iframe src=http://player.vimeo.com/**video/%(code)s width=%(width)s height=%(height)s frameborder=0 webkitAllowFullScreen mozallowfullscreen allowFullScreen/iframe % dict(code=code, width=width, height=height)) Quinta-feira, 20 de Setembro de 2012 14:31:31 UTC+1, Massimo Di Pierro escreveu: You simply cut and paste a link to the video in the text as below: http://vimeo.com/8952354 You cannot choose width and height. Vimeo choses that for you. On Thursday, 20 September 2012 07:46:43 UTC-5, mweissen wrote: I want to embedd a vimeo video in a auth.wiki page. In the plugin_wiki I had to write for example *``* *name: vimeo* *code: 8952354 * *width: 533* *height: 400* *``:widget* How can I do the same in auth.wiki? Regards, Martin --
[web2py] Re: 2.0.9 control-f firefox/chrome on mac doesn't work
Try trunk again look at the bottom of the edit page for search keybindings. On Thursday, 20 September 2012 11:54:38 UTC-5, LightDot wrote: Ok, this is helpful. I didn't think of document size before. It seems that CodeMirror doesn't render a whole document to the DOM when it's big. So the browser search function won't pick up parts that are inactive. I don't know how is this handled with Codemirror's internal search, it's something to look into. Regards, Ales On Thursday, September 20, 2012 6:12:56 PM UTC+2, Jaymin Oh wrote: I have same bug in Windows 7, Chrome/IE, Web2py 2.0.8 with more than 1200 lines in one controller. It happens occasionally, but when I move the scrolls, then it works as it should. It really bothers me, so that I installed WingIDE and plan to purchase it. On Tuesday, September 18, 2012 10:44:24 PM UTC+9, Adi wrote: tried search via control/f in welcome app 2.0.9 stable (firefox and chrome) on mac, and it's not responding. did editor commands change? thanks, Adi --
[web2py] Re: AppointmentManager appliance updated
Thanks. WIll post it asap. On Thursday, 20 September 2012 12:54:42 UTC-5, dhmorgan wrote: I have updated the AppointmentManager appliance to run on Web2Py 2.0. It still needs improvement, but at least now it is functional. The code is available at: https://github.com/oktools/web2py-appliances/tree/master/AppointmentManager --
Re: [web2py] Re: list:reference database selection
Always good to help :) On Thursday, September 20, 2012 5:46:01 PM UTC+1, Andrew Evans wrote: OMG You are a genius! That worked and worked beautifully thank you so much *cheers Andrew On Thu, Sep 20, 2012 at 9:43 AM, villas vill...@gmail.com javascript:wrote: Not sure I read your question carefully enough, but maybe you need something like: query = db.listing.region.contains(region) Anyhow, contains has a special usage for list fields. On Thursday, September 20, 2012 5:07:46 PM UTC+1, Andrew Evans wrote: I have since added format='%(title)s %(id)s' to the region table but the listing is not being selected Is it because it is a list? I have entered multiple region entries for a single listing any idea how to select that listing in each of those regions when using the region search method? *cheers and ty On Thu, Sep 20, 2012 at 7:53 AM, Andrew Evans ade@gmail.com wrote: Hello I have a field in my table defined like so Field('region', 'list:reference region'), The data entered is multiple regions in the form, Gibsons, Sechelt I am wondering since it is not an id how I can pass the name of the town as an argument, so it only selects entries from that town this is the view from the search_methods/region page ul data-role=listview data-inset=true {{for region in region_query:}} lia href={{=URL('views', 'region', args=(region.id))}} target=_blank data-transition=fade title={{=region.title}} {{=region.title}}/a/li {{pass}} /ul I need to change the *a* tag I think here so I can pass the correct argument here is the controller function for the views/region page (where the above a tag points to) not sure what to change here any ideas are greatly appreciated def region(): region = request.args(0) query = db.listing.region == region orderby = db.listing.title pcache = (cache.ram, 15) paginate = Pagination(db, query, orderby, display_count=10, cache=pcache, r=request, res=response) region_query = paginate.get_set(set_links=**True) region_text = db(db.region.id == region).select() return dict(region_query = region_query, region_text=region_text) *cheers and ty Andrew -- --
Re: [web2py] Re: Cookie Based Logon
There are functions for this, but what is wrong with the existing 'remember me' mechanism in Auth? On Thursday, September 20, 2012 7:17:05 PM UTC+1, Abhishek Gupta wrote: Are there any function in web2py which can help me in creating the user, and doing the automatic bare login as in this case? - abhishek On 20 September 2012 14:14, Leonel Câmara leonel...@gmail.comjavascript: wrote: I guess you could programatically create a dummy user account and then retrieve it and auto login using data on the session. Quinta-feira, 20 de Setembro de 2012 3:22:23 UTC+1, Abhishek Gupta escreveu: Hi First of all, a lot of thanks for such an awesome piece of software. I am working on a website where I need to implement cookie based logon quite similar to the system described here http://www.phpnerds.com/** article/using-cookies-in-php/2http://www.phpnerds.com/article/using-cookies-in-php/2 ** in php. The idea is simple. When a user clicks on Explore button for the first time, a cookie is set on his computer with an expiry date far away. And he goes through the sign up process. Whenever users clicks on the button for the next time the cookie is retrieved and used to authenticate user finally leading him to log in. I am comfortable with handling cookies in web2py but I am not able to understand how can I integrate with existing sign in process (my website uses facebook and google based sign in forms too with this). Thanks in advance Abhishek -- --
