ANN: dmigrations, a new migrations system for Django
dmigrations is a new tool for managing changes to a Django database, developed internally at Global Radio and designed to work well with a medium-large (14 member) team of developers. We've been using it in production for a few months, and were recently given the go-ahead to open source it. I've written more about the release here: http://simonwillison.net/2008/Sep/3/dmigrations/ The project (including documentation and a tutorial) is here: http://code.google.com/p/dmigrations/ I'll be discussing the project on the schema migration panel at DjangoCon this weekend. Cheers, Simon Willison --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: Restrict users to their own data
On Sep 11, 5:23 pm, Glimps <[EMAIL PROTECTED]> wrote: > I would like to restrict users to the data they can see/modify/ > delete on a table. I have a Reservation table that holds reservations > for multiple banners of Restaurant chain. I don't want the user from > franchiseX to be able to see/confirm reservations from franchiseY. > > Since all the add/edit/delete is made with the admin interface (Django > 1.0) I went and search for something I could override in the > ModelAdmin class. No success. Take another look at ModelAdmin - the methods you want to over-ride are queryset(request) which returns the QuerySet used to create the "change list" view and has_add_permission(request), has_change_permission(request, obj) and has_delete_permission(request, obj). You can over-ride those methods on your ModelAdmin subclass to implement your permissions logic. Your code will end up looking something like this: class ReservationAdmin(admin.ModelAdmin): def queryset(self, request): return super(ReservationAdmin, self).filter(user = request.user) def has_change_permission(self, request, obj=None): if not obj: return False return obj.user == request.user def has_delete_permission(self, ...) # similar Cheers, Simon --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: Displaying ManyToMany relations in Admin
On Sep 19, 10:24 am, "Nick Sandford" <[EMAIL PROTECTED]> wrote: > Is there some kind of limit the admin imposes on the number of items > it will show in a or the horizontal filter list? If so, can I > change it? Also, is there any better way to do this? raw_id_fields is the admin option you need: http://docs.djangoproject.com/en/dev/ref/contrib/admin/#raw-id-fields In Django prior to Django 1.0 this was the 'raw_id_admin=True' option on a ForeignKey. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: Serving large files through HttpResponse
On Aug 20, 1:12 pm, Ceph <[EMAIL PROTECTED]> wrote: > The only other option I see to serving large files securely is > trickery using dynamically created sym links to the true static file > and then redirecting the user to those URLs and letting Apache serve > them. This isn't as secure, though, and permits multiple downloads > without them being recorded in my Django apps. Lighttpd and nginx both have a clever way of dealing with this problem. You can store the real file somewhere that is readable by the web server but NOT exposed as a public URL. Then your Django application can (having authenticated the request) respond with a magical header which tells the nginx/lighttpd server to serve up the file from that location. Here's how to do it with nginx: http://wiki.codemongers.com/NginxXSendfile If your app is all about serving large files, it may well be worth putting it behind an nginx proxy purely to gain access to this feature. nginx is a really neat reverse proxy - I run simonwillison.net as nginx proxying through to mod_python/Apache for the dynamic pages and it's been working great for months. Hope that helps, Simon --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: Basic Form Design Question: Pulling as much as possible from models
On Jan 7, 5:07 pm, Wes Winham <[EMAIL PROTECTED]> wrote: > http://www.pointy-stick.com/blog/2008/01/06/django-tip-complex-forms/ > > A shiny solution to the problem with code and the reasoning behind it. > Simon Willison is awesome. It's Malcolm that's awesome, I just link to his stuff! Cheers, Simon --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Job: Django developer in central London
Hi all, I'm consulting with GCap Media, who are looking to hire Django developers to work in central London. They've got a bunch of really interesting projects lined up and are building an excellent team. The job description is here: http://djangogigs.com/gigs/54/ If you have any questions about either the job or GCap feel free to contact me directly (don't reply to the whole list). Cheers, Simon Willison --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: Context processor a bit too helpful
On Jan 8, 6:47 am, Michael Hipp <[EMAIL PROTECTED]> wrote:
> Learning about context processors, I have one like this:
>
> def bold_word(request):
> html = "A bold word."
> return {'bold_word': html,}
>
> I expected a *bold* word to show up in the browser, but instead here's
> what is sent:
>
>A bold word.
>
> So the angle brackets show up (literally) in the browser.
>
> How do I say "no thanks" to this helpfulness so my html can to thru?
You can mark the string as "safe" in your context processor:
from django.utils.safestring import mark_safe
def bold_word(request):
html = mark_safe("A bold word.")
return {'bold_word': html,}
Cheers,
Simon
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---
Re: considering django for The Freesound Project, some (de)constructive critisism
On Jan 21, 4:22 pm, Bram - Smartelectronix <[EMAIL PROTECTED]> wrote: > 2. file uploads are the most vital part of freesound. While I have used > tramline successfully with splice, it still feels like a relatively ugly > solution to me (especially as you need to patch mod_python in order for > it to work). As far as I know streaming file uploads have been on the > todo for more than a year. Some load balancers (include the ability to handle streaming file uploads for you. Essentially, the load balancer can intercept the file upload and write it to disk as it slowly comes in, then splurge it all through to the application running behind it at once when the whole file is available to the load balancer. I'm pretty sure Perlbal has this ability. Would this solve your file upload problem, or is there something else that I'm missing? Cheers, Simon Willison --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: Queryset-refactor branch has been merged into trunk
On Apr 27, 8:48 am, Thierry <[EMAIL PROTECTED]> wrote: > What's the current opinion about integrating sql alchemy into the > backend of django's ORM? There's an active project to do exactly that hosted here: http://gitorious.org/projects/django-sqlalchemy/ Some of the features in queryset-refactor are designed to make this kind of thing easier, but it's still a major undertaking. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: sql_queries does not include all the sql statements
On Apr 29, 9:31 am, leopay <[EMAIL PROTECTED]> wrote:
> oh,sorry ,I made a mistake,it is Entry.objects.all()[0:1]
> I means when I write like this Entry.objects.all()[0:1],I cannot find the
> this raw sql like 'select col_name from entry_table limit 1' in
> sql_queries,but if I write like this Entry.objects.all()[0],I could the sql
> in sql_queries when use django.core.context_processors.debug
This is due to the way QuerySets are lazily evaluated. A QuerySet will
not result in the execution of SQL until the last possible moment. You
can experiment with this in ./manage.py shell:
>>> from django.db import connection
>>> a = models.Question.objects.all()
>>> connection.queries
[]
>>> print a
[]
>>> connection.queries
[{'sql': u'SELECT `blah_question`.`id`,`blah_question`.`question` FROM
`blah_question`',
'time': '0.001'}]
In the above case, the SQL was not executed until the queryset was
printed (which requires the database results).
