[web2py] pygraphviz library not found (site5 webhosting)
Hi everybody, I am running web2py 2.4.7 on site5 webhosting and I recently run into the following issue: I would like to use 'graph model' feature but pygraphviz is not available on the site5 servers. I've installed graphviz in my home directory and also pygraphviz using easy_install. Problem is appadmin still says 'pygraphviz library not found'. When I start interactive console (python2.6 web2py.py -S app -M) and run 'import pygraphviz', library is loaded. Could you please advise where is the problem? Thank you, Tomas -- --- You received this message because you are subscribed to the Google Groups web2py-users group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
[web2py] Re: response.flash is going to center in web2py 2.4.7
yes, i see the flash is on the center (test on 1024x768 on centos and lubuntu). btw, thank you for the explaination. best regards -- --- You received this message because you are subscribed to the Google Groups web2py-users group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
[web2py] Re: web2py 2.4.7 admin Recent Tweets not loaded
thank you so much for your fast response massimo. btw, i think the code is not error, if i'm not wrong when i tested it using my own twitter account, if you have posted tweet more than 2 days then the posted is not appear. best regards On Friday, May 31, 2013 9:15:59 PM UTC+7, Massimo Di Pierro wrote: I think it is better this way. That should be for security updates and new releases. I will do a better job at posting more news. If something is important I can re-tweet. It is not there for a social purpose. Yet this is open for discussion. On Friday, 31 May 2013 08:44:29 UTC-5, Paolo valleri wrote: Hi, now it seems to work but it is different than the former implementation, namely the current shows only tweets posted by the user web2py, however the most recent one is more than two months old. As is I don't see this so useful, actually It is a matter of communication and which information we want to spread from the admin page. Paolo On Friday, May 31, 2013 3:19:27 PM UTC+2, Massimo Di Pierro wrote: Done. in trunk. On Thursday, 30 May 2013 22:39:10 UTC-5, 黄祥 wrote: hi, just want to report that web2py 2.4.7 admin Recent Tweets not loaded. error: Unable to download because: local variable 'r' referenced before assignment applications/admin/controllers/default.py def twitter(): session.forget() session._unlock(response) import gluon.tools import gluon.contrib.simplejson as sj try: if TWITTER_HASH: page = urllib.urlopen( http://search.twitter.com/search.json?q=%%40%s; % TWITTER_HASH).read() data = sj.loads(page, encoding=utf-8)['results'] d = dict() *r = []* for e in data: d[e[id]] = e r = reversed(sorted(d)) return dict(tweets=[d[k] for k in r]) else: return 'disabled' except Exception, e: return DIV(T('Unable to download because:'), BR(), str(e)) ref: https://groups.google.com/forum/?fromgroups#!topic/web2py/rtUZeamzXp8 error is gone and also not showing any tweets if i'm not wrong twitter api had already deprecated, imho, if you want to use twitter tweets please use the embeded one provide by twitter (timelines, tweets, etc) ref: https://dev.twitter.com/ please correct and forgive me if i'm wrong best regards -- --- You received this message because you are subscribed to the Google Groups web2py-users group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [web2py] Re: Random, wrong strings in Content-Type Response header for .css
wonderful, thanks for checking that out. On Saturday, June 1, 2013 6:02:40 AM UTC+2, Andriy wrote: Yes, *^/([^/]+)/static/(?:_[\d]+.[\d]+.[\d]+/)?(.*)* works. -- --- You received this message because you are subscribed to the Google Groups web2py-users group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
[web2py] Re: Nested dictionaries / JSON to nested HTML-lists
Thank you so much for your help - I was twisting my head around the nested recursing :-) Since I just use this one-line-tree-codehttps://gist.github.com/hrldcpr/2012250 to create my structure, modifying it proved difficult. I got it to work based on your code by checking the length of the dictionaries instead of using isinstance and items() instead of iteritems() since I'm using defaultdictionaries. Best regards! -- --- You received this message because you are subscribed to the Google Groups web2py-users group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
[web2py] Re: Ajax-form-submission: pass ALL form-elements
Excellent, thanks! I think this should go into the documentation! Am Freitag, 31. Mai 2013 22:21:01 UTC+2 schrieb Niphlod: see https://groups.google.com/forum/?fromgroups=#!searchin/web2py/ajax$20anthony/web2py/sYFJWdLoO3g/V-g6KB6XfqYJ -- --- You received this message because you are subscribed to the Google Groups web2py-users group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [web2py] Re: psycopg2 or pg8000
