[web2py] Re: using CRYPT in SQLFORM.factory doesn't work?
Nice catch Anthony! Thanks a bunch. That's the second time I got bitten by a misplaced comma in an SQLFORM ... On May 12, 12:23 pm, Anthony abasta...@gmail.com wrote: I think you've got a simple typo in you code -- in SQLFORM.factory, you have a ')' at the end of the Field line, so your 'requires' ends up being a SQLFORM.factory argument instead of a Field argument. It should be: form=SQLFORM.factory( Field('card_number','string',comment='with dashes', requires=CRYPT(auth.settings.hmac_key))) When I try the above, CRYPT works fine for me. Anthony On Wednesday, May 11, 2011 11:02:17 PM UTC-4, niknok wrote: here's the code I used. http://pastie.org/1891534 what's weird is that I know that CRYPT works in my other apps, it's just in this particular controller that it isn't working right. And in my case, my logical test is == and not !=. My problem is the unecrypted variable...
[web2py] Re: using CRYPT in SQLFORM.factory doesn't work?
I suppose it's personal preference but the comma placement at the beginning of the line is really confusing.
[web2py] Re: using CRYPT in SQLFORM.factory doesn't work?
Ok, here's a quote for you: “Confusion is the welcome mat at the door of creativity.” ;) On May 13, 2:26 am, pbreit pbreitenb...@gmail.com wrote: I suppose it's personal preference but the comma placement at the beginning of the line is really confusing.
[web2py] Re: using CRYPT in SQLFORM.factory doesn't work?
here's the code I used. http://pastie.org/1891534 what's weird is that I know that CRYPT works in my other apps, it's just in this particular controller that it isn't working right. And in my case, my logical test is == and not !=. My problem is the unecrypted variable... On May 10, 10:54 pm, Anthony abasta...@gmail.com wrote: On Tuesday, May 10, 2011 2:10:07 AM UTC-4, niknok wrote: Anthony, sorry for the typo. I meant calling onvalidation=, and not onaccept That is the behavior I'm expecting, since I've seen that work like so before. Here's a stripped-down version of the function: def cnv(): c_hash=request.args(0) form=SQLFORM.factory( Field('card_number','string' ,label='Card number',comment='with dashes') ,requires=CRYPT(auth.settings.hmac_key)) if form.accepts(request.vars,session): #import ipdb;ipdb.set_trace() #if c_hash!= form.vars.card_number: #-- does not work What do you mean the above does not work? Are you expecting form.vars.card_number to equal c_hash (if so, shouldn't '!=' be '==')? Where does c_hash come from (i.e., how does it get in request.args)? if CRYPT(auth.settings.hmac_key)(form.vars.card_number) [0]==c_hash: What is the purpose of the above line? form.vars.card_number should already be hashed (form.accepts should result in it being hashed), so this line appears to be double hashing the card number, which I assume wouldn't match c_hash (assuming c_hash is supposed to be the hashed card number). Anthony
[web2py] Re: using CRYPT in SQLFORM.factory doesn't work?
I think you've got a simple typo in you code -- in SQLFORM.factory, you have a ')' at the end of the Field line, so your 'requires' ends up being a SQLFORM.factory argument instead of a Field argument. It should be: form=SQLFORM.factory( Field('card_number','string',comment='with dashes', requires=CRYPT(auth.settings.hmac_key))) When I try the above, CRYPT works fine for me. Anthony On Wednesday, May 11, 2011 11:02:17 PM UTC-4, niknok wrote: here's the code I used. http://pastie.org/1891534 what's weird is that I know that CRYPT works in my other apps, it's just in this particular controller that it isn't working right. And in my case, my logical test is == and not !=. My problem is the unecrypted variable...
[web2py] Re: using CRYPT in SQLFORM.factory doesn't work?