In your case though:
>>> from django.db import connection
>>> a = models.Question.objects.all()[0]
>>> connection.queries
[{'sql': u'SELECT `blah_question`.`id`,`blah_question`.`question` FROM
`blah_question` LIMIT 1 ',
'time': '0.001'}]
Accessing [0] on the QuerySet forces it to be executed, so the SQL
query has to be run.
Using the slice [0:1] does NOT cause the query to be run straight
away; instead, it adds limit and potentially offset clauses to the SQL
statement that is being prepared by the QuerySet.
Hope that clears things up,
Simon
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---
Re: need to use both django 0.96 and django trunk for work
On Apr 29, 10:03 pm, berthor <[EMAIL PROTECTED]> wrote: > I was told by my boss that I would be using both django 0.96 and > django trunk on 2 separate projects. Now I'm not sure how to go about > doing this, as I have been working with only django 0.96 before. I've > downloaded the trunk version on my desktop, and have tar file of 0.96 > also on my desktop. > > My boss told me to install them both, and have a different python path > set up depending on which project I am working on. Your boss is right: that should work just fine. Install each version of Django in a different location, then set the Python path differently for each project. In development one way of doing this is with an environment variable before you call manage.py: $ PYTHONPATH=/home/django/django-0.96/ python manage.py runserver Then in production you can set the Python path using a mod_python directive. Alternatively, you could hack your manage.py script to modify the Python path at the top of the script file: import sys sys.path.insert(0, '/home/django/django-0.96/') Finally, you could look in to using virtualenv to set up different Python environments (with different stuff installed on the python path) on the same machine: http://pypi.python.org/pypi/virtualenv Cheers, Simon --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Some Django debugging tips
Hi all, I've written up a bunch of techniques for debugging Django applications: http://simonwillison.net/2008/May/22/debugging/ I'm collecting more tips in the comments. Cheers, Simon --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Implementing OpenID in your Django app
Hi all, I've just released the first version of an OpenID consumer package for Django. The idea is to make it ridiculously easy to add OpenID consumer support to any Django application - and hence allow users of OpenID to sign in without having to set up a new username and password. http://code.google.com/p/django-openid/ Documentation here: http://django-openid.googlecode.com/svn/trunk/openid.html If you don't know what OpenID is, my screencast might help: http://simonwillison.net/2006/openid-screencast/ This is the first releasable version so I'm really keen on feedback, both concerning the API and features that would make useful additions. My plan for the next version is to include tools for associating OpenIDs with Django user accounts. Cheers, Simon --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: Newforms and Hidden Fields - verifying POST data
On Apr 23, 5:04 pm, Tipan <[EMAIL PROTECTED]> wrote:
> I'm seeking advice on how to ensure my form data in hidden fields is
> the same after the user has posted the form.
Sign it. The easiest way to do this would be something like this:
1. Throw all of the data you want to persist in a pickle, then base64
it for good measure:
pickled = pickle.dumps(my_data).encode('base64')
2. Use your secret key to calculate an MD5 signature:
signature = md5.new(SECRET_KEY + pickled).hexdigest()
3. Serve up the pickled data AND the signature as hidden fields.
Then when the user submits the form again, you can check that they
haven't tampered with the data by doing this:
pickled = request.POST.get('pickled', '')
signature = request.POST.get('signature', '')
if pickled:
if signature != md5.new(SECRET_KEY + pickled).hexdigest():
raise NastyError, "You tampered with my data!"
else:
my_data = pickle.loads(pickled.decode('base64'))
The same technique can be used in lots of other places - cookies for
example. The only way the user can tamper with the data you have sent
them is if they know your SECRET_KEY.
Hope that helps,
Simon Willison
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---
Re: browser detection middleware
On May 22, 9:38 am, omat <[EMAIL PROTECTED]> wrote: > Is it a good idea to use a middleware class to detect the browser > client looking at the HTTP_USER_AGENT so as to serve presentation > logic accordingly, for mobile devices or older browsers, etc...? I would advise against this because it won't play well with caching proxies in between you and the client. If an intermediate proxy caches your page for Internet Explorer and serves it up to a client running Firefox stuff will break in very mysterious ways. You can work around this with the HTTP Vary header, but many proxies are notoriously badly written so I'm not sure that I'd trust it. Much better to serve up a standards compliant site for Firefox/Safari/Opera and have a single stylsheet included using conditional comments for any specific IE fixes. Cheers, Simon --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: Very large scale sites in Django
On May 31, 5:30 pm, Daniel Ellison <[EMAIL PROTECTED]> wrote: > A quick glance at the memcached site says that it's used on LiveJournal, which > gets over 20,000,000 page requests per day. Excellent. Not quite at our > traffic level, but not too shabby. :) Memcached is pretty much the industry standard now for caching on high traffic sites, at least those that use the LAMP stack. Flickr and Wikipedia both use it, but the highest traffic install at the moment is probably Facebook who are running 200+ memcache servers each with 16GB of RAM. http://thread.gmane.org/gmane.comp.web.cache.memcached/3212 If your site is almost all reads memcache should work like a dream. Django's caching framework (which can use memcache on the backend) should cover you nicely. If you haven't read it already, I'd strongly suggest getting a copy of Cal Henderson's book "Building Scalable Websites", which covers a ton of lessons he learnt scaling Flickr. Best book on the subject I've seen. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: Using a signal to update a counter cache??
On Nov 30, 4:48 pm, "Tane Piper" <[EMAIL PROTECTED]> wrote: > As you can see in the Branch model, there is a field called num_leafs > - I've been reading the signals documentation and had a look on the > web, but I'm still having difficulty getting my head around it. What > I want to do is when a leaf is saved, on the post_save signal I want > to increment the parent branch's num_leafs field so it contains total > number of content leafs for that branch (as a counter cache). This exact example was covered in the Advanced Django Tutorial at OSCON this year (in the unit testing section) - you may find the slides from the tutorial useful: http://toys.jacobian.org/presentations/2007/oscon/tutorial/ Cheers, Simon --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: pure-HTTP deployment?
