This is a MAJOR security vulnerability: http://....?db=os.system('rm -r *')
On Aug 11, 11:04 am, Skiros <hansen.marc...@gmail.com> wrote: > I made it work passing the name of db to plugin_jqgrid in model and to > the controller. In the action "data" find this > > table=db[tablename] > > and changed with this > > db = eval(request.vars.db or "db") > table=db[tablename] > > On 8 jul, 07:34, AsmanCom <d.as...@web.de> wrote: > > > Hi, > > > in the editable jqgrid plugin from ebansoftware you can symply pass > > the db_name as string: > > invoice=plugin_editable_jqgrid(db_invoice.invoice,grid_name='invoice',db_name='db_invoice')) > > > I think this is very useful, I am trying to port this functionality to > > your plugin, but without success right now. > > > Would you further take a look at this? > > > THX > > > Dieter Asman > > > On Jul 7, 1:51 pm, mdipierro <mdipie...@cs.depaul.edu> wrote: > > > > The plugin would need to define a list of possible database and pass > > > an index (pointing to an element in the list) during the ajax > > > callback. > > > > It seems an un-necessary complication to be implemented in general. > > > > Massimo > > > > On 6 Lug, 11:59, AsmanCom <d.as...@web.de> wrote: > > > > > Could you advise me a Workaround for that? > > > > > THX > > > > > Dieter Asman > > > > > On 6 Jul., 18:16, mdipierro <mdipie...@cs.depaul.edu> wrote: > > > > > > I see there is a problem. There is no mechanism to pass the database > > > > > via ajax at this time. > > > > > > On 6 Lug, 10:39, AsmanCom <d.as...@web.de> wrote: > > > > > > > Hi, > > > > > > > i´ve tried it, but it won´t work. > > > > > > > Installed the new Version from > > > > > > ->http://www.web2py.com/plugins/default/jqgrid > > > > > > > controller-> > > > > > > > defjqgrid(): > > > > > > return dict(grid=plugin_jqgrid(db_1.maingrid)) > > > > > > > model-> > > > > > > > db_1 = DAL("sqlite://db1.db") > > > > > > > db_1.define_table('maingrid', > > > > > > Field('field1', 'string'), > > > > > > Field('field2', 'string'), > > > > > > Field('field3', 'string'), > > > > > > Field('field4', 'string'), > > > > > > Field('field5', 'string')) > > > > > > > The colnames are right, but the Grid is empty. > > > > > > > Do you know how I can get this to work? > > > > > > > THX > > > > > > > Dieter Asman > > > > > > > On 5 Jul., 14:00, mdipierro <mdipie...@cs.depaul.edu> wrote: > > > > > > > > I have fixed it an uploaded. Please give it a try. > > > > > > > > On 5 Lug, 04:07, AsmanCom <d.as...@web.de> wrote: > > > > > > > > > I´ve elready tried to change the controller/plugin_jqgrid.py, by > > > > > > > > replacing > > > > > > > > > table=db[tablename] > > > > > > > > if request.vars.fieldname: > > > > > > > > dbset = > > > > > > > >db(table[request.vars.fieldname]==request.vars.fieldvalue) > > > > > > > > else: > > > > > > > > dbset =db(table.id>0) > > > > > > > > > with: > > > > > > > > > table=db_1[tablename] > > > > > > > > if request.vars.fieldname: > > > > > > > > dbset = > > > > > > > > db_1(table[request.vars.fieldname]==request.vars.fieldvalue) > > > > > > > > else: > > > > > > > > dbset = db_1(table.id>0) > > > > > > > > > But without success. > > > > > > > > > THX > > > > > > > > > On Jul 5, 11:00 am, AsmanCom <d.as...@web.de> wrote: > > > > > > > > > > Hi, > > > > > > > > > > I try to get theJQGridPlugin > > > > > > > > > (http://www.web2py.com/plugins/default/ > > > > > > > > >jqgrid) to work with multiple Databases. > > > > > > > > > > Like this: > > > > > > > > > > db_1 = DAL("sqlite://db1.db") > > > > > > > > > db_2 = DAL("sqlite://db2.db") > > > > > > > > > db_3 = DAL("sqlite://db3.db") > > > > > > > > > >plugin_jqgrid(db_1.shout) > > > > > > > > > > But the Grid is empty. > > > > > > > > > > If I do it like that, it works: > > > > > > > > > >db= DAL("sqlite://db1.db") > > > > > > > > > >plugin_jqgrid(db.shout) > > > > > > > > > > How to change the plugin to work with multiple Databases? > > > > > > > > > > P.S if I put "db=db_1" in the model/plugin_jqgrid.py it works > > > > > > > > > but only > > > > > > > > > for 1DB. > > > > > > > > > > Can anyone help? > > > > > > > > > > THX