I don't get errors nor any difference: db = DAL('postgres:pg8000://reingart:1234@localhost/pg8000',pool_size=1,check_reserved=['all']) db.define_table('thing',Field('name')) def test1(): value = r\' id = db.thing.insert(name=value) value = db(db.thing.id==id).select().first().name return dict(id=id, value=value, lenght=len(value), adapter=db._adapter.__version__) def test2(): id = db.thing.insert(name='%') value = db(db.thing.id==id).select().first().name return dict(id=id, value=value, lenght=len(value), adapter=db._adapter.__version__) def test3(): id = db.thing.insert(name='%%') value = db(db.thing.id==id).select().first().name return dict(id=id, value=value, lenght=len(value), adapter=db._adapter.__version__) Test1 adapter:gluon.contrib.pg8000.dbapi 1.10 id:14L lenght:2 value:\' Test2 adapter:gluon.contrib.pg8000.dbapi 1.10 id:15L lenght:1 value:% Test3 adapter:gluon.contrib.pg8000.dbapi 1.10 id:16L lenght:2 value:%% I'm missing something? Regards Mariano Reingart http://www.sistemasagiles.com.ar http://reingart.blogspot.com On Sat, Jun 1, 2013 at 1:39 AM, Massimo Di Pierro massimo.dipie...@gmail.com wrote: Can you try this? With postgres and pg8000 db.define_table('thing',Field('name')) value = r\' db.thing.insert(name=value) It should insert the thing but I suspect you will get an error You can also try: id = db.thing.insert(name='%') print db.thing[id].name do you get '%' or '%%'? Massimo On Thursday, 30 May 2013 17:05:30 UTC-5, Mariano Reingart wrote: Hi Massimo, do you have a link to the SQL injection issue? I couldn't reproduce it, nor the communication problem (there were an out of sync statement issue under high loads, IIRC) BTW, I was given access to the pg8000 official repository (now it is being maintained again), so I'm planning to merge my version with the latest updates (including some performance enhancements). Joe: I attended the pypy tutorial at PyCon US 2012, seeking to speed up pg8000 without luck. Not only there was no improvement, also I got stuck by a pypy unsuported feature in Windows. Maybe pypy has better support now, maybe the new enhancements in pg8000 are better for its JIT compiler. If you just have to upload a CSV file, see the COPY statement, it is unbeatable. Best regards, Mariano Reingart http://www.sistemasagiles.com.ar http://reingart.blogspot.com On Thu, May 30, 2013 at 6:33 PM, Massimo Di Pierro massimo@gmail.com wrote: Mind I have security concern about pg8000. It is vulnerable to SQL injections in web2py. On Thursday, 30 May 2013 14:41:55 UTC-5, Joe Barnhart wrote: I have just tried both drivers -- but in an apples-and-oranges comparison. I used pg8000 with pypy and web2py because it is pure Python and can be used with pypy. I used psycopg2 with python 2.7 on the same database and application. My application begins with a bulk-load of a CSV file. The file has about 450,000 records of about 10 fields each. Inserting the file using psycopg2 and python 2.7 took about 4-5 minutes on a quad-core i7 iMac. The memory used was about 20M for postgres (largest thread) and about an equal amount for python. The task was handled by the web2py scheduler. The pypy-pg8000 version of the file load took almost an hour, but that is deceptive. The problem is that it overwhelmed the 12GB of memory in the computer. Both the pypy task and the postgres task ran amok with memory requirements. The postgres task took 8GB and forced the computer into swapping, killing the response time. Pypy is known for being somewhat of a memory hog (I was trying version 2.0.2). It worked darned well in web2py, with this being the only problem I encountered. Since my code heavily relies on modules, the speedup was noticible using pypy. Some of my longer tasks include creating pdf files and this took about 1/3 to 1/5 the time under pypy as compared to cpython 2.7.1. I know this is not an accurate comparison (because of the pypy component), but the runaway memory use of postgres under pg8000 concerned me so I thought I'd mention it. -- Joe B. On Wednesday, May 1, 2013 4:59:26 PM UTC-7, Marco Tulio wrote: Are there any advantages on one or another or are they basically the same thing? I'm using psycopg2 atm. -- []'s Marco Tulio -- --- You received this message because you are subscribed to the Google Groups web2py-users group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+un...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out. -- --- You received this message because you are subscribed to the Google Groups web2py-users group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options,
[web2py] Very nice DataGrid for Twitter Boostrap ...