Jacob Kaplan-Moss wrote: On 12/20/06 2:23 PM, Chad Whitacre wrote: > I'm interested in deploying Django as a pure-Python HTTP daemon, much > like Zope and CherryPy are deployed. Is this done at all w/ Django? I'm pretty sure that's how Simon is serving his new site -- see http://simonwillison.net/2006/Dec/20/nginx/#comments. Simon, if you're reading this, want to chime in? This is a long term point of frustration for me. I /was/ using CherryPy - for all of 8 hours - but it just didn't seem stable enough. What I really want is a pure-Python server that can serve up a WSGI application and doesn't need to be baby-sat. For whatever reason, CherryPy was giving me "bad gateway" errors to my nginx front-end. I could have set up something like supervisord, daemontools or monit to monitor and automatically restart it but I'd rather avoid the administration overhead. So, I'm now serving simonwillison.net using a stripped down mod_python/Apache server (mod_python is pretty much the only module loaded) that's sat behind nginx, which is configured to serve up my static files and proxy the dynamic requests through to Apache. I'm using Apache as a python application server basically because I can rely on it staying up. It's been working great so far. nginx is fantastic as a front-end static file server / proxy / load-balancer (when I was running CherryPy I had two CherryPys load-balanced by nginx). Well worth checking out. One alternative I haven't explored fully yet is fastcgi, in particular the fastcgi variant which is managed by the web server (so you don't have to manage the fastcgi processes yourself). So... if anyone knows of (or wants to write) a robust pure-python WSGI server that comes with tools for properly managing it as a daemon, I'm all ears. Until then, I'll probably stick with mod_python/Apache. Cheers, Simon --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: pure-HTTP deployment?
Chad Whitacre wrote: Simon, Well, after that I have to tip my hand. :^) I've started such a project, called Aspen: http://www.zetadev.com/software/aspen/ I've got a bit of a philosophical problem with Aspen - the fact that it supports "five different development patterns". I'm interested in one and one-only: the ability to serve a WSGI application. All the other stuff that Aspen does is neat, but could be done instead using WSGI middleware. If Aspen was architected as a simple just-serves-up-WSGI-robustly server and an optional set of middleware for the five different patterns it would be a much more attractive option to me. The catch is that it's got the CherryPy module at its core, so I'm interested to hear more about the problems you had with that. Did the process die? Did it spin? What exactly did your glue code look like? I wish I could give a more detailed answer, but I was asleep for most of the time I was running CherryPy! Since my site was throwing "bad gateway" errors I didn't spend much (any) time trying to figure out what was wrong - I just threw mod_python/Apache back in there as quickly as possible. This could well be a case of user error - you certainly shouldn't be put off running CherryPy through its paces. The process monitoring thing is a really big issue for me though. I want tools which have the ability to recover from errors built-in as much as possible. Process monitoring software is generally a royal pain to set up - take a look at this tutorial: http://pylonshq.com/project/pylonshq/wiki/DaemonTools It's certainly not impossible to do, but if I can avoid all of that sysadmin work then all the better. As an aside, I've just started using monit for process monitoring and it's been by far the least hassle to set up of all the options I looked at. It's still not perfect but it's a pretty nice tool - I'm using it to watch over nginx, mysql and apache at the moment: http://www.tildeslash.com/monit/ I'm genuinely extremely interested in finding a robust pure-Python application server that I can use for Django stuff - but at the moment my priority is keeping my site up. Python needs an answer to Mongrel! --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: pure-HTTP deployment?
Jacob Kaplan-Moss wrote: A number of people have made this same assertion, and I'm a bit curious about it. Is there a reason that using Apache/mod_python as the app server and nginx/perlbal as a distributor is somehow less effective than a pure-Python solution? I'm interested in this for a couple of reasons. Firstly, it's less bits of software - if we could tell people "Install Django, install Reinhardt[1], run a couple of instances of Reinhardt on high ports and point nginx / perlbal / your load-balancer of choice at it" we'd have a really nice story for deployment; the Rails guys have this right now with Mongrel. Talking people through configuring mod_python is one more step where they can get stuck. Secondly, a reliable stand-alone Python web server would be a fantastic thing to have for low traffic applications and intranets. Loads of web development takes place behind the firewall after all - Guido has stated that Mondrian runs on a pure Python web server (the wsgiutils one) and handles a couple of thousand users just fine. The bigger vision is this: it's clear to me that application servers configured behind a fast reverse proxy is the Right Way to build websites. Imagine if you could trivially set up something like this: example.com/blog/ -> proxies to WordPress, running on PHP somewhere example.com/drag-n-drop-shopping-cart/ -> proxies to a Rails app example.com/sudoku/ -> proxies to a Django app example.com/catwalk/ -> proxies to a TurboGears app Etc. Sure, you can do this today with some careful setup, but having a good pure-Python web server that you can just start and then leave alone would make deploying micro-apps a heck of a lot easier. Check this out: http://www.hackdiary.com/archives/99.html . Matt Biddulph wrote a tiny-app in Camping (a Rails micro-framework), set it running under Mongrel, pointed a reverse proxy at it and released it to the world. If he builds something else it can have its own Mongrel. That's the ease of configuration and setup I'm interested in. Cheers, Simon --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: serving multiple hosts from a single django instance ?
Sort of. I've achieved this in the past with a bit of ugliness - basically, I pointed everything at the same view and wrote my own code within it that dispatched based on the hostname. There's an open proposal at the moment to make the url dispatching logic a view function itself (a view that dispatches to other views). If that was the case then you could write your own master-view that dispatched to multiple urlconf-views based on the host header. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: pure-HTTP deployment?
Simon Willison wrote: I'm interested in this for a couple of reasons. Firstly, it's less bits of software - if we could tell people "Install Django, install Reinhardt[1]... That [1] was meant to be accompanied with a footnote saying that Reinhardt would be an awesome name for a robust pure-python application server. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: pure-HTTP deployment?
Sylvain Hellegouarch wrote: I'd be interested to know which version of CP Simon was running. CP3 is way more stable, efficient and comprehensive that CP2 (and its WSGI server is like ten steps ahead). __version__ = '3.0.0beta2' I'm really interested as to what kind of failures can be expected from CherryPy. Two that I were getting were "bad gateway" (actually an nginx error message, caused through some sort of error in connecting to the server) and occasionally a CherryPy formatted error message saying something along the lines of "CherryPy server is stopped". --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: Ajax support, there is no need for reinventing the wheel
On 5 Jun 2006, at 02:31, Scott Anderson wrote:
> You have to make sure to trap both successes and failures in the
> Javascript code -- I don't know how mochikit does that, but with
> prototype you need to specify an onFailure hook to get errors.
MochiKit models its async stuff on Twisted deferreds - which means
MochiKit callbacks end up looking like this:
var d = loadJSONDoc("example.json");
d.addCallback(gotDocument);
d.addErrback(logError);
You can also 'chain' callbacks and errbacks, which lets you do some
really interesting things.
Cheers,
Simon
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/django-users
-~--~~~~--~~--~--~---
Re: Serious Noobie question, what the $ for in urlpatterns.