Anthony, sorry for the typo. I meant calling onvalidation=, and not onaccept That is the behavior I'm expecting, since I've seen that work like so before. Here's a stripped-down version of the function: def cnv(): c_hash=request.args(0) form=SQLFORM.factory( Field('card_number','string' ,label='Card number',comment='with dashes') ,requires=CRYPT(auth.settings.hmac_key)) if form.accepts(request.vars,session): #import ipdb;ipdb.set_trace() #if c_hash!= form.vars.card_number: #-- does not work if CRYPT(auth.settings.hmac_key)(form.vars.card_number) [0]==c_hash: db.card.validated.writable= db.card.modified_by.writable=True db(db.card.alnum==c_hash).update(validated=True) response.flash='Card number validated.' else: form.errors.card_number='Card number is not valid!' return dict(form=form) On May 10, 12:11 pm, Anthony abasta...@gmail.com wrote: On Monday, May 9, 2011 10:59:46 PM UTC-4, pbreit wrote: Do filters work with SQLFORM.factory? I'm not sure CRYPT returns an encrypted string so much as it causes the string to be encrypted when SQLFORM puts it in the DB. I could be wrong. When I create a SQLFORM.factory with a requires=CRYPT and call form.accepts, I get back a hash of the input, even without any db IO. Anthony
[web2py] Re: using CRYPT in SQLFORM.factory doesn't work?
OK, I guess it does work. This worked for me: def crypt(): form = SQLFORM.factory( Field('test', requires=CRYPT(auth.settings.hmac_key))) if form.accepts(request.vars, session): return dict(data=form.vars.test) return dict(form=form)
[web2py] Re: using CRYPT in SQLFORM.factory doesn't work?
On Tuesday, May 10, 2011 2:10:07 AM UTC-4, niknok wrote: Anthony, sorry for the typo. I meant calling onvalidation=, and not onaccept That is the behavior I'm expecting, since I've seen that work like so before. Here's a stripped-down version of the function: def cnv(): c_hash=request.args(0) form=SQLFORM.factory( Field('card_number','string' ,label='Card number',comment='with dashes') ,requires=CRYPT(auth.settings.hmac_key)) if form.accepts(request.vars,session): #import ipdb;ipdb.set_trace() #if c_hash!= form.vars.card_number: #-- does not work What do you mean the above does not work? Are you expecting form.vars.card_number to equal c_hash (if so, shouldn't '!=' be '==')? Where does c_hash come from (i.e., how does it get in request.args)? if CRYPT(auth.settings.hmac_key)(form.vars.card_number) [0]==c_hash: What is the purpose of the above line? form.vars.card_number should already be hashed (form.accepts should result in it being hashed), so this line appears to be double hashing the card number, which I assume wouldn't match c_hash (assuming c_hash is supposed to be the hashed card number). Anthony
[web2py] Re: using CRYPT in SQLFORM.factory doesn't work?
On Monday, May 9, 2011 10:37:02 AM UTC-4, niknok wrote: I tried: form=SQLFORM.factory( Field('card_number','string' ,label='Enter a card number to verify' ,requires=CRYPT(auth.settings.hmac_key)) But instead I found form.vars.card_number unencrypted. This is on w2p v1.94.5. Was it unencrypted before or after calling form.accepts? The validators aren't applied until you call form.accepts.
[web2py] Re: using CRYPT in SQLFORM.factory doesn't work?
I was trying to process it inside onvalidation= ... On May 9, 10:53 pm, Anthony abasta...@gmail.com wrote: On Monday, May 9, 2011 10:37:02 AM UTC-4, niknok wrote: I tried: form=SQLFORM.factory( Field('card_number','string' ,label='Enter a card number to verify' ,requires=CRYPT(auth.settings.hmac_key)) But instead I found form.vars.card_number unencrypted. This is on w2p v1.94.5. Was it unencrypted before or after calling form.accepts? The validators aren't applied until you call form.accepts.
[web2py] Re: using CRYPT in SQLFORM.factory doesn't work?
Do filters work with SQLFORM.factory? I'm not sure CRYPT returns an encrypted string so much as it causes the string to be encrypted when SQLFORM puts it in the DB. I could be wrong.
[web2py] Re: using CRYPT in SQLFORM.factory doesn't work?
On Monday, May 9, 2011 10:32:13 PM UTC-4, niknok wrote: I was trying to process it inside onvalidation= ... Note sure I understand. Can you show your full code (including where/how you are finding form.vars.card_number unencrypted)?
[web2py] Re: using CRYPT in SQLFORM.factory doesn't work?
On Monday, May 9, 2011 10:59:46 PM UTC-4, pbreit wrote: Do filters work with SQLFORM.factory? I'm not sure CRYPT returns an encrypted string so much as it causes the string to be encrypted when SQLFORM puts it in the DB. I could be wrong. When I create a SQLFORM.factory with a requires=CRYPT and call form.accepts, I get back a hash of the input, even without any db IO. Anthony