I can't say for sure, sorry. Given the error comes from PostgreSQL
(IntegrityError), I'd wager it's probably a PostgreSQL thing.
Specify a default value for the field, there may be NULLs in that column
right now, which violates the NULL contraint you are adding to the table.
Perhaps 0 would make a good default for your field.
Calls are not executed with the psql command, they are done with psycopg2.
You could try a subprocess.POpen call:
import subprocess
...
sp = subprocess.POpen("psql {insert remainder of command line here}",
shell=True)
For more on the options of the subprocess
module: http://docs.python.org/
Just wondering if anyone knows what this parameter is for?
It doesn't seem to be used at all, but could be very useful (ie. to adding
more submit buttons to the form).
Was it functionality that is going to be implemented but didn't happen?
Thanks,
Mathew
Yes - that is exactly the problem that transactions are intended to
take care of.
What would writing raw SQL do? Raw SQL statements (unless explicitly
contained in a transaction) would be executed outside of the
transaction and therefore still vulnerable.
On May 31, 6:57 pm, David J wrote:
> I a
ng - be on the lookout for SQL
injection.
On May 31, 2:47 am, Massimiliano wrote:
> Sure... That is the way I'm follow...
> Fortunately I haven't tables with the same name...
>
> Ciao
>
>
>
>
>
> On Tue, May 31, 2011 at 3:50 AM, Mathew Grabau
You could always change the schema before executing the db commands:
db.executesql("set search_path to 'schemaname,public';")
If you could determine the name of the schema first that would be
feasible.
On May 30, 5:14 am, Massimiliano wrote:
> Hi all,
>
> I've a legacy enterprise application th
In your controllers in the first place, wouldn't another mitigation be
to code defensively by taking request.vars and validating it in the
first place??? Following that policy and then formatting your response
is a way to avoid the problem.
Definitely don't seem like a good idea to be doing:
def
That seems to be true, sanitize defaults to False in the class XML
__init__
On May 25, 10:47 am, Anthony wrote:
> On Wednesday, May 25, 2011 11:24:12 AM UTC-4, Massimo Di Pierro wrote:
>
> > So this:
>
> > xss.xssescape(text)
>
> > would be the same as
>
> > str(XML(text))
>
> str(XML(text)) won'
Is the back track contained to inside the app or including sites
external to your app?
On May 24, 10:34 am, Richard Vézina
wrote:
> Hello,
>
> I would like to know if there is a built vars to know what was the last page
> a user had visited?
>
> I would like to build a basic navigation bar that w
For me to overcome the issues specified by this I switched to using:
return response.json(...stuff to return...)
The datetime encoder is not in there anymore and it was causing me
trouble. This corrected the issue.
On May 6, 8:20 am, omicron wrote:
> Before, the encoder have :
>
> """Implementa
dules part?
On Apr 6, 11:46 am, pierreth wrote:
> On 6 avr, 12:26, Mathew Grabau wrote:
>
> > I totally agree with that. Though, I just read up, if pierreth is
> > trying to borrow code from app1/modules inside app2/controllers, then
> > injecting app1/modules into the pytho
the ability inside the app2 controller to
use "import moudleA").
I do not rely on the technique (I use local_import), I just had an
idea with respect to this situation.
On Apr 6, 11:14 am, Jonathan Lundell wrote:
> On Apr 6, 2011, at 8:55 AM, Mathew Grabau wrote:
>
>
>
&
It is not, strictly speaking, specific to web2py - it is specific to
any python script that uses the convention of calling into (executing
directory)/applications/app/modules/ for an import. It applies to
web2py, but web2py is breaking none of the rules there.
There are other ways to figure that
The way that I read that bug report, the problem is that it is an
error in Python 2.5 that it works; the (at the time) beta of Python
2.6 was patched to make it fail.
The behaviour that you are witnessing is therefore correct (and it
makes sense - why should you give two values to the same keyword
Have you tried anything yet?
A skeleton solution/recommendation:
- If I assume correctly that the values are the HTML INPUT values,
then use the selected event on the jQueryUI objects
- for the above event, the handler adds the selected rooms to a stored
collection (Array perhaps) in client-side
Try using a submit instead:
{{=INPUT(_type="submit", _value="Update data", _action="URL(r=request,
f="update_form", args=company[0].id))}}
On Jan 14, 9:41 am, annet wrote:
> I have a form containing two buttons, one to update data and one to
> close the window:
>
> {{=INPUT(_type='button',_value
17 matches
Mail list logo