At the moment it is:
@request.restful()
def as_rest():
def GET(*args,**vars):
patterns = ['/{bookmarks.id}',
'']
parsed = db.parse_as_rest(patterns,args,vars)
if parsed.status==200: return parsed.response.json()
else:
posts =
Hello everybody
Thank you very much for your answers!
I think I'll try a combination of plugin_wiki with epydoc.
Have a nice day!
Marcel
@Pierre: I'm using PyCharm instead of pydev - but thank you anyway!
On 15 Jun., 19:29, Pierre Thibault pierre.thibau...@gmail.com wrote:
I like epydoc.
On Jun 16, 4:03 am, Web2py Newbie
swiawte...@garrifulio.mailexpire.com wrote:
Is there a bug tracker somewhere I'm supposed to use?
http://code.google.com/p/web2py/issues/list
No, this is a fresh install from the Windows source version of www.web2py.com.
The error occured when asking for /admin. To me it seems like the
portalocker.lock(response.session_file, portalocker.LOCK_EX) call
imports pywin32 mercurial(!) in a strange way.
Regards, Andreas
On Jun 15, 11:14 pm,
Hi guys.
I have a table (called anuncio) with an upload field (called foto), so
anuncio.foto is my upload field.
I'm showing and linking it with this piece of code in my view :
{{url = URL(c='anuncios',f='download', args=['uploads', anuncio.foto])}}
{{=A(IMG(_src=url), _href=url)}}
My
Yes. Same reason I asked.
Thanks.
On Jun 14, 6:10 am, Sebastian E. Ovide sebastian.ov...@gmail.com
wrote:
web2py is adding so many functionalities that it is difficult to understand
what the book is documenting.
It would be great to have a changelog... or at least a web2py version that
the
In db.py I've added fields to table_user_name
My code updates one of these 'extended' fields with update_record().
The code also accesses auth.user.fieldname but I think these values
get populated from a cookie.
a) is it true that a cookie is used
b) if a) is true, how to I refresh the cookie?
There may be a security problem for all of you using Auth. Even if the
login process is done threw SSL the session should be also kept over
SSL or else you may be vulnerable to session hijacking (
http://en.wikipedia.org/wiki/Session_hijacking ) attacks.
My question is, is there a control to make
Is there anyone working with web2py and CouchDB ... something more beyond
the simple tests ? If so can you share some experience or even some project
source or something?
One question ... how can i get the former connection object that comes from
couch =
The higher value for chunk_size didn't work with a 33 MiB file. Even
in Firefox 4.
So I tried 1.96.4 (Rocket 1.2.2) on Windows XP.
Made a new and simple app (dtest). The download there uses
response.download(request,db) as well.
1 simple table: db.define_table('stuff', Field('file', 'upload'))
Hi All,
The following table definition does not work all the time. Sometimes
it gives the following error: IntegrityError: column name is not
unique. I want to receive the error at the form level.
db.define_table('testtable',
Field('name', 'text', unique=True, notnull=True),
web2py Version 1.96.4 under sl4a (android / python 2.6.2) does not
start due to a few errors.
The first one is in dal.py
It seems that there was already half fixed, the problem is in
path_encoding = sys.getfilesystemencoding() or
locale.getdefaultlocale()[1]
the result is empty here.
There is
Then you need to call
/myapp/api/as_rest/1.json
where api is the controller, as_rest is your function, 1 is the
{bookmark.id}.
On Jun 16, 12:51 am, Web2py Newbie
swiawte...@garrifulio.mailexpire.com wrote:
At the moment it is:
@request.restful()
def as_rest():
def GET(*args,**vars):
You are correct. If you want to prevent session hijacking you need to
force cookies over https.
You can do this in your program
session._secure=True
But it is up to you to setup https.
On Jun 16, 5:43 am, blackthorne francisco@gmail.com wrote:
There may be a security problem for all of
the logged in user is stored in session.auth.user so yes, if you
change the user info in db, you will not see the change in
session.auth.user until you reload. You need to change the info in
both places.
On Jun 16, 5:17 am, Carl m...@carlroach.com wrote:
In db.py I've added fields to
Fantastic than if you have the latest web2py you should just need to
follow the instructions in
web2py/gluon/contrib.login_methods/cas_auth.py
On Jun 16, 6:14 am, Neveen Adel nevo.a...@gmail.com wrote:
Thanks a lot Massimo for you help :)
Sorry about the misunderstanding.
I searched on
Thank you! Fixed in trunk.