[web2py] Re: Improving SSL Support
@Massimo - that'd be great. One more kink to throw in is recognizing proxied SSL calls. This requires knowing whether you can trust the traffic headers (e.g. having apache locked down to all traffic except your load balancer), so maybe we need a trust_proxied_ssl or is_proxied setting somewhere? if request.env.http_x_forwarded_for and request.env.http_x_forwarded_proto in ['https', 'HTTPS'] and auth.settings.is_proxied: On Thursday, September 20, 2012 12:52:22 PM UTC-4, Massimo Di Pierro wrote: I think we should do something like this. I think we should have auth.settings.force_ssl_login and auth.settings.force_ssl_login. We could add secure=True option to existing requires validators. This should not be enforced from localhost. On Thursday, 20 September 2012 09:07:14 UTC-5, Yarin wrote: A proposal for improving SSL support in web2py For authenticated web applications, there are two grades of SSL implementions: Forcing SSL on login, vs forcing SSL on the entire authenticated session. In the first case, HTTPS is forced on login/registration, but reverts back to HTTP upon authentication. This protects against passwords from being sent unencrypted, but won't prevent session hijacking as the session cookie can still be compromised on subsequent HTTP requests. (See Firesheep http://codebutler.com/firesheep for details). Nonetheless, many sites choose this approach for performance reasons, as SSL-delivered content is not cached by browsers as efficiently (discussed on 37signals bloghttp://37signals.com/svn/posts/1431-mixed-content-warning-how-i-loathe-thee ). In the second case, the entire authenticated session is secured by forcing all traffic to go over HTTPS while a user is logged in *and* by securing the session cookie so that it will only be sent by the browser over HTTPS. (Also discussed in web2py users group - Auth over SSLhttps://groups.google.com/d/msg/web2py/7qoHMs-4Va8/jRFOqYHri4gJ ) web2py should make it easier to deal with these scenarios. I just implemented a case-1 type solution and it took quite a bit of work. Moreover, web2py currently provides two SSL-control functions, which, taken on their own, can lead to problems for the uninitiated: - session.secure() will ensure that the session cookie is only transmitted over HTTPS, but doesn't force HTTPS, so that for any subsequent session calls made over HTTP will simply not have access to the auth session, but this is not obvious (Correct me if I'm wrong) - request.requires_https() (undocumented?) is a misnomer, because if forces HTTPS but then assumes a case-2 scenario and secures the session cookie *Proposals:* - SSL auth settings - auth.settings.force_ssl_login - Forces HTTPS for login/registration - auth.settings.force_ssl_session - Forces HTTPS throughout an authenticated session, and secure the session cookie (If True, force_ssl_login not necessary) - Other more granular controls - @requires_https() - decorator for controller functions that forces HTTPS for that function only - 'secure=True' option on forms ensures submission over HTTPS --
[web2py] Re: Improving SSL Support
@Niphlod 1) only valid point here is a sort of netiquette among web developers Wrong- this is a matter of protecting the user. I may have a site that doesn't deal with anything important. Let's say it allows users to see their friends' baby pictures. They need to login so that we know what babies to show. Session gets hijacked? Big deal, you can see someone else's babies. But half the users are gonna use the same password they use for their paypal account. Should they have? no. But you don't want to be the vector by which that stuff happens. 2) It's a cpu issue I can't follow your conclusion here. You say it's not important in 2012, and yet Facebook still defaults to it and WordPress continues to offer it. It may not be a good trade off in most cases, but it's certainly common practice. I think we're still missing something here... 3) Caching issue outdated This is good to know- was not aware. 4) Mixed content issue Mixed content is not always a choice. If you pull images hosted on other HTTP sites, boom, you're stuck with mixed content, and some browsers don't handle it elegantly. IE throws a pop up in your face. Chrome shows a warning indicator on all your HTTPS pages in a session if just one page has mixed content. This is why we are making all-SSL an option but not the default on our site- we interface with Facebook, pull thumb images from outside pages, etc and don't want the pop ups or warnings. We don't deal with sensitive data so the trade-off makes sense to us, but we're certainly not gonna be passing around our users' passwords unprotected. 