http://o5.github.io/grido-sandbox/ live example is here http://grido.bugyik.cz/example/ -- --- You received this message because you are subscribed to the Google Groups web2py-users group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
[web2py] Re: pygraphviz library not found (site5 webhosting)
Are you using web2py source? On Saturday, 1 June 2013 02:36:09 UTC-5, Tomáš Slobodník wrote: Hi everybody, I am running web2py 2.4.7 on site5 webhosting and I recently run into the following issue: I would like to use 'graph model' feature but pygraphviz is not available on the site5 servers. I've installed graphviz in my home directory and also pygraphviz using easy_install. Problem is appadmin still says 'pygraphviz library not found'. When I start interactive console (python2.6 web2py.py -S app -M) and run 'import pygraphviz', library is loaded. Could you please advise where is the problem? Thank you, Tomas -- --- You received this message because you are subscribed to the Google Groups web2py-users group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [web2py] Re: psycopg2 or pg8000
Looks like I am wrong and there is no problem with pg8000. On Saturday, 1 June 2013 09:09:54 UTC-5, Mariano Reingart wrote: I don't get errors nor any difference: db = DAL('postgres:pg8000://reingart:1234@localhost/pg8000',pool_size=1,check_reserved=['all']) db.define_table('thing',Field('name')) def test1(): value = r\' id = db.thing.insert(name=value) value = db(db.thing.id==id).select().first().name return dict(id=id, value=value, lenght=len(value), adapter=db._adapter.__version__) def test2(): id = db.thing.insert(name='%') value = db(db.thing.id==id).select().first().name return dict(id=id, value=value, lenght=len(value), adapter=db._adapter.__version__) def test3(): id = db.thing.insert(name='%%') value = db(db.thing.id==id).select().first().name return dict(id=id, value=value, lenght=len(value), adapter=db._adapter.__version__) Test1 adapter:gluon.contrib.pg8000.dbapi 1.10 id:14L lenght:2 value:\' Test2 adapter:gluon.contrib.pg8000.dbapi 1.10 id:15L lenght:1 value:% Test3 adapter:gluon.contrib.pg8000.dbapi 1.10 id:16L lenght:2 value:%% I'm missing something? Regards Mariano Reingart http://www.sistemasagiles.com.ar http://reingart.blogspot.com On Sat, Jun 1, 2013 at 1:39 AM, Massimo Di Pierro massimo@gmail.com javascript: wrote: Can you try this? With postgres and pg8000 db.define_table('thing',Field('name')) value = r\' db.thing.insert(name=value) It should insert the thing but I suspect you will get an error You can also try: id = db.thing.insert(name='%') print db.thing[id].name do you get '%' or '%%'? Massimo On Thursday, 30 May 2013 17:05:30 UTC-5, Mariano Reingart wrote: Hi Massimo, do you have a link to the SQL injection issue? I couldn't reproduce it, nor the communication problem (there were an out of sync statement issue under high loads, IIRC) BTW, I was given access to the pg8000 official repository (now it is being maintained again), so I'm planning to merge my version with the latest updates (including some performance enhancements). Joe: I attended the pypy tutorial at PyCon US 2012, seeking to speed up pg8000 without luck. Not only there was no improvement, also I got stuck by a pypy unsuported feature in Windows. Maybe pypy has better support now, maybe the new enhancements in pg8000 are better for its JIT compiler. If you just have to upload a CSV file, see the COPY statement, it is unbeatable. Best regards, Mariano Reingart http://www.sistemasagiles.com.ar http://reingart.blogspot.com On Thu, May 30, 2013 at 6:33 PM, Massimo Di Pierro massimo@gmail.com wrote: Mind I have security concern about pg8000. It is vulnerable to SQL injections in web2py. On Thursday, 30 May 2013 14:41:55 UTC-5, Joe Barnhart wrote: I have just tried both drivers -- but in an apples-and-oranges comparison. I used pg8000 with pypy and web2py because it is pure Python and can be used with pypy. I used psycopg2 with python 2.7 on the same database and application. My application begins with a bulk-load of a CSV file. The file has about 450,000 records of about 10 fields each. Inserting the file using psycopg2 and python 2.7 took about 4-5 minutes on a quad-core i7 iMac. The memory used was about 20M for postgres (largest thread) and about an equal amount for python. The task was handled by the web2py scheduler. The pypy-pg8000 version of the file load took almost an hour, but that is deceptive. The problem is that it overwhelmed the 12GB of memory in the computer. Both the pypy task and the postgres task ran amok with memory requirements. The postgres task took 8GB and forced the computer into swapping, killing the response time. Pypy is known for being somewhat of a memory hog (I was trying version 2.0.2). It worked darned well in web2py, with this being the only problem I encountered. Since my code heavily relies on modules, the speedup was noticible using pypy. Some of my longer tasks include creating pdf files and this took about 1/3 to 1/5 the time under pypy as compared to cpython 2.7.1. I know this is not an accurate comparison (because of the pypy component), but the runaway memory use of postgres under pg8000 concerned me so I thought I'd mention it. -- Joe B. On Wednesday, May 1, 2013 4:59:26 PM UTC-7, Marco Tulio wrote: Are there any advantages on one or another or are they basically the same thing? I'm using psycopg2 atm. -- []'s Marco Tulio -- --- You received this message because you are subscribed to the Google Groups
[web2py] Re: Very nice DataGrid for Twitter Boostrap ...