On Jun 16, 3:55 am, Corne Dickens corne.dick...@gmail.com wrote:
web2py Version 1.96.4 under sl4a (android / python 2.6.2) does not
start due to a few errors.
The first one is in dal.py
It seems that there was already half fixed, the problem is in
path_encoding =
On Thursday, June 16, 2011 9:48:47 AM UTC-4, Massimo Di Pierro wrote:
You are correct. If you want to prevent session hijacking you need to
force cookies over https.
You can do this in your program
session._secure=True
Doesn't session.secure() do the same thing (i.e., sets
These:
db.testtable.name.requires=IS_NOT_IN_DB(db, db.testtable.name)
db.testtable.name.requires = IS_ALPHANUMERIC()
shuld be
db.testtable.name.requires= (IS_ALPHANUMERIC(),IS_NOT_IN_DB(db,
db.testtable.name))
otherwise the second requires overrides the previous ones, web2py
checks only for
On Sunday, June 12, 2011 8:52:42 AM UTC-4, Anthony wrote:
Actually, now I see that there are two distinct arguments to the jqgrid
widget, '_id' and 'id'. It looks like the '_id' argument is completely
ignored, but if you specify 'id', it will be used as the jqgrid table id
(via the current
It could.
I think it would be interesting to have a control to redirect by
default to https, whether it is a login or an authenticated session,
kind of what we already have for appadmin...
On Jun 16, 2:57 pm, Anthony abasta...@gmail.com wrote:
On Thursday, June 16, 2011 9:48:47 AM UTC-4,
thanks. a little detail needed: given my extra field is called 'tag'
can I change its value like:
session.auth.user.tag = 'new value'
but then how do I get the session to update the cookie ready for the
next browser load/refresh?
On Jun 16, 2:46 pm, Massimo Di Pierro massimo.dipie...@gmail.com
I'm trying to debug a web2py app working with WSGI on webfaction.
First, I've activated the Logging = True in the wsgihandler and now I
can read the httpserver.log.
I've also read many things on exposing request/response objects but
what I really wanted would be the possibility to read print calls
On Thursday, June 16, 2011 11:12:16 AM UTC-4, blackthorne wrote:
It could.
I think it would be interesting to have a control to redirect by
default to https, whether it is a login or an authenticated session,
kind of what we already have for appadmin...
I don't think admin or
Hi,
I have this:
tags=db().select(db.event_tags.ALL)
form
=SQLFORM(db.events,fields=['title','venue','starttime','endtime','location','image','cost','website','booking','latlng','information'])
#form = SQLFORM(db.events)
my_extra_element = TR(,INPUT(_id='Lookup',_value=Check
does the {{=response.toolbar()}} help?
On Jun 16, 10:20 am, blackthorne francisco@gmail.com wrote:
I'm trying to debug a web2py app working with WSGI on webfaction.
First, I've activated the Logging = True in the wsgihandler and now I
can read the httpserver.log.
I've also read many
That's automatic. If you just do
auth.user.tag = 'new value'
than the new value is stored in the session and retrieved at next http
request
On Jun 16, 10:19 am, Carl m...@carlroach.com wrote:
thanks. a little detail needed: given my extra field is called 'tag'
can I change its value like:
Correct. If you want to force https you need to configure apache or
other web server
On Jun 16, 10:51 am, Anthony abasta...@gmail.com wrote:
On Thursday, June 16, 2011 11:12:16 AM UTC-4, blackthorne wrote:
It could.
I think it would be interesting to have a control to redirect by
default
ah!
I'm setting and retrieving the value via json using two @service.jsonrpc
functions.
Have I found a hole? or should I be adding a little more code within my json
setter function?
On 16 June 2011 16:57, Massimo Di Pierro massimo.dipie...@gmail.com wrote:
That's automatic. If you just do
Thank you! That worked.
On Jun 16, 6:53 am, Massimo Di Pierro massimo.dipie...@gmail.com
wrote:
These:
db.testtable.name.requires=IS_NOT_IN_DB(db, db.testtable.name)
db.testtable.name.requires = IS_ALPHANUMERIC()
shuld be
db.testtable.name.requires= (IS_ALPHANUMERIC(),IS_NOT_IN_DB(db,
If I understand 9.99 has 6 digits therefore a precision of 6.
Same for 1000.00
On Jun 16, 11:16 am, pbreit pbreitenb...@gmail.com wrote:
I'm getting this error which looks wrong to me:
A field with precision 5, scale 2 must round to an absolute value less than
10^3
I was expecting that
I'm getting this error which looks wrong to me:
A field with precision 5, scale 2 must round to an absolute value less than 10^3
I was expecting that a decimal could up to 9.99 but it is failing on
1000.00
Could somebody share some examples of how you have integrated
prettyphoto into web2py?