5) Still don't understand your PS. Can't tell if you're talking about user perception or actual DNS poisoning, but the first point is out of scope I think- my concern is that WE know what is secure- I'm not counting on the user to know or care. As for the latter, I still don't see how the scenario is any different if both case-1 and case-2 require a user to be redirected to https://example.com/login if they type in http://example.com/login. lost me on this one. On Thursday, September 20, 2012 12:56:50 PM UTC-4, Niphlod wrote: Well, this list is often used to discuss good behaviours, so, let's brainstorm. - Is a hijacked session the same as an exposed password? a hijacked session compromises a single session on a single system, while a stolen password constitutes a cross-session and (because passwords are re-used) often a cross-system breach. At the very least, probably better to keep the damage temporary and in-house rather than be the site that compromises everyone else? The only valid point here is a sort of netiquette among web developers (users have a few username-password and use those in each and every site): sort of if only all sites gave secured SSL access... no gain in your's site security at all. Session expiration is another beast to tackle (users will feel good without re-entering the same username-password if yet authenticated some time ago.but the time window is very different from site to site - just think to different requirements as admin dashboards, banking accounts, data entry, blogs, forums, etc etc). - Many major sites implement case-1 security- Facebook for example. There's got to be *some* reason for that? Yep, saving CPU :P. Users and data security was never a level A goal to facebook (and, respectfully, the data in facebook is not superprivate anyhow). They have a default method for non-concerned citizens, but you can tune the preferences to allow only https navigation as well if I remember correctly (I was never a fan of facebook). Probably the netiquette aforementioned works for facebook big times: if you leak to man in the middle passwords for billions users it a worst thing than leaking 1k usernames-passwords. - The login-only vs all-the-time SSL options aren't my idea, I took it from WordPress (http://codex.wordpress.org/Administration_Over_SSL). Again, assuming there must be a reason. Quote: Which Should I Use? FORCE_SSL_LOGIN is for when you want to secure logins so that passwords are not sent in the clear, but you still want to allow non-SSL admin sessions (since SSL can be slow). FORCE_SSL_ADMIN is for when you want to secure logins *and* the admin area so that both passwords and cookies are never sent in the clear. This is the most secure option. This probably has to do with Wordpress being installed on every shared hosting facility in the world. speed vs security just to not leak password (but leak cookie) is not a dealbreaker in 2012 for us (at least until python shared hosting improves the coverage). An addendum to the 37signals link you posted before: is dated 2008! Even IE8 now caches correctly by default if cache headers are set. As for your PS, I don't see how the scenario you describe would be any different from a site that is all SSL all the time? The user has to start
[web2py] Re: registration message
Does it show any message at all? You could always set an arg or var and then in the destination function test for that and, if present, display flash. Just an idea. On Thursday, September 20, 2012 10:05:22 AM UTC+1, Yebach wrote: Hello After a new user is created I want to show the flash message and redirect a user back to home page. The redirection is done with auth.settings.register_next = URL('school','index', vars=dict(school=database)) and for message auth.messages.registration_pending ('bklabafbaklva') but the message is not shown? why? thank you --
Re: [web2py][outsource] Need a plugin that integrate jsTree or other tree plugin with closure table app
1) Users are defining information into simple form where is will be easier to allow them to create hierarchy... About nestedSortable as long as it is well supported by the owner of the project no problem about the js plugin used. 2) Bill Karwin lecture convinces me that it was the cleaner way of doing thing. Also, my data are already structured that way. The relation between node are not going to move that much (not move at all once establish), it may happen that when node will be created there will be mistake that will need to be corrected, but then no change will happen (that may have no consequence on the programmation since the moving of subnode are be required anyway). Thanks Richard On Thu, Sep 20, 2012 at 2:00 PM, Vasile Ermicioi elff...@gmail.com wrote: may I ask a few questions 1) (a suggestion) why do you need multiselect if jstree already support drag drop? http://www.jstree.com/documentation/dnd# and I didn't see a better way to manipulate hierarchical data than what it offers an alternative is nestedSortable http://mjsarfatti.com/sandbox/nestedSortable/ but when you want to move a node with a lot of children it has poor performance 2) (interested because I did research some time ago on that field) why did you chose closure data model? -- --
[web2py] Re: Installing Windows Service (2.0.9 Win exe)
On Wednesday, 19 September 2012 04:51:51 UTC+10, Andrew W wrote: Thanks Tim, Just confirming, you used the settings in options_std.py file in web2 py dir, not the ones shown in book. Yes, I started with the settings in options_std.py and only changed the port setting. --