Indeed! thanks for posting. On Saturday, 1 June 2013 13:52:40 UTC-5, David Marko wrote: http://o5.github.io/grido-sandbox/ live example is here http://grido.bugyik.cz/example/ -- --- You received this message because you are subscribed to the Google Groups web2py-users group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
[web2py] web2py Safety discussion
Hi, Overall web2py is pretty save as far as I know. https://scanmyserver.com/ shows for my web2py app 6 low priority risks. As far as I'm concerned they are very low priority but since I startet to record all errors (code 400 404 500) in an database table I get a little concerned since my very small site gets on some days 20 attacks. They are pretty premitive as far as I can tell. Trying to call admin page or /wp-login ... trying to add code after the url... So my concern is not the site itself but the appadmin. It is only protected by a password and as far as I can tell there is no brute force protection like a timeout after 3 or five misspelled passwords. I don't know if I'm just paranoid but I can't record if there are attemps to access appadmin and there is no timeout for the password. I would welcome your thoughts on this issue. -- --- You received this message because you are subscribed to the Google Groups web2py-users group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
[web2py] Re: Very nice DataGrid for Twitter Boostrap ...
Requires Nette Framework 2.0 (PHP 5.3) http://nette.org I guess it can be adapted, but pity they don't advertise and promote it as 'independent'. -- --- You received this message because you are subscribed to the Google Groups web2py-users group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
[web2py] Re: web2py Safety discussion
These are serious concerns. The safest option is to block admin+appdamin simply by not providing a password. Another open option is to configure the web server to only accept admin connections from localhost and require an ssh tunnel otherwise. The problem with adding timeout after 3 misspelled passwords is that it does not solve the problem and creates more. In order to know that repeated failures come from the same client we need to store the IP of attempted logins. This opens the door to DoS attacks. We could add a 5 sec delay to all failed logins but attempts are not sequential and may be carried by different threads. We double add a 5 sec delay to all failed logins and force the server to serialize all login attempts. This may also open the door to DoS. There is no solution which is obviously better than others. What would you suggest? Massimo On Saturday, 1 June 2013 15:55:53 UTC-5, BlueShadow wrote: Hi, Overall web2py is pretty save as far as I know. https://scanmyserver.com/shows for my web2py app 6 low priority risks. As far as I'm concerned they are very low priority but since I startet to record all errors (code 400 404 500) in an database table I get a little concerned since my very small site gets on some days 20 attacks. They are pretty premitive as far as I can tell. Trying to call admin page or /wp-login ... trying to add code after the url... So my concern is not the site itself but the appadmin. It is only protected by a password and as far as I can tell there is no brute force protection like a timeout after 3 or five misspelled passwords. I don't know if I'm just paranoid but I can't record if there are attemps to access appadmin and there is no timeout for the password. I would welcome your thoughts on this issue. -- --- You received this message because you are subscribed to the Google Groups web2py-users group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [web2py] web2py Safety discussion
How the ssh tunnel is probably the best and only real secure option. If anyone can point me towards a tutorial for this would be awesome. Thinking about another solution: how about adding a username. This would make bruteforce even harder. As far as my novice knowlege goes server like apache and nginx... record all requests. Writing a script catching all requests to appadmin login shouldn t be to hard to write. Now one could use a cronjob to check that list every 5 min for example. If the login page is called more than 5 times: block access to appadmin for 20 min. Those are just my thoughts i havent tested any of this. And Im not sure if it would work. Am 01.06.2013 22:56 schrieb BlueShadow kevin.bet...@gmail.com: Hi, Overall web2py is pretty save as far as I know. https://scanmyserver.com/shows for my web2py app 6 low priority risks. As far as I'm concerned they are very low priority but since I startet to record all errors (code 400 404 500) in an database table I get a little concerned since my very small site gets on some days 20 attacks. They are pretty premitive as far as I can tell. Trying to call admin page or /wp-login ... trying to add code after the url... So my concern is not the site itself but the appadmin. It is only protected by a password and as far as I can tell there is no brute force protection like a timeout after 3 or five misspelled passwords. I don't know if I'm just paranoid but I can't record if there are attemps to access appadmin and there is no timeout for the password. I would welcome your thoughts on this issue. -- --- You received this message because you are subscribed to a topic in the Google Groups web2py-users group. To unsubscribe from this topic, visit https://groups.google.com/d/topic/web2py/1hnFerQ0FJo/unsubscribe?hl=en. To unsubscribe from this group and all its topics, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out. -- --- You received this message because you are subscribed to the Google Groups web2py-users group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [web2py] web2py Safety discussion