Kenneth
I am using on http://CursoDePython.com.br , no problem
--
Bruno Rocha
[ About me: http://zerp.ly/rochacbruno ]
[ Aprenda a programar: http://CursoDePython.com.br ]
[ O seu aliado nos cuidados
Yeah, I was thinking 5,2 meant I could have 5 digits on the left of the
decimal but looks like it's all digits total. Not sure why I haven't run
into that before now.
perhaps because web2py with sqlite treats decimal and float and
ignores precision.
On Jun 16, 11:35 am, pbreit pbreitenb...@gmail.com wrote:
Yeah, I was thinking 5,2 meant I could have 5 digits on the left of the
decimal but looks like it's all digits total. Not sure why I haven't run
into
it helps but not the same thing.
e.g.:
Right now, I'm having an issue with the auth.register action that
doesn't seem to work ( http://www.digitalloft.org/homepage/default/user/register
). I wanted to print markers to get the position in the code that is
being executed so I can infer the flow
Hi
I have a component on my page that displays the auth_users that have
membership the specific auth_group. I have some the following js to
remove someone from a group:
function deleteMembership(userId, groupId) {
$.ajax({
type: POST,
I use this logger which works well:
https://groups.google.com/d/msg/web2py/P4G0-UWGldU/0afuX8Tpa_cJ
Is this a theoretical issue or an actual issue?
Is your foto filed type 'upload'?
Field http://web2py.com/book/default/docstring/Field('file', 'upload')
Can you make it look like this:
img src={{=URL http://web2py.com/book/default/docstring/URL('download',
args=image.file)}} /
*http://web2py.com/book/default/chapter/03#An-Image-Blog
*
Try replace
success: web2py_component('../groupUsers/{{=groupId}}'),
with
success: function() { web2py_component('../groupUsers/
{{=groupId}}'); },
On Jun 16, 12:02 pm, Jim Steil j...@qlf.com wrote:
Hi
I have a component on my page that displays the auth_users that have
At
http://web2py.com/book/default/chapter/08?search=openid#Other-Login-Methods-and-Login-Forms
the documentation says
OpenIDAUth requires the python-open installed separately.
It should be
OpenIDAUth requires the python-openid installed separately,
as I verified by looking into the comments
I have a situation where I need to adjust an SQLFORM field to be
non-editable. I can do that with .writable = False, but that seems to
also prevents database I/O for that field. What I'm trying to do is
set a default that cannot be changed.
Is there a way to set an SQLFORM field so that it
You can change this on the fly, no need to do it only in models, it can be
done in controllers.
### controllers/comecontroller.py
db.table.field.writable = False # change the field to writable false
form = SQLFORM(db.table) # build the form
db.table.field.writable = True #change it again
Sorry, I answered before read entire message,
if you want to chamhe it in form only, better to use the 'represent'
attribute
db.table.field.represent = lambda f: label %s /label % f
--
Bruno Rocha
[ About me: http://zerp.ly/rochacbruno ]
On Thu, Jun 16, 2011 at 3:05 PM, Jay Shaffstall
The target is missing
success: function() { web2py_component('../groupUsers/{{=groupId}}',
'target'); },
where 'target' must be the id (in quotes) of the component to be
refreshed.
On Jun 16, 1:13 pm, Jim Steil j...@qlf.com wrote:
Massimo
Thanks for the reply. I made the change you
Massimo
Thanks for the reply. I made the change you recommended. I can see
that the function is called using firebug, but the component doesn't
refresh. Would it have something to do with this running inside the
component?
-Jim
On 6/16/2011 12:37 PM, Massimo Di Pierro wrote:
Try
That doesn't seem to affect the HTML form output at all for me. I've
also tried changing the widget to LABEL, but that results in the same
problem with the value not being transmitted back via the form.
What I'd like to be able to do is set the readonly attribute of the
input tag; but I don't
Someone please correct me if I am wrong, but this issue is one of
architecting your applications/environment properly.
If you only ever use https (ie: no http) then all is fine.
If you use mixed http https, then you likely want to set session.secure()
(this will set the cookie 'secure'
Is the new multi-tenant feature preserved by validators? I mean validators
like IS_IN_DB, when applied on table with multi-tenant feature enabled, is
IS_IN_DB validator filtering my records only?
Also can this feature be enabled for web2py auth mechanism? Means each
tenant will have own user
(This answer was moved to another group with another signature. Don't
know what's wrong here in Google Groups.)
