On Fri, Mar 23, 2012 at 9:18 AM, <django-users@googlegroups.com> wrote:
> Today's Topic Summary > > Group: http://groups.google.com/group/django-users/topics > > - Is it secure to have IDs show up in > URLs?<#1363fb5b1f3e4a26_group_thread_0>[9 Updates] > - Using _set.all in template when ForiegnKey is linked to > Self<#1363fb5b1f3e4a26_group_thread_1>[2 Updates] > - Broken INTERNAL link error emails on flat > pages.<#1363fb5b1f3e4a26_group_thread_2>[1 Update] > - Loading Of Tweets <#1363fb5b1f3e4a26_group_thread_3> [1 Update] > - Automatic indexes on foreign keys <#1363fb5b1f3e4a26_group_thread_4>[1 > Update] > - filtered admin change-list <#1363fb5b1f3e4a26_group_thread_5> [2 > Updates] > - ModelForms <#1363fb5b1f3e4a26_group_thread_6> [2 Updates] > - Preventing JOIN while checking if a self referencing FK is > null<#1363fb5b1f3e4a26_group_thread_7>[1 Update] > - implement form for listfield <#1363fb5b1f3e4a26_group_thread_8> [1 > Update] > - Django-1.4c2 logging issue on Snow > Leopard<#1363fb5b1f3e4a26_group_thread_9>[1 Update] > - Autofill dropdown with django <#1363fb5b1f3e4a26_group_thread_10> [3 > Updates] > - [1.4c2] The storage backend of the staticfiles finder doesn't have a > valid location. <#1363fb5b1f3e4a26_group_thread_11> [1 Update] > - Weird stacktrace coming from manage.py > test<#1363fb5b1f3e4a26_group_thread_12>[1 Update] > - Is there a place for new Django specialized > hosting?<#1363fb5b1f3e4a26_group_thread_13>[1 Update] > > Is it secure to have IDs show up in > URLs?<http://groups.google.com/group/django-users/t/715e8a4598fc1fba> > > Bastien <bastien.roche...@gmail.com> Mar 23 04:06AM -0700 > > I am concerned about seeing the IDs of objects appearing in the URL > and in > a totally predictable manner. It is very convenient and clean to do > all > sorts of things but can be abused very easily to ...more > > > Vovk Donets <donets.vladi...@gmail.com> Mar 23 05:11PM +0600 > > Hello, why not use _slug_ then?? You can show in URLs whatever you > want. > > 2012/3/23 Bastien <bastien.roche...@gmail.com> > > > -- > *Vovk Donets* > python developer > ...more > > > Bastian Ballmann <bastian.ballm...@notch-interactive.com> Mar 23 > 12:17PM +0100 > > Hi Bastien, > > it's the task of the backend to manage the authorization including > users and permissions. > > If the view and permission system allows all users to see everything > and you dont want it ...more > > > Bastien <bastien.roche...@gmail.com> Mar 23 04:38AM -0700 > > Sorry maybe my post was not very clear, I am talking about public > content > here, that should be accessed by anyone, even anonymous users not > logged in. > For instance if we talk about photos, publicly ...more > > > Brett Parker <idu...@sommitrealweird.co.uk> Mar 23 12:00PM > > On 23 Mar 04:38, Bastien wrote: > > security by obscurity here, just want to know what people in the > group > > think about it and what solutions can be implemented, or if it is > relevant > > at all. > ...more > > > Tom Evans <tevans...@googlemail.com> Mar 23 12:01PM > > > > The idea of slug could do the trick, but wouldn't it require some > sort of > > date or title or a combination of both in the url? Not the most > convenient > > in this case. > > If you are concerned ...more > > > Tom Evans <tevans...@googlemail.com> Mar 23 12:04PM > > On Fri, Mar 23, 2012 at 12:00 PM, Brett Parker > > > Cheers, > > -- > > Brett Parker > > You might have a page with links to '/photos/1' and '/photos/2'. You > don't want someone to try to download all the ...more > > > Brett Parker <idu...@sommitrealweird.co.uk> Mar 23 12:11PM > > On 23 Mar 12:04, Tom Evans wrote: > > there may be content at '/photos/3' as well. Using non-predictable > > URIs for resources allows you to control how and when a user is > linked > > to a resource. > ...more > > > Tom Evans <tevans...@googlemail.com> Mar 23 12:48PM > > On Fri, Mar 23, 2012 at 12:11 PM, Brett Parker > > *if* they wanted all the photos, then spidering the site isn't > exactly > > difficult, see wget -m. > > You assume that all the content is indexed on the ...more > > Using _set.all in template when ForiegnKey is linked to > Self<http://groups.google.com/group/django-users/t/50b27a8c77d21aea> > > Daniel Roseman <dan...@roseman.org.uk> Mar 22 02:52PM -0700 > > On Thursday, 22 March 2012 01:12:21 UTC-7, Jam wrote: > > ForeignKey('self') so I am a bit clueless. > > > Thank you all > > Jamie > > You'll need to be a bit more specific. Please show your model, and > ...more > > > Jam <tern...@gmail.com> Mar 23 05:22AM -0700 > > I actually managed to find a way to do this. > > instead of using {% for fieldname_set.all %} I used {% for > RelatedName.all > %} > > That worked perfectly. > > On Thursday, March 22, 2012 11:52:19 PM ...more > > Broken INTERNAL link error emails on flat > pages.<http://groups.google.com/group/django-users/t/33241d11234fa4f4> > > Arek <mail4a...@gmail.com> Mar 23 12:13PM > > This is my first post here so hello everybody. > > when SEND_BROKEN_LINK_EMAILS=True, every time flat page is visited > django-1.3.1 sends emails like this: > > Referrer: http://example.com/ ...more > > Loading Of > Tweets<http://groups.google.com/group/django-users/t/7ecf9e4d47dadb8> > > coded kid <duffleboi...