I think we're already limiting admin to 5 failed logins per IP address per hour: https://code.google.com/p/web2py/source/browse/applications/admin/models/access.py#62 Anthony On Saturday, June 1, 2013 5:28:03 PM UTC-4, BlueShadow wrote: How the ssh tunnel is probably the best and only real secure option. If anyone can point me towards a tutorial for this would be awesome. Thinking about another solution: how about adding a username. This would make bruteforce even harder. As far as my novice knowlege goes server like apache and nginx... record all requests. Writing a script catching all requests to appadmin login shouldn t be to hard to write. Now one could use a cronjob to check that list every 5 min for example. If the login page is called more than 5 times: block access to appadmin for 20 min. Those are just my thoughts i havent tested any of this. And Im not sure if it would work. Am 01.06.2013 22:56 schrieb BlueShadow kevin@gmail.comjavascript: : Hi, Overall web2py is pretty save as far as I know. https://scanmyserver.com/shows for my web2py app 6 low priority risks. As far as I'm concerned they are very low priority but since I startet to record all errors (code 400 404 500) in an database table I get a little concerned since my very small site gets on some days 20 attacks. They are pretty premitive as far as I can tell. Trying to call admin page or /wp-login ... trying to add code after the url... So my concern is not the site itself but the appadmin. It is only protected by a password and as far as I can tell there is no brute force protection like a timeout after 3 or five misspelled passwords. I don't know if I'm just paranoid but I can't record if there are attemps to access appadmin and there is no timeout for the password. I would welcome your thoughts on this issue. -- --- You received this message because you are subscribed to a topic in the Google Groups web2py-users group. To unsubscribe from this topic, visit https://groups.google.com/d/topic/web2py/1hnFerQ0FJo/unsubscribe?hl=en. To unsubscribe from this group and all its topics, send an email to web2py+un...@googlegroups.com javascript:. For more options, visit https://groups.google.com/groups/opt_out. -- --- You received this message because you are subscribed to the Google Groups web2py-users group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
[web2py] is this a new feature?
Hi, As i remember, one year ago, I had to include the referenced table in the query, so that it can be used in the select. now, 2.4.7, there is no need to mention the referenced tables in the query. Am i right or am i missing something? Regards, Ashraf -- --- You received this message because you are subscribed to the Google Groups web2py-users group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [web2py] web2py Safety discussion
oops. Had forgotten about that. Thanks Anthony. Looking at the code again. That stores login attempts in a file, not in DB: deny_file = os.path.join(request.folder, 'private', 'hosts.deny') On Saturday, 1 June 2013 16:38:57 UTC-5, Anthony wrote: I think we're already limiting admin to 5 failed logins per IP address per hour: https://code.google.com/p/web2py/source/browse/applications/admin/models/access.py#62 Anthony On Saturday, June 1, 2013 5:28:03 PM UTC-4, BlueShadow wrote: How the ssh tunnel is probably the best and only real secure option. If anyone can point me towards a tutorial for this would be awesome. Thinking about another solution: how about adding a username. This would make bruteforce even harder. As far as my novice knowlege goes server like apache and nginx... record all requests. Writing a script catching all requests to appadmin login shouldn t be to hard to write. Now one could use a cronjob to check that list every 5 min for example. If the login page is called more than 5 times: block access to appadmin for 20 min. Those are just my thoughts i havent tested any of this. And Im not sure if it would work. Am 01.06.2013 22:56 schrieb BlueShadow kevin@gmail.com: Hi, Overall web2py is pretty save as far as I know. https://scanmyserver.com/ shows for my web2py app 6 low priority risks. As far as I'm concerned they are very low priority but since I startet to record all errors (code 400 404 500) in an database table I get a little concerned since my very small site gets on some days 20 attacks. They are pretty premitive as far as I can tell. Trying to call admin page or /wp-login ... trying to add code after the url... So my concern is not the site itself but the appadmin. It is only protected by a password and as far as I can tell there is no brute force protection like a timeout after 3 or five misspelled passwords. I don't know if I'm just paranoid but I can't record if there are attemps to access appadmin and there is no timeout for the password. I would welcome your thoughts on this issue. -- --- You received this message because you are subscribed to a topic in the Google Groups web2py-users group. To unsubscribe from this topic, visit https://groups.google.com/d/topic/web2py/1hnFerQ0FJo/unsubscribe?hl=en. To unsubscribe from this group and all its topics, send an email to web2py+un...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out. -- --- You received this message because you are subscribed to the Google Groups web2py-users group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
[web2py] Re: is this a new feature?
