[web2py] Re: using CRYPT in SQLFORM.factory doesn't work?
Nice catch Anthony! Thanks a bunch.
That's the second time I got bitten by a misplaced comma in an
SQLFORM ...
On May 12, 12:23 pm, Anthony abasta...@gmail.com wrote:
I think you've got a simple typo in you code -- in SQLFORM.factory, you have
a ')' at the end of the Field line, so your 'requires' ends up being a
SQLFORM.factory argument instead of a Field argument. It should be:
form=SQLFORM.factory(
Field('card_number','string',comment='with dashes',
requires=CRYPT(auth.settings.hmac_key)))
When I try the above, CRYPT works fine for me.
Anthony
On Wednesday, May 11, 2011 11:02:17 PM UTC-4, niknok wrote:
here's the code I used.
http://pastie.org/1891534
what's weird is that I know that CRYPT works in my other apps, it's
just in this particular controller that it isn't working right.
And in my case, my logical test is == and not !=. My problem is
the unecrypted
variable...
[web2py] Re: using CRYPT in SQLFORM.factory doesn't work?
I suppose it's personal preference but the comma placement at the beginning of the line is really confusing.
[web2py] Re: using CRYPT in SQLFORM.factory doesn't work?
Ok, here's a quote for you: “Confusion is the welcome mat at the door of creativity.” ;) On May 13, 2:26 am, pbreit pbreitenb...@gmail.com wrote: I suppose it's personal preference but the comma placement at the beginning of the line is really confusing.
[web2py] Re: using CRYPT in SQLFORM.factory doesn't work?
here's the code I used.
http://pastie.org/1891534
what's weird is that I know that CRYPT works in my other apps, it's
just in this particular controller that it isn't working right.
And in my case, my logical test is == and not !=. My problem is
the unecrypted
variable...
On May 10, 10:54 pm, Anthony abasta...@gmail.com wrote:
On Tuesday, May 10, 2011 2:10:07 AM UTC-4, niknok wrote:
Anthony, sorry for the typo. I meant calling onvalidation=, and not
onaccept
That is the behavior I'm expecting, since I've seen that work like so
before. Here's a stripped-down version of the function:
def cnv():
c_hash=request.args(0)
form=SQLFORM.factory(
Field('card_number','string'
,label='Card number',comment='with dashes')
,requires=CRYPT(auth.settings.hmac_key))
if form.accepts(request.vars,session):
#import ipdb;ipdb.set_trace()
#if c_hash!= form.vars.card_number: #-- does not work
What do you mean the above does not work? Are you expecting
form.vars.card_number to equal c_hash (if so, shouldn't '!=' be '==')? Where
does c_hash come from (i.e., how does it get in request.args)?
if CRYPT(auth.settings.hmac_key)(form.vars.card_number)
[0]==c_hash:
What is the purpose of the above line? form.vars.card_number should already
be hashed (form.accepts should result in it being hashed), so this line
appears to be double hashing the card number, which I assume wouldn't match
c_hash (assuming c_hash is supposed to be the hashed card number).
Anthony
[web2py] Re: using CRYPT in SQLFORM.factory doesn't work?
I think you've got a simple typo in you code -- in SQLFORM.factory, you have
a ')' at the end of the Field line, so your 'requires' ends up being a
SQLFORM.factory argument instead of a Field argument. It should be:
form=SQLFORM.factory(
Field('card_number','string',comment='with dashes',
requires=CRYPT(auth.settings.hmac_key)))
When I try the above, CRYPT works fine for me.
Anthony
On Wednesday, May 11, 2011 11:02:17 PM UTC-4, niknok wrote:
here's the code I used.
http://pastie.org/1891534
what's weird is that I know that CRYPT works in my other apps, it's
just in this particular controller that it isn't working right.
And in my case, my logical test is == and not !=. My problem is
the unecrypted
variable...
[web2py] Re: using CRYPT in SQLFORM.factory doesn't work?