On 6 Jun 2006, at 03:26, John M wrote: > how does that differ from > > (r'^polls/'), > (r'^polls/(\d+)/$') > > Note the $ is missing from the first line of the second example. > > When you don't have a $ in the polls/ setup, it doesn't scan down to > the other entries. > > Since I'm so new to python and web stuff, was wondering if anyone > could > explain this. Those strings are Python regular expressions. The dollar sign at the end means "match the end of the string". The regular expressions are tried against the URL that has been entered in order. '^polls/' without a $ will match any URL that starts with the string 'polls/', thus terminating the lookup at that point. If you include the dollar, strings that start with polls/ but continue after the / will no longer match that particular pattern. Hope that helps, Simon --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users -~--~~~~--~~--~--~---
Re: Site testing How-To
On 7 Jun 2006, at 02:42, Todd O'Bryan wrote: > Does anybody have a best practice (or not-too-annoying practice) for > testing? > > I think I'll use Selenium to test my site, but how should I change to > a test database, populate the test database, etc.? This is an area where Django can learn a huge amount from Ruby on Rails - they've solved a whole lot of the pain points with regards to testing against a database driven app. The two features that would be most relevant here are fixtures and a testing environment. Rails lets you configure a separate database for testing (in fact you can have one for development, one for testing and one for deployment) - unit tests automatically run against the test DB. Fixtures are YAML files containing default data which is loaded in to your test DB at the start of every test and reset afterwards. I'm not overjoyed with YAML for this (it's a little verbose) but it does the job and is very friendly to human editing, which is exactly why they picked it. A neat trick for Django would be a command line tool that can dump an existing database in to fixture format - YAML or JSON or even serialized Python objects. This could serve a dual purpose - at the moment migrating Django application data from, for example, postgres to mysql requires custom hacking (even though django.db lets you interchange databases themselves with ease). Having a database- neutral backup/dump format would provide a tool for doing exactly that. For the moment Django's model tests demonstrate a reasonably way of doing this stuff, but they aren't first class citizens of the Django environment - you have to do a bit of leg work to get that kind of thing set up for your own project. Fixing this would be another feather in Django's cap. Cheers, Simon --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users -~--~~~~--~~--~--~---
Re: Site testing How-To
On 7 Jun 2006, at 05:33, Joseph Kocherhans wrote: > I think you want tocreate something like testsettings.py, and in that > file do something like: > > from myproject.settings import * > > then override the specific settings you want. It won't work with > manage.py, but your tests should be able to just set the > DJANGO_SETTINGS_MODULE env variable to use the myproject.testsettings > module. You can also use the ./manage.py --settings=myproject.testsettings command-line flag if you don't want to mess around with your environment variables. Cheers, Simon --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users -~--~~~~--~~--~--~---
Re: Global Escape
On 9 Jun 2006, at 14:03, Spock wrote: > I've application where most of data is fetched from database. > Those data are inserted by people without "trust", so in every > template > > I'm using |escape filter ...so a question is : > > Is there is some method to enable global escape filter ? :) I've been thinking about this recently, and I've come to the conclusion that we might have missed a trick by not making ALL replacement variables escaped by default (and including a var|raw filter for the times when you don't want stuff to be escaped). It's probably too late to change this now though. One solution is to write your own custom Context class and use that. The following code is unteste: from django.template.context import Context from django.utils.html import escape class EscapedContext(Context): def __getitem__(self, key): value = super(Context, self)[key] return escape(value) You would also need to add your own 'unescape' custom template filter that reverses the effects of escape for cases where you needed to do that. Maybe unescape would be a useful addition to the default set of template tags... Cheers, Simon --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users -~--~~~~--~~--~--~---
Re: Mod_python and Django - PROBLEM
On 10 Jun 2006, at 10:02, PythonistL wrote: > ImproperlyConfigured: Could not load database backend: No module named > _mysql. Is your DATABASE_ENGINE setting (currently, 'mysql') spelled > correctly? Available options are: 'ado_mssql', 'mysql', 'postgresql', > 'sqlite3' > > > but from Python shell it works OK. Are you sure mod_python and the python shell you are running are using the same version of Python? It's possible that one of them is using Python 2.2 and the other Python 2.3 (for example), in which case they wouldn't be sharing the same site-packages directories. Cheers, Simon --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users -~--~~~~--~~--~--~---
Re: how to integrate kid template with django
On 14 Jun 2006, at 12:52, Roger Sun wrote: > I don't like the django templates, can i use kid ? > if can, how can i do then? Yes you can. Here's an example: from django.http import HttpResponse import kid def index(request): # Set up any variables you might want to use template = kid.Template( file='/path/to/template.kid', foo='Bar', baz='bling' ) return HttpResponse(template.serialize()) That's it! Django is designed to completely decouple HTML generation etc from the views, so it's very easy to use whatever method you want to generate the content to be sent back in the HttpResponse. Hope that helps, Simon --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users -~--~~~~--~~--~--~---
Re: OT: dynamically generated files?
On 22 Jun 2006, at 21:33, Scott Finnie wrote: > My proposed solution is to insert the session id into the filename > (since, for a given session, there can only be one image used at any > given time). That should work but will need a cleanup job to clear > the > temp dir periodically. > > So I'm wondering, is there another / preferred / recommended way to > do this? Putting in the session ID sounds a bit risky as it increases the chance that the session ID might be exposed to a third party. I'd just assign a name based on an MD5 hash of the session ID and the current time (or something like that). --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users -~--~~~~--~~--~--~---
Re: Repetitive background tasks
On 26 Jun 2006, at 19:07, Harish Mallipeddi wrote: > I'm wondering if someone could advise me on how to do certain periodic > background tasks with django? For instance, if I needed to retrieve a > list of RSS feeds daily to check for updates how would I do that? > > Is there a way to do this by resorting to a solution within the django > framework and not some OS-level solution like cron jobs on Linux? I'm > developing on Windows and would love it if the solution is Ah. I've always done this kind of stuff with cron - that's certainly the gold standard for this kind of problem on Linux/Unix and something that's well supported by Django (since Python scripts can import and use Django models). Hopefully someone who has actually solved this will chip in, but from scanning around the web it seems that the equivalent in the Windows world is "Scheduled Tasks". There's a thread here that might be useful to you: http://weblogs.asp.net/pmarcucci/archive/2003/10/20/32662.aspx Cheers, Simon --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users -~--~~~~--~~--~--~---
Re: Adding search functionality
On 27 Jun 2006, at 08:53, Kristoffer wrote: > I can import Q with "from django.core.meta import Q", but I can't find > QuerySet. Did it exist in version 0.91? No. QuerySet is part of the vastly superior magic-removal ORM, which was introduced in Django 0.9.5. There are instructions on upgrading from 0.9.1 here: http://code.djangoproject.com/wiki/RemovingTheMagic Cheers, Simon --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users -~--~~~~--~~--~--~---
Re: Request_Response Problem
On 28 Jun 2006, at 02:21, HoLin wrote:
> ?type_encode=0&domain=python&root=.cn&root=.com&root=.net
>
> using request.REQUEST.get("root") can only get the last value *.net*
> how can I get the right value of root?
request.GET.getlist('root') will get you back a list of all of the
root= values.