[web2py] Re: Improving SSL Support
Wrong- this is a matter of protecting the user. I may have a site that doesn't deal with anything important. Let's say it allows users to see their friends' baby pictures. They need to login so that we know what babies to show. Session gets hijacked? Big deal, you can see someone else's babies. But half the users are gonna use the same password they use for their paypal account. Should they have? no. But you don't want to be the vector by which that stuff happens. That's the kind of netiquette I was talking about. Web developers should apply the netiquette, so it would be less probable that the password gets leaked (and users are happy) . 2) It's a cpu issue I can't follow your conclusion here. You say it's not important in 2012, and yet Facebook still defaults to it and WordPress continues to offer it. It may not be a good trade off in most cases, but it's certainly common practice. I think we're still missing something here... Facebook runs how many server ? Given that content on facebook is not so precious, and that privacy was never a big issue for them, they save some buck on plain navigation vs ssl. Wordpress is not recommending that, it's giving you a choice. Wordpress runs for the 80% of the time a relatively small site on a supercrowded shared hosting scenario. SSL navigation shouldn't be slower, but crowded server are the majority of the cases where Wordpress runs, so its common to see a certain limitation using those providers together with a SSL certificate. I think the point you're missing from my post before is related to the lack of coverage for python shared-hosting that could pose the same problem in terms of slower response times. Given that normally web2py apps runs on VPS in the worst case scenario, the CPU time wasted in SSL protection is negligible. 4) Mixed content issue Mixed content is not always a choice. If you pull images hosted on other HTTP sites, boom, you're stuck with mixed content, and some browsers don't handle it elegantly. IE throws a pop up in your face. Chrome shows a warning indicator on all your HTTPS pages in a session if just one page has mixed content. Yep. This is kind of frustrating. But has a logic: an URL with padlock doesn't necessary mean that all the data the user sees (and exchange, e.g. posting a form) is secured. We (web developers) know that ajax, iframe, images and recently websockets can exchange data out of band in regards of SSL protection, normal users don't. Some browsers alert the user of this fact, some browsers not. Some sites proxy the content served to avoid the itchy browsers popups, some sites don't. It's just a matter of visions. 5) Still don't understand your PS. Can't tell if you're talking about user perception or actual DNS poisoning, but the first point is out of scope I think- my concern is that WE know what is secure- I'm not counting on the user to know or care. As for the latter, I still don't see how the scenario is any different if both case-1 and case-2 require a user to be redirected to https://example.com/login if they type in http://example.com/login. lost me on this one. Well, both. Your point is don't let the users give away their passwords on my site: ok, I get that point. But, e.g. with DNS poisoning: your pages shows up in the google search results. User clicks on https://example.com/yarin/baby_pictures (login to see Yarin's baby pictures) and are instead connected to an evil Niphlod's hosted https://example.com/yarin/baby_pictures. When browsing to Niphlod's hosted, they get a warning about a certificate mismatch, while on Yarin's one all goes fine. Without SSL, your users are giving passwords away to Niphlod. User perception: hey, it had a padlock all the time, why this time there is no padlock? . This has more impact in users mind than checking if https is enabled only in the login page. Explicit redirection make your site protected without caring on the web2py side, if you are on a production webserver. Beware that you can force redirect to https only for sections of your site (e.g., the login page, assuming you're still fine with that). If you run web2py behind a webserver with that restriction, your code doesn't have to deal with checking if SSL is enabled or not. Another fine addition is that in modern browsers (and cellphones, and tablets) if you type example.com you are pointed to http://example.com. Having to type https:// is a loss of time for desktop users (see all the madness regarding short urls) and a little cumbersome on touch keyboards on small devices. @Yarin and all: at the end of the speech, still Yarin's suggestion to make case-1 more achievable by web2py is good. --
Re: [web2py] Re: Using original or custom filename on uploads
Is this a matter of SEO? for SEO it is better to always use the alt attribute. img alt=My picture src=dfskdfnjksdnfksdlfnshjgndfhgn.jpg Google and other search spiders takes in count the alt= when it is present, otherwise the bots will try to read the picture name. --
Re: [web2py] Re: Cookie Based Logon