? On Saturday, 1 June 2013 17:20:31 UTC-5, webpypy wrote: Hi, As i remember, one year ago, I had to include the referenced table in the query, so that it can be used in the select. now, 2.4.7, there is no need to mention the referenced tables in the query. Am i right or am i missing something? Regards, Ashraf -- --- You received this message because you are subscribed to the Google Groups web2py-users group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
[web2py] Beginning advice
I am new to web2py and python programming so bear with me. As a learning project (career change) I am trying to build a useful app based on my current skill set. I Would like to know if I am going in the right direction or is there an easier way? This a synopsis of what I want to model. Lets look at the process. 1. List of issue's. Everyone places weight / ranking on each issue 3. Weighting is based on a scale from 1 - 5 Average the weighting and develop a stack ranking=(average score) with (count votes) participants 4. Objectives is a child of Issue table. (comments, ranking, discussions etc..) 5. Action is a child of objectives (comments, ranking, discussions etc..) Develop a checkpoint / dashboard to monitor the activity votes/posts etc.. (possible social signals aka twitter, google news, etc..) Question is should I go with separate table for each or what would be the most robust for future expansion? Such as DB = Issues DB = Objectives DB = Actions DB = Ranking if so how do I do the linking etc.. I have messed around with the Fieldhttps://127.0.1.1/examples/global/vars/Field ('obj_parent', type='reference major_issues', notnull=True, label=Thttps://127.0.1.1/examples/global/vars/T ('Obj Parent')), but not quite understanding how to move forward with the views / reports aka do I use smartgrid vs a query etc.. Please be gentle :) I have been using web2py for 2 days. Thanks in advance Darin -- --- You received this message because you are subscribed to the Google Groups web2py-users group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [web2py] Re: psycopg2 or pg8000
The books Learning Python in chapter Execution Optimization Tools pag.30 ...Execution Optimization Tools CPython, Jython, and IronPython all implement the Python language in similar ways: by compiling source code to byte code and executing the byte code on an appropriate virtual machine. Still other systems, including the Psyco just-in-time compiler and the Shedskin C++ translator, instead attempt to optimize the basic execution model. These systems are not required knowledge at this point in your Python career, but a quick look at their place in the execution model might help demystify the model in general. The Psyco just-in-time compiler The Psyco system is not another Python implementation, but rather a component that extends the byte code execution model to make programs run faster. In terms of Figure 2-2, Psyco is an enhancement to the PVM that collects and uses type information while the program runs to translate portions of the program’s byte code all the way down to real binary machine code for faster execution. Psyco accomplishes this † Jython and IronPython are completely independent implementations of Python that compile Python source for different runtime architectures. It is also possible to access Java and .NET software from standard CPython programs: JPype and Python for .NET systems, for example, allow CPython code to call out to Java and .NET components. Translation without requiring changes to the code or a separate compilation step during development. Roughly, while your program runs, Psyco collects information about the kinds of objects being passed around; that information can be used to generate highly efficient machine code tailored for those object types. Once generated, the machine code then replaces the corresponding part of the original byte code to speed your program’s overall execution. The net effect is that, with Psyco, your program becomes much quicker over time and as it is running. In ideal cases, some Python code may become as fast as compiled C code under Psyco. Because this translation from byte code happens at program runtime, Psyco is generally known as a just-in-time (JIT) compiler. Psyco is actually a bit different from the JIT compilers some readers may have seen for the Java language, though. Really, Psyco is a specializing JIT compiler—it generates machine code tailored to the data types that your program actually uses. For example, if a part of your program uses different data types at different times, Psyco may generate a different version of machine code to support each different type combination. Psyco has been shown to speed Python code dramatically. According to its web page, Psyco provides “2x to 100x speed-ups, typically 4x, with an unmodified Python interpreter and unmodified source code, just a dynamically loadable C extension module.” Of equal significance, the largest speedups are realized for algorithmic code written in pure Python—exactly the sort of code you might normally migrate to C to optimize. With Psyco, such migrations become even less important. Psyco is not yet a standard part of Python; you will have to fetch and install it separately. It is also still something of a research project, so you’ll have to track its evolution online. In fact, at this writing, although Psyco can still be fetched and installed by itself, it appears that much of the system may eventually be absorbed into the newer “PyPy” project—an attempt to reimplement Python’s PVM in Python code, to better support optimizations like Psyco. Perhaps the largest downside of Psyco is that it currently only generates machine code for Intel x86 architecture chips, though this includes Windows and Linux boxes and recent Macs. For more details on the Psyco extension, and other JIT efforts that may arise, consult http://www.python.org; you can also check out Psyco’s home page, which currently resides at http://psyco.sourceforge.net. ... I think this is enough to say that psyco is faster.by. Ovidio Marinho Falcao Neto Web Developer ovidio...