This is one of my favourite features of Django's request handling.
PHP only ever gives you back the last value (unless you use root[]
=blah&root[]=blah2 which is a bit weird). Python's cgi module ALWAYS
gives you back a list, even though 99% of the time you only want one
value. With Django, we decided to make the common case (a single
value) act like a dictionary, but provided an explicit mechanism for
accessing lists of values. You can rely on the fact that request.GET
[key] will only ever return a single string, while request.GET.getlist
(key) will always return a list of strings (or an empty list).
Cheers,
Simon
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/django-users
-~--~~~~--~~--~--~---
Re: ImportError: No module named django
On 28 Jun 2006, at 14:39, Craig Marshall wrote: > I can run python interactively and type "import django" and get no > errors, but when I go into our project directory and run "./manage.py > syncdb", I get this error: > > ImportError: No module named django > > I'm running Python 2.4.3 in case that matters - any ideas? It sounds like you might have two versions of Python installed. You should confirm that the shebang line in ./manage.py is for the right version. Alternatively, running 'python manage.py syncdb' should work. Cheers, Simon --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users -~--~~~~--~~--~--~---
Re: Store and retrieve template code from database
On 5 Jul 2006, at 14:32, plungerman wrote: > i would like to store django template code in a database and retrieve > it for display. The Django template system was originally designed with this exact use-case in mind - we made sure that there was flexibility as to where the templates were loaded from so that if we ever wanted to put them in a database we could do exactly that. You'll need to write a custom template loader that pulls templates from a database table instead of the file system. How you write custom loaders isn't yet documented ( http://www.djangoproject.com/ documentation/templates_python/#loader-types is the closest the documentation gets) but it should be pretty simple - you'll need to model it on the code in django/template/loaders/ . A template loader is basically just a module with a function fitting the following signature: def load_template_source(template_name, template_dirs=None): ... Hope that helps, Simon --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users -~--~~~~--~~--~--~---
Re: book recommendations?
On 10 Jul 2006, at 06:42, arthur debert wrote: > also, simon willison's javascript introduction is excellent: > > http://flickr.com/photos/simon/sets/72057594077197868/ There's a better version of it up on the Mozilla Developer wiki now - other people have been fixing all the bugs :) http://developer.mozilla.org/en/docs/A_re-introduction_to_JavaScript Cheers, Simon --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users -~--~~~~--~~--~--~---
Re: debugging xmlhttprequest POST's is a PAIN! Need help.
On 14 Jul 2006, at 18:34, Scott Chapman wrote: > It's in an xmlhttprequest call so I never get to see the blow up, > and it's a > form POST so I can't simply call it with some command line parms in > the > browser to see it - so I'm flying blind a bit. Get yourself Firefox and the LiveHTTPHeaders extension - it's perfect for debugging this kind of thing: http://livehttpheaders.mozdev.org/ Cheers, Simon --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users -~--~~~~--~~--~--~---
Re: Related tags query, many-to-many double join
On 19 Jul 2006, at 13:50, Maciej Bliziński wrote: > is it possible to make the same thing without writing custom SQL code? No it isn't - but that's fine, that's exactly why Django allows (and encourages) you to roll your own SQL when you need to: http://www.djangoproject.com/documentation/model_api/#executing- custom-sql My philosophy with respect to the Django ORM (and ORMs in general) is that it should be used strictly for convenience - it should make the usual dull collection of queries as simple as possible. If the ORM is ever less convenient than writing a raw SQL query, write a raw SQL query! As long as you keep all of the SQL interactions in your Django model classes your database logic will all be in the same place and maintenance should be simple. Cheers, Simon --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users -~--~~~~--~~--~--~---
Re: Displaying thumbnails in the admin interface
On 19 Jul 2006, at 16:22, kwe wrote: > Is there a way to display images in the list_display admin frontend? > > I tried writing a custom method for the model which returned the > necessary html to display the image - without success. The custom > method in the list_display just returned the raw html.. You need to add the just-documented allow_tags attribute to your custom method: http://code.djangoproject.com/changeset/3358 Cheers, Simon --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users -~--~~~~--~~--~--~---
Re: Django v code generators (codecharge)
On 20 Jul 2006, at 15:47, walterbyrd wrote: > If I were "up to speed" with python and django, could I develop as > quickly as I could with a code generator? Yes. As a general rule, code generators are unnecessary if you are using a sufficiently dynamic language (such as Python). Historical note: the Django ORM was originally written as a code generator, but was refactored over a year ago to use metaclasses (a dynamic language feature) to achieve the same effect in a more elegant, more maintainable way. Hope that helps, Simon --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users -~--~~~~--~~--~--~---
Re: Duct tape
On 21 Jul 2006, at 17:55, Elver Loho wrote: >> I wonder if you could be a bit more explicit here... I can't think of >> a single place where you "just set a variable and have it do >> something cool", so I'd like to know more about what scares you. > > The admin module? http://www.djangoproject.com/documentation/ > tutorial2/ Is it the inner class that you found disturbing? class Poll(models.Model): # ... class Admin: pass If so, you should know that the actual admin framework itself is a completely separate application from the rest of Django - it was refactored out of the core nearly a year ago, and now lives in django.contrib. The model classes are a collection of useful metadata about the models, and the admin framework needs a bunch of metadata to decide how to behave. The (in my opinion very smart) decision was made to pull that out in to an inner class. This sets a nice precedence for extending Django's model syntax in the future - for example, I think there has been talk about having a 'class Search' inner class with parameters for controlling how a proposed Search contrib application should index models. There's no magic here - just a neat way of adding namespaced metadata to models without cluttering things up too much. Cheers, Simon --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users -~--~~~~--~~--~--~---
Re: Any good Python book recommendations?