Hi, I am working on a login system where user is able to logon just using the cookies unlike the existing system where user logs in using the normal sign in + and that creates remember me cookies. - abhishek On 20 September 2012 14:54, villas villa...@gmail.com wrote: There are functions for this, but what is wrong with the existing 'remember me' mechanism in Auth? On Thursday, September 20, 2012 7:17:05 PM UTC+1, Abhishek Gupta wrote: Are there any function in web2py which can help me in creating the user, and doing the automatic bare login as in this case? - abhishek On 20 September 2012 14:14, Leonel Câmara leonel...@gmail.com wrote: I guess you could programatically create a dummy user account and then retrieve it and auto login using data on the session. Quinta-feira, 20 de Setembro de 2012 3:22:23 UTC+1, Abhishek Gupta escreveu: Hi First of all, a lot of thanks for such an awesome piece of software. I am working on a website where I need to implement cookie based logon quite similar to the system described here http://www.phpnerds.com/**a** rticle/using-cookies-in-php/2http://www.phpnerds.com/article/using-cookies-in-php/2 ** **in php. The idea is simple. When a user clicks on Explore button for the first time, a cookie is set on his computer with an expiry date far away. And he goes through the sign up process. Whenever users clicks on the button for the next time the cookie is retrieved and used to authenticate user finally leading him to log in. I am comfortable with handling cookies in web2py but I am not able to understand how can I integrate with existing sign in process (my website uses facebook and google based sign in forms too with this). Thanks in advance Abhishek -- -- --
[web2py] Very intro question on logging: where is the console output?
Ok, this reveals the depth of my ignorance. The logging.example.conf file is set up to output logs to console. What is that? If I'm trying to log things running on a remote server, where do I access this console? Thanks. --
Re: [web2py] Re: Cookie Based Logon
http://web2py.com/books/default/chapter/29/09#Manual-Authentication On Thursday, September 20, 2012 2:17:05 PM UTC-4, Abhishek Gupta wrote: Are there any function in web2py which can help me in creating the user, and doing the automatic bare login as in this case? - abhishek On 20 September 2012 14:14, Leonel Câmara leonel...@gmail.comjavascript: wrote: I guess you could programatically create a dummy user account and then retrieve it and auto login using data on the session. Quinta-feira, 20 de Setembro de 2012 3:22:23 UTC+1, Abhishek Gupta escreveu: Hi First of all, a lot of thanks for such an awesome piece of software. I am working on a website where I need to implement cookie based logon quite similar to the system described here http://www.phpnerds.com/** article/using-cookies-in-php/2http://www.phpnerds.com/article/using-cookies-in-php/2 ** in php. The idea is simple. When a user clicks on Explore button for the first time, a cookie is set on his computer with an expiry date far away. And he goes through the sign up process. Whenever users clicks on the button for the next time the cookie is retrieved and used to authenticate user finally leading him to log in. I am comfortable with handling cookies in web2py but I am not able to understand how can I integrate with existing sign in process (my website uses facebook and google based sign in forms too with this). Thanks in advance Abhishek -- --
Re: [web2py] Re: Cookie Based Logon
and this: http://web2py.com/books/default/chapter/29/04#Cookies On Thursday, September 20, 2012 9:35:14 PM UTC+1, Abhishek Gupta wrote: Hi, I am working on a login system where user is able to logon just using the cookies unlike the existing system where user logs in using the normal sign in + and that creates remember me cookies. - abhishek On 20 September 2012 14:54, villas vill...@gmail.com javascript:wrote: There are functions for this, but what is wrong with the existing 'remember me' mechanism in Auth? On Thursday, September 20, 2012 7:17:05 PM UTC+1, Abhishek Gupta wrote: Are there any function in web2py which can help me in creating the user, and doing the automatic bare login as in this case? - abhishek On 20 September 2012 14:14, Leonel Câmara leonel...@gmail.com wrote: I guess you could programatically create a dummy user account and then retrieve it and auto login using data on the session. Quinta-feira, 20 de Setembro de 2012 3:22:23 UTC+1, Abhishek Gupta escreveu: Hi First of all, a lot of thanks for such an awesome piece of software. I am working on a website where I need to implement cookie based logon quite similar to the system described here http://www.phpnerds.com/**a** rticle/using-cookies-in-php/2http://www.phpnerds.com/article/using-cookies-in-php/2 ** **in php. The idea is simple. When a user clicks on Explore button for the first time, a cookie is set on his computer with an expiry date far away. And he goes through the sign up process. Whenever users clicks on the button for the next time the cookie is retrieved and used to authenticate user finally leading him to log in. I am comfortable with handling cookies in web2py but I am not able to understand how can I integrate with existing sign in process (my website uses facebook and google based sign in forms too with this). Thanks in advance Abhishek -- -- --
[web2py] Re: Very intro question on logging: where is the console output?