The higher value for chunk_size didn't work with a 33 MiB file. Even
in Firefox 4.
So I tried 1.96.4 (Rocket 1.2.2) on Windows XP.
Made a new and simple app (dtest). The download there
Hi Denesl,
I was misinterpreting the list of databases in Chapter 6 of the web2py
book. I read it as a 2 column list, not realising that the pyodbc
reference was specifically relating to SQLServer and DB2.I would
say that Teradata SQL would be closer to DB2 than MSSQL. I'll give it
a try but
If your in Oulu on the 23rd of September I am organizing and competing
in Oulu Open Hack. I want to developer a few of my ideas in Web2py and
we have 30 hours to do it. :D
Anyone in the area?
Best Regards,
Jason Brower
Personally, I use the python logging module which we have setup to read it's
options from a config file.
http://docs.python.org/library/logging.html
http://docs.python.org/library/configparser.html
The logging module allows you to send your logs to files, standard out
(usually httpserver.log
My setup involves an apache 2.2.17, mod_wsgi 3.3, python 2.7.2, trac
0.12.2, mercurial 1.8.4. Two issues surfaced:
1. mercurial demandimport initialization order
2. mercurial unable to load DLLs in site-packages.
I solved the problem as follows:
1. change hgwebdir.wsgi to disable demandimport:
On Thursday, June 16, 2011 3:04:06 PM UTC-4, Richard G wrote:
Someone please correct me if I am wrong, but this issue is one of
architecting your applications/environment properly.
If you only ever use https (ie: no http) then all is fine.
If you use mixed http https, then you likely
Jay, you can do:
form.element('#tablename_fieldname')['_readonly']=True
On Jun 16, 2:57 pm, Jay Shaffstall jshaffst...@gmail.com wrote:
That doesn't seem to affect the HTML form output at all for me. I've
also tried changing the widget to LABEL, but that results in the same
problem with
On Thursday, June 16, 2011 2:05:34 PM UTC-4, JayShaffstall wrote:
I have a situation where I need to adjust an SQLFORM field to be
non-editable. I can do that with .writable = False, but that seems to
also prevents database I/O for that field. What I'm trying to do is
set a default that
I'd been thinking I needed to do that between form creation and the
accepts call, but you're right, it works even after that point. I
make the call to auth.register, and then modify the readonly
attribute, and it works fine.
Thanks!
Jay
On Thu, Jun 16, 2011 at 5:06 PM, DenesL denes1...@yahoo.ca
Anthony: I don't really understand how would that solve the problem.
The problem has to do with transmission of the session cookie in a non
secure channel. Regenerate it won't solve the problem. We need to
enforce not to allow the transmission of authenticated sessions threw
non secure channels. I
Anthony: I don't really understand how would that solve the problem.
The problem has to do with transmission of the session cookie in a non
secure channel. Regenerate it won't solve the problem. We need to
enforce not to allow the transmission of authenticated sessions threw
non secure channels. I
I get this error when trying to insert a record manually from a
sqlform:
SyntaxError: Field _autocomplete_name_aux does not belong to the table
Controller line is:
form.vars.id = table.insert(**dict(form.vars))
Model definition has a field using the autocomplete widget:
Looks like the form.accepts is trying to update the database with the
is_administrator value. You may need to deal with the update
explicitly. Have you tried form.accepts(request.vars, session,
dbio=False)?
On Jun 14, 1:21 pm, Ross Peoples ross.peop...@gmail.com wrote:
I am trying to provide
On Thursday, June 16, 2011 6:02:00 PM UTC-4, blackthorne wrote:
Anthony: I don't really understand how would that solve the problem.
The problem has to do with transmission of the session cookie in a non
secure channel. Regenerate it won't solve the problem.
It will solve the problem of
On Jun 16, 6:58 pm, amit in4tu...@gmail.com wrote:
OpenIDAUth requires the python-open installed separately.
It should be
OpenIDAUth requires the python-openid installed separately,
Fixed, many thanks.
On Jun 16, 11:08 pm, Anthony abasta...@gmail.com wrote:
On Thursday, June 16, 2011 6:02:00 PM UTC-4, blackthorne wrote:
Anthony: I don't really understand how would that solve the problem.
The problem has to do with transmission of the session cookie in a non
secure channel. Regenerate
Maybe try:
form.vars.id = table.insert(**table._filter_fields(form.vars))
The _filter_fields method should pull out only the dict keys that are fields
in the table. See
http://web2py.com/book/default/chapter/07#One-form-for-multiple-tables for
an example of this.