@gmail.com> Mar 23 02:39AM -0700 > > Hi guys, I;ve been facing some problem with loading of tweets in my > django project. The question now is; how can I load users tweets in my > django site. I'm using omab/django social auth to ...more > > Automatic indexes on foreign > keys<http://groups.google.com/group/django-users/t/b4bbfc6279bf4112> > > Aryeh Leib Taurog <v...@aryehleib.com> Mar 23 02:37AM -0700 > > With the following models: > > class Group(models.Model): > group_name = models.CharField(max_length=10, primary_key=True) > > class Item(models.Model): > item_name = ...more > > filtered admin > change-list<http://groups.google.com/group/django-users/t/ecc6c4f0ce9baed7> > > omerd <ome...@gmail.com> Mar 23 02:21AM -0700 > > thank you. I will try it > > ...more > > > Marc Aymerich <glicer...@gmail.com> Mar 23 10:33AM +0100 > > > course, this user doesn't have permissions to view or edit instances > > of other users. > > > What is the best approach to accomplish this? > > take a look at this project: ...more > > ModelForms<http://groups.google.com/group/django-users/t/83d07c9e205867d8> > > hack <scottma...@gmail.com> Mar 22 03:46PM -0700 > > I think I shot myself in the foot using ModelForms to generate all of > my > html forms. Is there any way to use a stylesheet when your forms are > generated from ModelForms? > > I've tried everything ...more > > > Mario Gudelj <mario.gud...@gmail.com> Mar 23 06:10PM +1100 > > It doesn't matter how you generate your form, your CSS should be > applied > from inside the template. You need to add a CSS file link to a > template to > which you're passing the form to inside your ...more > > Preventing JOIN while checking if a self referencing FK is > null<http://groups.google.com/group/django-users/t/85f9e34610fe79c3> > > diafygi <diaf...@gmail.com> Mar 22 04:15PM -0700 > > Is there a reason why editor_id is meant to raise a field error? > > -Daniel > > ...more > > implement form for > listfield<http://groups.google.com/group/django-users/t/c0faba623156e7d0> > > rohit jangid <rohit.nsi...@gmail.com> Mar 23 03:28AM +0530 > > hi, > I'm using mongodb as my database and djangomongodb engine for the orm > layer. > > I have a basic model let say 'A' which I can use in admin module and > objects in db > than > I have another model ...more > > Django-1.4c2 logging issue on Snow > Leopard<http://groups.google.com/group/django-users/t/c8175f4396bba417> > > Jeff Heard <jefferson.r.he...@gmail.com> Mar 22 04:09PM -0400 > > Hi all. I just created a new Django-1.4 project and got this error: > > Traceback (most recent call last): > File "manage.py", line 14, in <module> > execute_manager(settings) > File ...more > > Autofill dropdown with > django<http://groups.google.com/group/django-users/t/38b901d52d7ca1e> > > Karthik Abinav <karthikabin...@gmail.com> Mar 22 11:33PM +0530 > > hey, > > I needed a autocomplete utility in one of my applications and I was > wondering if django provides any such option for that. Basically my > need is > a box where user starts typing some name and ...more > > > Nikhil Verma <varma.nikhi...@gmail.com> Mar 22 11:38PM +0530 > > Hi Abhinav > > If i understand you correctly take a look at django-ajax-select. > Home-page: http://code.google.com/p/django-ajax-selects/ > > This is an autocomplete box which works in the following way ...more > > > Sandro Dutra <hexo...@gmail.com> Mar 22 03:08PM -0300 > > I think it's more Javascript/AJAX than Django, obviously you'll need > to do > a function that uses HttpRequest.is_ajax(), but in the end, the core of > this code is more Javascript/AJAX than Django. > ...more > > [1.4c2] The storage backend of the staticfiles finder doesn't have a > valid > location.<http://groups.google.com/group/django-users/t/7b1641a8e962bfc7> > > Micky Hulse <rgmi...@gmail.com> Mar 22 09:47AM -0700 > > Hi Bill, thanks so much for you pro help and quick reply, I really > appreciate it! :) > > > Just a shot in the dark, but you probably want to leave > DefaultStorageFinder > > commented out ... > ...more > > Weird stacktrace coming from manage.py > test<http://groups.google.com/group/django-users/t/ae770c69a251dd7b> > > Jeff Heard <jefferson.r.he...@gmail.com> Mar 22 12:34PM -0400 > > Has anyone seen this before? Am I missing something? This hasn't even > gotten to my code yet. I'm using this in my settings.py: > > TEST_RUNNER = 'django.contrib.gis.tests.GeoDjangoTestSuiteRunner' > ...more > > Is there a place for new Django specialized > hosting?<http://groups.google.com/group/django-users/t/a82518dc04a03272> > > shacker <shac...@birdhouse.org> Mar 22 07:52AM -0700 > > Agreed - hosting of any kind is a tough business these days - it's > become > so commoditized that prices are rock bottom and customer expectations > extremely high. And there are tons of ...more > > You received this message because you are subscribed to the Google Group > django-users. > You can post via email <django-users@googlegroups.com>. > To unsubscribe from this group, > send<django-users+unsubscr...@googlegroups.com>an empty message. > For more options, > visit<http://groups.google.com/group/django-users/topics>this group. > > -- > You received this message because you are subscribed to the Google Groups > "Django users" group. > To post to this group, send email to django-users@googlegroups.com. > To unsubscribe from this group, send email to > django-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/django-users?hl=en. > -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