nowhere if the output isn't redirected to some file. Console means standard output + standard error, you see it only if you're running on terminal (unix, mac) or Dos prompt (Windows). That's why usually production apps log something directly to a file or to a database. On Thursday, September 20, 2012 11:20:10 PM UTC+2, monotasker wrote: Ok, this reveals the depth of my ignorance. The logging.example.conf file is set up to output logs to console. What is that? If I'm trying to log things running on a remote server, where do I access this console? Thanks. --
[web2py] Re: bingbot and response varible
Tried a few tricks from here (don't get worried if you see incoming requests from 79.44.146.*) and no response.canonical_meta_url clue received. Did you post a sitemap somewhere or are they becoming reay reay invadent :D ? --
[web2py] Re: Very intro question on logging: where is the console output?
Great, thanks. I was getting confused with php and javascript logging, where the 'console' often refers to something like firebug's error console. On Thursday, September 20, 2012 5:45:00 PM UTC-4, Niphlod wrote: nowhere if the output isn't redirected to some file. Console means standard output + standard error, you see it only if you're running on terminal (unix, mac) or Dos prompt (Windows). That's why usually production apps log something directly to a file or to a database. On Thursday, September 20, 2012 11:20:10 PM UTC+2, monotasker wrote: Ok, this reveals the depth of my ignorance. The logging.example.conf file is set up to output logs to console. What is that? If I'm trying to log things running on a remote server, where do I access this console? Thanks. --
[web2py] Migrating from CGI Script
I'm migrating a CGI script file to Web2py and I need to be able to receive form posts from another page because the CGI script received a form posted from a webserver that *cannot *be migrated to Web2py, unfortunately. Here's the form section: form id=SubmitSiteForReview method=post enctype=multipart/form-data action=https://web2pyserver/reporter/blockpage/submit_site; ... /form In the original CGI script, I got the form values with cgi.FieldStorage() site_submit_form = cgi.FieldStorage() site = cgi.escape(site_submit_form.getfirst('submit_url', 'Form error, no URL provided')) reason = cgi.escape(site_submit_form.getfirst('submit_reasons', 'Form error, no Reason given')) reasongiven = cgi.escape(site_submit_form.getfirst('submit_reasongiven', 'Form error, no polite reason given')) categories = cgi.escape(site_submit_form.getfirst('submit_categories', 'N/A' )) ip = cgi.escape(site_submit_form.getfirst('submit_ip', 'IP address not supplied')) So, I went to use the same code in a web2py controller: def submit_site(): import cgi siteform = cgi.FieldStorage() site = cgi.escape(siteform.getfirst('submit_url', 'Form error, no URL provided')) reason = cgi.escape(siteform.getfirst('submit_reasons', 'Form error, no Reason given')) reasongiven = cgi.escape(siteform.getfirst('submit_reasongiven', 'Form error, no polite reason given')) categories = cgi.escape(siteform.getfirst('submit_categories', 'N/A')) ip = cgi.escape(siteform.getfirst('submit_ip', 'IP address not supplied' )) return dict(site = site, reason = reason, reasongiven = reasongiven,categories = categories, ip = ip) But the default values are returned. How can web2py receive form input from a non-web2py web page? --
[web2py] Re: How to allow Image Upload and Border Selection preview before saving to permanent table
Hello Web2py_Superfan, .. i wanted to contact you directly .. but ... I am just replying to you on here and hopefully ... you will be able to follow up with any pointers ! I have a similar situation ... pertaining to previewing the image before committing to the db.table. upload field !! when a user is filling out a form and have the option to upload his picture ! I am having serious difficulty adapting various scripts to web2py ... I want the user to be able to preview the image before submitting .. did you have any success with your endeavour ??? did you end up adapting the Ajax Upload from Zurb playgound to web2py ... ? .. I have tried it myself ... with no luck ! ... This is obviously a javascript question ... did you succeed ? .. if yes ... can you share ? .. thank you in advance !! I have also checkout this script ffrom this link : http://blueimp.github.com/jQuery-File-Upload/ for the preview image capability upon filling out a form before submitting ... ( this one with jquery is a very full featured one .. too big .. I happen not to need a whole bunch of stuff from it ... by isolating what I needed the upload, resize preview image but .. I could not make it work either I am still scratching my head with this .. I am looking for a simple solution to previewing an image after I resize it to fit ! ... I want it to work with all browsers if possible .. offcourse ! the whole thing works .. but I still cannot let the user preview his pic on the form before submit !! .. they get to see it only after !! . .and that bothers me !! please advise Don --