Anthony
On Thursday,
I don't think the situation is that dire. The web has worked like this for
20 years and it hasn't been an actual issue. I think as long as the tools
are available to go all-SSL that's fine.
On Thursday, June 16, 2011 6:43:42 PM UTC-4, blackthorne wrote:
On Jun 16, 11:08 pm, Anthony abas...@gmail.com wrote:
On Thursday, June 16, 2011 6:02:00 PM UTC-4, blackthorne wrote:
Anthony: I don't really understand how would that solve the problem.
The problem has to do with
thanks. that works albeit a bit esoteric.
On Jun 17, 12:03 am, Anthony abasta...@gmail.com wrote:
Maybe try:
form.vars.id = table.insert(**table._filter_fields(form.vars))
The _filter_fields method should pull out only the dict keys that are fields
in the table.
Using session.secure() sets the secure flag on the session cookie which
prevents it from ever being sent over a nonsecure channel. This should be
sufficient to build a Firesheep-proof system.
On Thursday, June 16, 2011 7:35:18 PM UTC-4, pbreit wrote:
Using session.secure() sets the secure flag on the session cookie which
prevents it from ever being sent over a nonsecure channel. This should be
sufficient to build a Firesheep-proof system.
I think setting the secure flag of
That's exactly what the secure cookie flag prevents, sending the cookie
over a nonsecure line. The problem as you note is that even if your server
is set up to redirect nonsecure traffic to secure traffic, the cookies is
still sent over in that first handshake. The secure flag prevents that. At
On Thursday, June 16, 2011 8:26:47 PM UTC-4, pbreit wrote:
That's exactly what the secure cookie flag prevents, sending the cookie
over a nonsecure line. The problem as you note is that even if your server
is set up to redirect nonsecure traffic to secure traffic, the cookies is
still
Hi,
Is it safe if I change the __repr__ functions for DAL, Table, Row to show a
much more compact string?.
Will I not break anything by doing this?.
I need this in order to better debug/analyze objects in the shell.
Thanks,
Carlos
Would like you help on with this file upload issue. I am trying to read the
contents of a file and process it during file upload (without making any
changes to the file). When I try to read the file contents during an upload,
the uploaded file has no contents (it is empty).
See function below
Well, a lot has changed in the past 20 years.
ARP Spoofing attacks emerged, Wireless shared channel communications
emerged, attackers multiplied and his methods got and more
sophisticated. Facebook, Twitter and are examples of very expensive
migrations related to social networks considered
Are you saying that once the user logs in, any existing session they had
should be erased and a new one started? I don't think that's how it works
now, and I'm not sure that would always be the thing to do, but maybe it
should be an option. I was just suggesting regenerating the session id,
hi,
I like markmin syntax, I am thinking to use it, yet I have a few
questions
- is there a html to markmin converter? (a markmin to html is - /gluon/
contrib/markmin/markmin2html.py)
- how to emebed flash?
- what about including css or javascript ? (script, link )
thank you
You would not break anything.
On Jun 16, 8:02 pm, Carlos carlosgali...@gmail.com wrote:
Hi,
Is it safe if I change the __repr__ functions for DAL, Table, Row to show a
much more compact string?.
Will I not break anything by doing this?.
I need this in order to better debug/analyze objects
On Jun 16, 8:19 pm, elffikk elff...@gmail.com wrote:
hi,
I like markmin syntax, I am thinking to use it, yet I have a few
questions
- is there a html to markmin converter? (a markmin to html is - /gluon/
contrib/markmin/markmin2html.py)
yes
from gluon.html import markmin_serializer
markmin
I've recently upgraded to 1.96.4 and I'm having trouble getting the new
auth_cas table created on a Postgres DB. It should get created automatically
if I have migrate ON, right?
I have a custom auth_user table if that matters.
The .table file was created and the auth_cas table shows in sql.log
(although faked).
OK, I think it worked now. I'm not sure what the problem is exactly but
might have been a false alarm.
I'm having trouble agin getting a new table created. I still don't really
understand how Web2py knows how to migrate, how it uses the .table and
sql.log files and what fake_migrate does exactly.
If I am missing a whole table, how can I prompt Web2py to create it? Do I
have to manipulate or
2011/6/15 Massimo Di Pierro massimo.dipie...@gmail.com
looking into this...
Still no news. Should we forget this issue? I really would like to debug but
I don't have enough information. It seems the bug is very rare.
On Jun 15, 8:12 am, mb_...@yahoo.fr mb_...@yahoo.fr wrote:
I wanted to
Resolved. Postgres doesn't like field name 'user'.
thank you sir
89 matches
Mail list logo