@gmail.com 83 8826 9088 - Oi 83 9336 3782 - Claro Brasil 2013/6/1 Massimo Di Pierro massimo.dipie...@gmail.com Looks like I am wrong and there is no problem with pg8000. On Saturday, 1 June 2013 09:09:54 UTC-5, Mariano Reingart wrote: I don't get errors nor any difference: db = DAL('postgres:pg8000://**reingart:1234@localhost/** pg8000',pool_size=1,check_**reserved=['all']) db.define_table('thing',Field(**'name')) def test1(): value = r\' id = db.thing.insert(name=value) value = db(db.thing.id==id).select().**first().name return dict(id=id, value=value, lenght=len(value), adapter=db._adapter.__version_**_) def test2(): id = db.thing.insert(name='%') value = db(db.thing.id==id).select().**first().name return dict(id=id, value=value, lenght=len(value), adapter=db._adapter.__version_**_) def
Re: [web2py] Beginning advice
Darin... Interesting project Web2py is a great solution platform. Your process model is not clear to me... That said... One key advantage of Web2py is the database abstraction layer (DAL).. You can try many different approaches and any of the supported database systems with very little effort. So, just keep working the problem and asking questions.. Have fun, Joe On Sat, Jun 1, 2013 at 4:30 PM, Darin Lawson Hosking dari...@gmail.comwrote: I am new to web2py and python programming so bear with me. As a learning project (career change) I am trying to build a useful app based on my current skill set. I Would like to know if I am going in the right direction or is there an easier way? This a synopsis of what I want to model. Lets look at the process. 1. List of issue's. Everyone places weight / ranking on each issue 3. Weighting is based on a scale from 1 - 5 Average the weighting and develop a stack ranking=(average score) with (count votes) participants 4. Objectives is a child of Issue table. (comments, ranking, discussions etc..) 5. Action is a child of objectives (comments, ranking, discussions etc..) Develop a checkpoint / dashboard to monitor the activity votes/posts etc.. (possible social signals aka twitter, google news, etc..) Question is should I go with separate table for each or what would be the most robust for future expansion? Such as DB = Issues DB = Objectives DB = Actions DB = Ranking if so how do I do the linking etc.. I have messed around with the Fieldhttps://127.0.1.1/examples/global/vars/Field ('obj_parent', type='reference major_issues', notnull=True, label=Thttps://127.0.1.1/examples/global/vars/T ('Obj Parent')), but not quite understanding how to move forward with the views / reports aka do I use smartgrid vs a query etc.. Please be gentle :) I have been using web2py for 2 days. Thanks in advance Darin -- --- You received this message because you are subscribed to the Google Groups web2py-users group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out. -- Joe Simpson Sent From My DROID!! -- --- You received this message because you are subscribed to the Google Groups web2py-users group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
[web2py] Re: Beginning advice
Darin, The first issue is a data modeling problem. Can you please create multiple kinds of sample data for each table so we can understand how to help you model the data. After that, you could use smartgrid as you mentioned. It is simple to use and puts an app together for you quickly. The examples here, and especially example 34 really helped me get going: http://www.web2py.com/examples/default/examples Alex Glaros On Saturday, June 1, 2013 4:30:49 PM UTC-7, Darin Lawson Hosking wrote: I am new to web2py and python programming so bear with me. As a learning project (career change) I am trying to build a useful app based on my current skill set. I Would like to know if I am going in the right direction or is there an easier way? This a synopsis of what I want to model. Lets look at the process. 1. List of issue's. Everyone places weight / ranking on each issue 3. Weighting is based on a scale from 1 - 5 Average the weighting and develop a stack ranking=(average score) with (count votes) participants 4. Objectives is a child of Issue table. (comments, ranking, discussions etc..) 5. Action is a child of objectives (comments, ranking, discussions etc..) Develop a checkpoint / dashboard to monitor the activity votes/posts etc.. (possible social signals aka twitter, google news, etc..) Question is should I go with separate table for each or what would be the most robust for future expansion? Such as DB = Issues DB = Objectives DB = Actions DB = Ranking if so how do I do the linking etc.. I have messed around with the Fieldhttps://127.0.1.1/examples/global/vars/Field ('obj_parent', type='reference major_issues', notnull=True, label=Thttps://127.0.1.1/examples/global/vars/T ('Obj Parent')), but not quite understanding how to move forward with the views / reports aka do I use smartgrid vs a query etc.. Please be gentle :) I have been using web2py for 2 days. Thanks in advance Darin -- --- You received this message because you are subscribed to the Google Groups web2py-users group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
[web2py] Invalid request when url for static file contains space