Anthony, sorry for the typo. I meant calling onvalidation=, and not
onaccept
That is the behavior I'm expecting, since I've seen that work like so
before. Here's a stripped-down version of the function:
def cnv():
c_hash=request.args(0)
form=SQLFORM.factory(
Field('card_number','string'
,label='Card number',comment='with dashes')
,requires=CRYPT(auth.settings.hmac_key))
if form.accepts(request.vars,session):
#import ipdb;ipdb.set_trace()
#if c_hash!= form.vars.card_number: #-- does not work
if CRYPT(auth.settings.hmac_key)(form.vars.card_number)
[0]==c_hash:
db.card.validated.writable=
db.card.modified_by.writable=True
db(db.card.alnum==c_hash).update(validated=True)
response.flash='Card number validated.'
else:
form.errors.card_number='Card number is not valid!'
return dict(form=form)
On May 10, 12:11 pm, Anthony abasta...@gmail.com wrote:
On Monday, May 9, 2011 10:59:46 PM UTC-4, pbreit wrote:
Do filters work with SQLFORM.factory? I'm not sure CRYPT returns an
encrypted string so much as it causes the string to be encrypted when
SQLFORM puts it in the DB. I could be wrong.
When I create a SQLFORM.factory with a requires=CRYPT and call form.accepts,
I get back a hash of the input, even without any db IO.
Anthony
[web2py] Re: using CRYPT in SQLFORM.factory doesn't work?
OK, I guess it does work. This worked for me:
def crypt():
form = SQLFORM.factory(
Field('test', requires=CRYPT(auth.settings.hmac_key)))
if form.accepts(request.vars, session):
return dict(data=form.vars.test)
return dict(form=form)
[web2py] Re: using CRYPT in SQLFORM.factory doesn't work?
On Tuesday, May 10, 2011 2:10:07 AM UTC-4, niknok wrote:
Anthony, sorry for the typo. I meant calling onvalidation=, and not
onaccept
That is the behavior I'm expecting, since I've seen that work like so
before. Here's a stripped-down version of the function:
def cnv():
c_hash=request.args(0)
form=SQLFORM.factory(
Field('card_number','string'
,label='Card number',comment='with dashes')
,requires=CRYPT(auth.settings.hmac_key))
if form.accepts(request.vars,session):
#import ipdb;ipdb.set_trace()
#if c_hash!= form.vars.card_number: #-- does not work
What do you mean the above does not work? Are you expecting
form.vars.card_number to equal c_hash (if so, shouldn't '!=' be '==')? Where
does c_hash come from (i.e., how does it get in request.args)?
if CRYPT(auth.settings.hmac_key)(form.vars.card_number)
[0]==c_hash:
What is the purpose of the above line? form.vars.card_number should already
be hashed (form.accepts should result in it being hashed), so this line
appears to be double hashing the card number, which I assume wouldn't match
c_hash (assuming c_hash is supposed to be the hashed card number).
Anthony
[web2py] Re: using CRYPT in SQLFORM.factory doesn't work?
On Monday, May 9, 2011 10:37:02 AM UTC-4, niknok wrote:
I tried:
form=SQLFORM.factory(
Field('card_number','string'
,label='Enter a card number to verify'
,requires=CRYPT(auth.settings.hmac_key))
But instead I found form.vars.card_number unencrypted. This is on w2p
v1.94.5.
Was it unencrypted before or after calling form.accepts? The validators
aren't applied until you call form.accepts.
[web2py] Re: using CRYPT in SQLFORM.factory doesn't work?
I was trying to process it inside onvalidation= ...
On May 9, 10:53 pm, Anthony abasta...@gmail.com wrote:
On Monday, May 9, 2011 10:37:02 AM UTC-4, niknok wrote:
I tried:
form=SQLFORM.factory(
Field('card_number','string'
,label='Enter a card number to verify'
,requires=CRYPT(auth.settings.hmac_key))
But instead I found form.vars.card_number unencrypted. This is on w2p
v1.94.5.
Was it unencrypted before or after calling form.accepts? The validators
aren't applied until you call form.accepts.
[web2py] Re: using CRYPT in SQLFORM.factory doesn't work?
Do filters work with SQLFORM.factory? I'm not sure CRYPT returns an encrypted string so much as it causes the string to be encrypted when SQLFORM puts it in the DB. I could be wrong.
[web2py] Re: using CRYPT in SQLFORM.factory doesn't work?
On Monday, May 9, 2011 10:32:13 PM UTC-4, niknok wrote: I was trying to process it inside onvalidation= ... Note sure I understand. Can you show your full code (including where/how you are finding form.vars.card_number unencrypted)?
[web2py] Re: using CRYPT in SQLFORM.factory doesn't work?
On Monday, May 9, 2011 10:59:46 PM UTC-4, pbreit wrote: Do filters work with SQLFORM.factory? I'm not sure CRYPT returns an encrypted string so much as it causes the string to be encrypted when SQLFORM puts it in the DB. I could be wrong. When I create a SQLFORM.factory with a requires=CRYPT and call form.accepts, I get back a hash of the input, even without any db IO. Anthony