[web2py] Re: Migrating from CGI Script
have you tried simply printing request.post_vars in submit_site() and see what it does contain? --
[web2py] Re: Migrating from CGI Script
Hah! There they are. I guess I need to do some more reading on the request attributes. Thanks Niphlod. On Thursday, September 20, 2012 8:03:20 PM UTC-4, Niphlod wrote: have you tried simply printing request.post_vars in submit_site() and see what it does contain? --
[web2py] Re: Very intro question on logging: where is the console output?
I use this for logging which I found here awhile back: def _init_log(): import os,logging,logging.handlers,time logger = logging.getLogger(request.application) logger.setLevel(logging.INFO) handler = logging.handlers.RotatingFileHandler(os.path.join( request.folder,'logs','applog.log'),'a',1024*1024,1) handler.setLevel(logging.INFO) #or DEBUG handler.setFormatter(logging.Formatter( '%(asctime)s %(levelname)s %(filename)s %(lineno)d %(funcName)s(): %(message)s')) logger.addHandler(handler) return logger app_logging = cache.ram('app_wide_log',lambda:_init_log(),time_expire=None) Then in your code: app_logging.info('log this info') On Thursday, September 20, 2012 3:13:51 PM UTC-7, monotasker wrote: Great, thanks. I was getting confused with php and javascript logging, where the 'console' often refers to something like firebug's error console. On Thursday, September 20, 2012 5:45:00 PM UTC-4, Niphlod wrote: nowhere if the output isn't redirected to some file. Console means standard output + standard error, you see it only if you're running on terminal (unix, mac) or Dos prompt (Windows). That's why usually production apps log something directly to a file or to a database. On Thursday, September 20, 2012 11:20:10 PM UTC+2, monotasker wrote: Ok, this reveals the depth of my ignorance. The logging.example.conf file is set up to output logs to console. What is that? If I'm trying to log things running on a remote server, where do I access this console? Thanks. --
[web2py] Invalid syntax when compiling HTML helper code
I'm receiving an invalid syntax error when running from Windows. I do not receive the error when running the same code from my Webfaction account on CentOS. The error appears to be related to compiling of the code. I assume the compile code is taking issue with the HTML helper functions which allow _myattribute=Value to be translated into the HTML myattribute=Value. Am I just missing something simple? This has been driving me crazy. Thanks, Mike Traceback (most recent call last): File M:\My Documents\EstateCommander\web2py\gluon\restricted.py, line 208, in restricted ccode = compile2(code,layer) File M:\My Documents\EstateCommander\web2py\gluon\restricted.py, line 193, in compile2 return compile(code.rstrip().replace('\r\n','\n')+'\n', layer, 'exec') File C:/Users/Mike/Documents/My Dropbox/EstateCommander/web2py/applications/estate/controllers/forms.py http://127.0.0.1:8000/admin/default/edit/estate/controllers/forms.py, line 15 table = TABLE(*rows, _border=0, _align=center, _width=50%) ^ SyntaxError: invalid syntax P.S. I tried applying the html_helpers tag to this post but kept receiving the error message: An error (#357) occurred while communicating with the server. After some quick googling it appears google groups does not like underscores in tags; hyphens seem to work though (source http://productforums.google.com/d/msg/business/yB5ZDsz2r6c/2keMj8SYKaIJ) I've also been having this problem when trying to create a [NEW POST] from the web interface. (The welcome message is only 4 words long!) After about an hour of banging my head against the wall, it turns out that the problem was with the Tags having 2 words and certain characters. Examples of Tags that worked, didn't work: Tag - Result - milk/honey - Not OK Error Message 357 milk_honey - Not OK Error Message 357 milk-honey - OK, Message Posted ( no tag ) - OK, Message Posted So, there you go. --