Hey, searched around I'm having the same problem as the following topic: https://groups.google.com/d/topic/web2py/yNwOUgOeKqI/discussion I get invalid request when I try to visit the following url: http://127.0.0.1:8000/myapp/static/skillPages/fall2012/MT%20Burk/MT%20Burk_2_01-06-13_R1.pdf; The file path is correct and the file is there. I tried to implement the solution in that previous thread, but I can't seem to get it to work. The only modifications I've made to routes.py before is changing the default app. Can anyone suggest what exact modifications I need to add to either routes.py or router.py to make spaces valid for static files? Assuming I've made no changes from the default? -- --- You received this message because you are subscribed to the Google Groups web2py-users group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [web2py] web2py Safety discussion
Fail2ban is a popular python program that monitors log files for failed login attempts and blocks visitors, no need to write a new one from scratch. Assuming you use a linux server, it should be available as a package. It's quite versatile. Regards, Ales On Saturday, June 1, 2013 11:28:03 PM UTC+2, BlueShadow wrote: How the ssh tunnel is probably the best and only real secure option. If anyone can point me towards a tutorial for this would be awesome. Thinking about another solution: how about adding a username. This would make bruteforce even harder. As far as my novice knowlege goes server like apache and nginx... record all requests. Writing a script catching all requests to appadmin login shouldn t be to hard to write. Now one could use a cronjob to check that list every 5 min for example. If the login page is called more than 5 times: block access to appadmin for 20 min. Those are just my thoughts i havent tested any of this. And Im not sure if it would work. Am 01.06.2013 22:56 schrieb BlueShadow kevin@gmail.comjavascript: : Hi, Overall web2py is pretty save as far as I know. https://scanmyserver.com/shows for my web2py app 6 low priority risks. As far as I'm concerned they are very low priority but since I startet to record all errors (code 400 404 500) in an database table I get a little concerned since my very small site gets on some days 20 attacks. They are pretty premitive as far as I can tell. Trying to call admin page or /wp-login ... trying to add code after the url... So my concern is not the site itself but the appadmin. It is only protected by a password and as far as I can tell there is no brute force protection like a timeout after 3 or five misspelled passwords. I don't know if I'm just paranoid but I can't record if there are attemps to access appadmin and there is no timeout for the password. I would welcome your thoughts on this issue. -- --- You received this message because you are subscribed to a topic in the Google Groups web2py-users group. To unsubscribe from this topic, visit https://groups.google.com/d/topic/web2py/1hnFerQ0FJo/unsubscribe?hl=en. To unsubscribe from this group and all its topics, send an email to web2py+un...@googlegroups.com javascript:. For more options, visit https://groups.google.com/groups/opt_out. -- --- You received this message because you are subscribed to the Google Groups web2py-users group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
[web2py] Re: Beginning advice
Try this: @auth.requires_login() def manage(): return dict(grid=SQLFORM.smartgrid(db.issues)) On Saturday, 1 June 2013 18:30:49 UTC-5, Darin Lawson Hosking wrote: I am new to web2py and python programming so bear with me. As a learning project (career change) I am trying to build a useful app based on my current skill set. I Would like to know if I am going in the right direction or is there an easier way? This a synopsis of what I want to model. Lets look at the process. 1. List of issue's. Everyone places weight / ranking on each issue 3. Weighting is based on a scale from 1 - 5 Average the weighting and develop a stack ranking=(average score) with (count votes) participants 4. Objectives is a child of Issue table. (comments, ranking, discussions etc..) 5. Action is a child of objectives (comments, ranking, discussions etc..) Develop a checkpoint / dashboard to monitor the activity votes/posts etc.. (possible social signals aka twitter, google news, etc..) Question is should I go with separate table for each or what would be the most robust for future expansion? Such as DB = Issues DB = Objectives DB = Actions DB = Ranking if so how do I do the linking etc.. I have messed around with the Fieldhttps://127.0.1.1/examples/global/vars/Field ('obj_parent', type='reference major_issues', notnull=True, label=Thttps://127.0.1.1/examples/global/vars/T ('Obj Parent')), but not quite understanding how to move forward with the views / reports aka do I use smartgrid vs a query etc.. Please be gentle :) I have been using web2py for 2 days. Thanks in advance Darin -- --- You received this message because you are subscribed to the Google Groups web2py-users group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
[web2py] dynamically generate table fields
# I have this code to create a table: *db.define_table('event',* *Field('event_type', length=8),* *Field('created', 'datetime', default=request.now),* *)* # Now, I have numerous fields (20 in real life) that should build up this table, which is why I would like to generate them from a list. *influences = ['gravity','magnetism']* # So, I want to dynamically add this fields gravity_x, gravity_y, magnetism_x, magnetism_y, to the table *for influence in influences:* *setattr(db.event, influence+'_x', Field(influence+'_x') )* # should do something like db.event.gravity_x = Field() -- a failed attempt to append the gravity_x field *setattr(db.event, influence+'_y', Field(influence+'_y') )* # should do something like db.event.gravity_y = Field() -- a failed attempt to append the gravity_y field Is it possible to do what I want? Maybe another way would be to call a **dict on db.define_table? -- --- You received this message because you are subscribed to the Google Groups web2py-users group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.