On 23 Jul 2006, at 06:03, Sean Schertell wrote: > I've downloaded Dive into Python and it looks good. But I need > something I can read on the subway or in the bathtub. Something I can > dog-ear and highlight -- a real book! > > Any recommendations? I'm brand new to Python and want to learn for > use with Django. The "Learning Python" O'Reilly book is really, really good - one of the best "Learning X" books I've read for any language. Cheers, Simon --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users -~--~~~~--~~--~--~---
Re: AttributeError: class Http404 has no attribute 'has_header'
On 24 Jul 2006, at 01:17, Jacob Kaplan-Moss wrote: >> Has anybody else seen this error? It's obvious that Http404 doesn't >> have the method, it's just a subclass of Exception. If this is just a >> Django bug, I'll happily post a patch, just want to feel out any >> possible stupidness on my part first :-) > > You're probably doing ``return Http404`` instead of ``raise Http404``. It would be nice if we could catch this and provide a friendly error message, maybe by having an assertion somewhere that checks that the view function has returned an object that is an instance (or subclass) of HttpResponse. Cheers, Simon --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users -~--~~~~--~~--~--~---
Re: simplejson & umlauts
On 24 Jul 2006, at 12:21, patrickk wrote:
> has anyone ever used simplejson with umlauts?
> I´m reading a title from a blog-entry which has umlauts and they are
> not displayed correctly.
I doubt this is a problem with simplejson; it seems to handle unicode
characters just fine. I imagine you are passing it a utf-8 encoded
Python bytestring without it knowing what the encoding is. You need
to pass it a proper unicode string - try something like this:
>>> s = 'r\xc3\xb6ck d\xc3\xb6ts' # A utf-8 encoded bytestring
>>> u = s.decode('utf-8') # u is now a unicode string
>>> print simplejson.dumps(u)
"r\u00f6ck d\u00f6ts"
That last line is the correct way of representing unicode in JSON. If
you paste that in to Firebug it renders as "röck döts".
Hope that helps,
Simon
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/django-users
-~--~~~~--~~--~--~---
Re: Wondering about few 'burried' issues
On 27 Jul 2006, at 11:39, Sebastian F wrote: > But then it hit me, ticket was closed with > resolution 'wontfix' (http://code.djangoproject.com/ticket/2004). I am > curious, why? Your guess is as good as mine - it looks like the ticket was closed by the person who opened it. The Django core developers try to always leave an explanation when they close a ticket. Cheers, Simon --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users -~--~~~~--~~--~--~---
Re: Myghty Templates in Django - ver. 1
> 2a. The easy way to use mygthy templates is to render them and send the
> result to a "Blank" django template which will show the results
> a simple view:
> [...]
> def myview(request):
> file = AFile()
> #execute a template
> interpreter.execute('mytemplate.myt', out_buffer = file)
> # show it via django template
> return render_to_response('index.html', {'content': file.read()})
There's no need to involve the Django template system at all, or to
use a "fake" file object. Django's design ensures that templating is
decoupled from views, so if you want to use myghty you can just do
this:
from django.http import HttpResponse
def myview(request):
response = HttpResponse() # A file-like object
interpreter.execute('mytemplate.myt', out_buffer = response)
return response
Cheers,
Simon
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/django-users
-~--~~~~--~~--~--~---
Django covered in podcast with Guido
http://www.twit.tv/floss11 Django gets some good discussion about 50 minutes in. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users -~--~~~~--~~--~--~---
Re: Planet Django
On 4 Aug 2005, at 13:32, Jacob Kaplan-Moss wrote: If you've got a blog (or know of one) that covers Django, please send me a link to the feed -- preferably a feed for the Django category, if it exists. I'll try to have something up by this weekend. Here's mine: http://simon.incutio.com/syndicate/django/rss1.0 Cheers, Simon
Any live Django sites outside Lawrence yet?
This is purely to satisfy my own curiosity, but does anyone have a deployed, public Django site up and running yet (aside from the sites built by the team in Lawrence)? It would be cool to hear about intranet apps as well, but I'm really interested in seeing some examples of Django running in the world. It would be great to compile some success stories for the website. Cheers, Simon
Re: {% if method(arguments) %}
On 11 Sep 2005, at 20:16, Mookai wrote:
Is it possible to use this syntax of do I have to write an own
template
tag?
I want to use it to check if a module has to be displayed based on
permissions:
{% if user.get_module_perms(app.name) %}
That syntax won't work - but the magic perms variable (supplied by
DjangoContext) can do what you are asking for:
{% if perms.name_of_module %}
That will be true if the user has any permissions for name_of_module.
You can check individual permissions with:
{% if perms.name_of_module.name_if_permission %}
Cheers,
Simon
Django-powered sites on the wiki
I've started a list of public websites powered by Django on the development wiki: Django powered sites Please add your Django-powered site if it's not already listed. Cheers, Simon Willison http://simon.incutio.com/
Re: Django-powered sites on the wiki
On 9/14/05, Simon Willison <[EMAIL PROTECTED]> wrote: > I've started a list of public websites powered by Django on the > development wiki: Here's the link: http://code.djangoproject.com/wiki/DjangoPoweredSites
Re: Design Advice: "here" in Navigation
On 20 Sep 2005, at 05:00, [EMAIL PROTECTED] wrote:
I often have CSS designs that call for a tab, link, button, etc; to be
highlighted in some way (usually by having a different class
attribute)
from the other links when the user is on the page the navigation
element links to.
This is a PITA to build. Anyone have some good suggestions? I'm even
thinking about using Javascript instead of doig it server side.
Here's a neat CSS trick that works mostly client-side (no JS) and
does what you want.
First, give every page (or section) on your site an ID, applied to
the body tag:
Later on, in your navigation, do this:
...
About
...
Then add the following rules to your CSS:
body#aboutpage li#nav-aboutpage,
body#contactpage li#nav-cantactpage,
body#homepage li#nav-homepage {
background-color: yellow;
}
This means that on the aboutpage, the nav-aboutpage list option will
be highlighted. On the contactpage, nav-contactpage will be
highlighted - and so on.
Of course, this approach doesn't scale to hundreds of different pages
very well - but it's great for small sites or for sections of large
ones.
Cheers,
Simon Willison
Re: Surving Static Files on Django
On 28 Sep 2005, at 21:25, Jacob Kaplan-Moss wrote: Why? In case you hadn't noticed, Django has a pretty large memory footprint; between Apache, mod_python, Python, the database drivers, etc., Apache server processes tend to weigh about 10M each (at least on my servers). Unfortunately, Apache reuses processes these server processes for a certain number of requests (see the MaxRequestsPerChild directive), but although the server processes grow their memory footprint to accommodate Django, they never shrink. That's more a limitation of mod_python than of Django itself. I imagine that FastCGI and SCGI avoid this issue almost entirely - the modules themselves are much smaller so it's less wasteful to use them to serve static files as well as Django stuff.