[web2py] Re: database locked SQLITE
I was experiencing the same problem, adding db.commit() after my insert statements fixed it. --
Re: [web2py] Re: get by date interval
Hi all, Since this issue was fixed. Could you please let me know how to log all sql statements executed by the DAL? Thanks a lot, Son Tran On Thursday, March 31, 2011 5:35:18 AM UTC+7, David Warnock wrote: Massimo, I agree. Please open a googlecode issue and I will try add this next week. Great, thanks. Issue 226: http://code.google.com/p/web2py/issues/detail?id=226 Dave PS It would be good to have a more obvious link to google code on the website. Maybe a page for Developers with details about the source code etc. -- Dave Warnock: http://42.blogs.warnock.me.uk Cycling Blog: http://42bikes.warnock.me.uk --
[web2py] Syntax Error when compiling html helpers with attributes
I receive the following traceback when trying to run some pretty straightforward code: Traceback (most recent call last): File M:\My Documents\EstateCommander\web2py\gluon\restricted.py, line 208, in restricted ccode = compile2(code,layer) File M:\My Documents\EstateCommander\web2py\gluon\restricted.py, line 193, in compile2 return compile(code.rstrip().replace('\r\n','\n')+'\n', layer, 'exec') File C:/Users/Mike/Documents/My Dropbox/EstateCommander/web2py/applications/estate/controllers/forms.py http://127.0.0.1:8000/admin/default/edit/estate/controllers/forms.py, line 15 table = TABLE(*rows, _border='0', _align=center, _width=50%) ^ SyntaxError: invalid syntax This is only an error on Windows. The code runs fine on CentOS (Webfaction). Am I missing something here? Here's the full context of the erroring line in case that might help: # create a small table with some data: rows = [THEAD(TR(TH(Key,_width=70%), TH(Value,_width=30%))), TBODY(TR(TD(Hello),TD(60)), TR(TD(World),TD(40)))] table = TABLE(*rows, _border='0', _align=center, _width=50%) --
Re: [web2py] Re: vimeo and auth.wiki
To use css you just define styles normally in the css files you include in your view (probably layout or other parent view) or even, if you prefer, in a style tag, they may need to override the default ones and for this you have to consider the css precedence rules but a good rule of thumb is that the more specific you are with your css selectors the more it's likely that you'll get what you want. To be able to use the function I provided just put it somewhere in the model and you'll be able to call it from anywhere, although the css approach is certainly something you could/should try depending on what you want. Quinta-feira, 20 de Setembro de 2012 19:26:10 UTC+1, mweissen escreveu: *Massimo*: auth.wiki is great! I have copied http://vimeo.com/8952354 to a page. Ok, it works fine, but the picture is bigger than the page and I have to scroll. Therefore I want to adjust the width. Using CSS: sorry, I did not understand how to use CSS together with a wiki page. Are there special classes? *Leonel*: Thank you this idea. But how can I call a function from a wiki page? 2012/9/20 Massimo Di Pierro massimo@gmail.com javascript: You can still define your own extension but the the suggested behavior is designed to be more intuitive and leave the width and height size to the CSS. On Thursday, 20 September 2012 09:35:06 UTC-5, Leonel Câmara wrote: Well but it should be possible. Here's how it could be done def vimeo(code, width=400, height=250): ## Embeds a vimeo video (by code) - ``code`` is the code of the video - ``width`` is the width you want the video to have - ``height`` is the height you want the video to have return XML(iframe src=http://player.vimeo.com/**video/%(code)s width=%(width)s height=%(height)s frameborder=0 webkitAllowFullScreen mozallowfullscreen allowFullScreen/iframe % dict(code=code, width=width, height=height)) Quinta-feira, 20 de Setembro de 2012 14:31:31 UTC+1, Massimo Di Pierro escreveu: You simply cut and paste a link to the video in the text as below: http://vimeo.com/8952354 You cannot choose width and height. Vimeo choses that for you. On Thursday, 20 September 2012 07:46:43 UTC-5, mweissen wrote: I want to embedd a vimeo video in a auth.wiki page. In the plugin_wiki I had to write for example *``* *name: vimeo* *code: 8952354 * *width: 533* *height: 400* *``:widget* How can I do the same in auth.wiki? Regards, Martin --