Re: Performance and scalability
On 29 Sep 2005, at 15:06, Tau wrote: What you, the authors of django, can provide on the subject of django's performance and scalability. I find the framework architecture to be excellent but, literally speaking, what if I migrate my php sites to django. Will hardware upgrade be inevitable? In theory, Django with mod_python should be faster than the equivalent in PHP because PHP has to read and interpret the scripts every time, while mod_python loads them once from disk and keeps the compiled code in memory. If you were using one of the PHP accelerators however PHP should have the same thing going for it. How much traffic are you talking about? www.kusports.com uses Django and gets hit with some pretty heavy traffic at times. chacagocrime.org has weathered a slashdotting or two thanks to Django's caching framework.
Re: Several domains, one django project
On 29 Sep 2005, at 15:20, Tau wrote: Is it possible to share a project among several domains? Each domain should have different templates and media files. I don't care about the models, I use XML. What is the recommended mod_python configuration? Yes - in fact Django was designed for this kind of problem. You'll need to point each domain at a separate Django config file, which can import shared settings from a base config file and then set up a domain-specific TEMPLATE_DIRS variable. Cheers, Simon
Re: Several domains, one django project
On 29 Sep 2005, at 16:10, Adrian Holovaty wrote: Yes, this is entirely possible -- it's how Django is used at World Online. You'll just need to create a separate settings file for each domain, and just point each VirtualHost in your Apache configuration at the appropriate settings file. There is however a nasty gotcha: you need to set a different PythonInterpreter for each domain, or Bad Things can happen. http://www.djangoproject.com/documentation/modpython/#multiple-django- installations-on-the-same-apache
Re: Repeating Blocks Within a Template
On 14 Nov 2005, at 06:06, Tom Tobin wrote:
A bit stumped here . . . Is there a recommended convention for
repeating blocks within a template? e.g., I have a paginated
object_list generic view, and I want to repeat my pager code (i.e.,
"back", "next") at both the top and bottom of the list without copying
and pasting.
Not really. You can write a custom template tag for your buttons but
that might be considered overkill - and would also mean that some of
your presentation logic would end up in Python code (in the template
tag definition).
Maybe it's time we bit the bullet and introduced a {% capture %} tag
(or similar) that chucks the rendered output of its contents in a
variable in the context. Then you could do this:
{% capture pagination_controls %}
... HTML goes here ...
{% end capture %}
{{ pagination_controls }}
... more stuff ...
{{ pagination_controls }}
I think we've avoided this in the past because it makes Django's
template language too much like a programming language, but I think
it provides an elegant solution to your problem and hence should be a
candidate for inclusion - unless we can come up with a more elegant
solution.
Cheers,
Simon Willison
Re: "startapp" now creates views.py, not views package
On 16 Nov 2005, at 05:53, Adrian Holovaty wrote: This is fully backwards-compatible. If you want to keep your views in a "views" directory, that's perfectly all right. The thinking is that the common case will only need a single file called views.py. Nice change. The less directory hierarchy by default the better!
Re: Preventing Google Web Accelerator from prefetching
On 16 Nov 2005, at 23:10, Jacob Kaplan-Moss wrote: However... the concept is. Developers shouldn't be blocking GWA; we should be programming web apps that conform to expected HTTP behavior. GWA *only* issues GET requests, and if an app modifies data based on a GET, then the app should be considered broken. I'm afraid I just don't buy this. It holds for most cases, but there are some significant ones where it doesn't. My favourite example is Flickr's internal message system (or any other Webmail). It tells you at the top of the page if you have any unread messages, and when you view your inbox it shows unread messages in bold. The act of viewing a message (by following a GET link) marks that message as read. Sure, you could require people to click a "mark as read" button that does a POST, or even have the interface to select a message to read use POST buttons. That would suck though - it would break the ability to open a bunch of messages in a new tab for one thing. Meanwhile, GWA hits your inbox and instantly marks all your unread messages as read! (That's assuming Flickr doesn't block it - I'll have to check). HTTP purity is a nice ideal, but until the HTML form model contains better support for calling HTTP verbs that reflect what you are actually trying to do it just isn't practical in every case. It's those edge cases that make GWA's behaviour a bad idea. Cheers, Simon
Re: 20 minute wiki, sortof.
On 18 Nov 2005, at 09:12, David Ascher wrote:
Specifically, I'd love feedback on the views ( http://
da.textdriven.com:8027/sydney/file/trunk/wiki/apps/pages/views.py)
and the template ( http://da.textdriven.com:8027/sydney/file/trunk/
wiki/templates/pages/page.html
You should do this in the template: Replace
{{page.data}}textarea>
With
{{page.data|
escape}}
Great feedback on the problems you can in to - we should fix those!
Re: 20 minute wiki, sortof.
On 18 Nov 2005, at 11:59, hugo wrote: (I think this static view should be listed more prominently in the documentation and tutorial, even though it's not meant to be used for production use - the how-to-serve-static-files question is quite common with newbies, and all of them want to write their own ;-) ) I entirely agree. I think we should encourage people to run Django as inefficiently as they like during development, then have all of the preaching about separate servers for static files etc in the deployment documentation. Cheers, Simon
Re: 20 minute wiki, sortof.
On 18 Nov 2005, at 15:26, Robert Wittams wrote: Hm, maybe when DEBUG is on, CommonMiddleware should put up an interstitial page to tell the developer what is happening? It does seem to bite a lot of people. Alternatively, we could just have CommonMiddleware throw a deliberate server error if a POST is made to a IRL that doesn't have a trailing slash. That should make things abundantly clear :) POSTing to a URL that CommonMiddleware wants to redirect is most definitely a bug in an application, and should be treated as such. The redirect plain shouldn't happen. Cheers, Simon
Re: Finding numbers of visitors
On 22 Nov 2005, at 17:43, Luciano Rodrigues da Silva wrote: I think that is time for the admin have some statistics usage of the applications. Or maybe another app include with the package. Stats is a very obvious application for Middleware. I bet you could do something very, very cool along these lines...
Re: Paginating complex queries
On 23 Nov 2005, at 14:59, Afternoon wrote: Is there a way that the request object could be exposed to custom tag code, but not the template itself? The aim with the template system has always been to keep it de- coupled from the request/response stuff, so it can be used as a standalone component. It's hard to see how the request object could be exposed to custom tags without breaking that separation. That said, it would be enable some very neat custom template tag tricks.
Re: Documentation for Django on TextDrive
On 25 Nov 2005, at 23:04, James Bennett wrote: Suggestions and corrections are welcome. Thanks a lot James - that's some really well written documentation: clear, succinct and informative. Just one tiny suggestion (I don't use TextDrive so I can't comment on much). You suggest downloading Django like this: curl http://media.djangoproject.com/releases/0.90/Django-0.90.tar.gz - o Django-0.90.tar.gz You can simplify that using the -O argument to curl (that's a capital O), which tells it to use the same filename when saving to disk: curl -O http://media.djangoproject.com/releases/0.90/Django-0.90.tar.gz Cheers, Simon
Re: SQL Injection
On 21 Dec 2005, at 01:37, Silas Snider wrote: Do they just quote the string? Or do they use a 'bind variable' type idea? Example: If an attacker typed ' or 'a'='a into a password input field for instance, would the ORM properly prevent the attempted attack from working? They escape the string in the manner appropriate to the database backend being used. In the above case if you were using MySQL your string would become: "\' or \'a\'=\'a" Which is perfectly safe. You have to work pretty hard if you want to open up a SQL injection using Django! Cheers, Simon
Re: Django and Multiple Database Support
On 29 Dec 2005, at 20:29, Jacob Kaplan-Moss wrote: I've always though that this particular -- and common -- use case should be delegated to the DB level using one of the many excellent replication/distribution tools for your database. For example, you could easily do read distribution with pg_pool or sqlrelay, and it would be transparent to Django. I don't see a good reason to tackle replication in Django itself as that's more or less a solved problem. I disagree. There's a lot more to separate databases than just replication - when you scale big there are all kinds of ways things might need to be partitioned. You might want to keep "cheap" data (like traffic logs for user's weblogs) on a different DB cluster from expensive data (like their blog entries themselves). Some data gets accessed all the time while some other data is only ever written - etc etc. I'd love Django to have a reputation as the web framework that scales. As far as I can tell, big LAMP sites that scale are mostly done as PHP with a whole load of custom scary stuff - connections to multiple databases, memcached, even XMLRPC calls to backend services written in Java. We already have caching and we can do calls to backend services easily but the single database connection assumption is baked right in to the framework. Unfortunately, I don't have the experience of scaling big to say much more than that. This is where input from people like Scott becomes invaluable :) Cheers, Simon
Re: Django and Multiple Database Support
On 29 Dec 2005, at 11:35, Scott johnson wrote: Now I haven't hacked Django much myself yet (I've been working on the back end tools, db loader and overall schema). What support does Django have for multiple db stuff? I've started a ticket to track discussions on this issue: http://code.djangoproject.com/ticket/1142 Cheers, Simon
Re: Web host for Django, what to ask for?
On 31 Dec 2005, at 18:39, Michael Hipp wrote: I'm hoping to convince my current hosting provider (zipa.com) to support Django. (Switching providers would be a pain right now.) What would I tell them I need? apache mod_python psycopg postgresql (or mysql) (1 database?) One approach might be to encourage them to add FastCGI support and tell them that it will let them support both Django /and/ Rails in one shot. Since Rails is way ahead in terms of marketing right now it makes sense to ride on their coat tails when it comes to getting hosts to support Django. Cheers, Simon
Re: built-in reference
On 4 Jan 2006, at 19:42, The Boss wrote: Nevermind. It magically started working when I tried to show someone how it didn't work. It probably just needed a server restart. Django's development server code reloading stuff work's for most cases, but if you're seeing odd behaviour it's often worth restarting the server to see if that fixes it. Cheers, Simon
Re: Suitability, Performance and scalability Info
On 5 Jan 2006, at 11:40, ChaosKCW wrote: I of course want something better and django stands out. Its mostly for interactive apps, as opposed to static content, so my first questions is can I do things like javascript and xmlhttprequest (ie AJAX ) in django easily ? I am sure I can but thought it prudent to ask. Absolutely. Django doesn't put any barriers in front of you outputting XML or JSON or JavaScript instead of HTML, making Ajax stuff really easy to do. The other things were they gonna something to go on for speed and scalability. Is there any info out there ? On scalability can it be clustered easily (as with websphere)? Django scales using the "shared nothing" architecture - so you can run multiple web servers talking to a single database server with ease (and concentrate your efforts on scaling that database server). Django performance is excellent - there aren't any official benchmarks but I feel comfortable in stating that a server running Django should be able to handle more requests than a server running Rails or TurboGears (the Python interpreter is faster than Ruby, and Django's template system is significantly faster than the one used by TurboGears). That said, the bottleneck for most apps is the database so these performance differences may not affect you in deployment situations. Django doesn't currently support more advanced scaling architectures but features for supporting replicated databases are currently under discussion - contributions of advice (and code) in this area are welcome. Hope that answers your questions, Simon
Re: ANN: "Snakes and Rubies" (Django/Rails meetup) video/audio available
On 5 Jan 2006, at 15:17, stinger wrote: You said in the download page "If at all possible, please use BitTorrent! Our servers thank you..." It would be useful if there were torrents for just Adrian's talk, just the Q&A etc. Cheers, Simon
Re: Data from multiple engines/data in one Django app (or project)
On 5 Jan 2006, at 17:48, mortenbagai wrote: Is there a way to model data from multiple, separate data sources in the same Django project? Not at the moment, but it's under active discussion: http://code.djangoproject.com/ticket/1142 Please add a brief description of your requirement to that ticket so we can be sure to accommodate you. Cheers, Simon
Re: ANN: "Snakes and Rubies" (Django/Rails meetup) video/audio available
On 6 Jan 2006, at 16:23, Wilson wrote: It would be useful if there were a gag reel with clips of Simon making vomiting gestures at Adrian from across the room. :) Blast - I thought the cameras missed that :)
Re: Duplicate object
On 12 Jan 2006, at 05:43, Eric Walstad wrote:
The following approach ('shallow' copy) has worked well for me:
import copy
b = copy.copy(a)
b.id = None
b.save()
Maybe it would be useful for all Django model objects to gain
themselves a duplicate() method which does exactly this - returns an
identical object but with id set to None.
Cheers,
Simon
Re: Bulk delete?
On 17 Jan 2006, at 12:15, Russell Keith-Magee wrote: Ok; in the absence of any objections, I've just committed the change, and closed off the ticket. Bulk delete is now available in magic-removal. What happens if you call Something.objects.delete() without any arguments? Does it delete every row from the table? If so it might be useful to have some kind of "magic" keyword argument which has to be used to achieve that. Having a method that can nuke everything if you hit the wrong key makes me a little nervous. Something like this perhaps: Something.objects.delete(DELETE_ALL=True) Calling the delete() method with no parameters could raise an error. Cheers, Simon
Re: Storing News articles - retaining some HTML tags
On 15 Jan 2006, at 23:22, tonemcd wrote: If your articles have HTML in them, you'll need to be careful that no 'dangerous' HTML is included (javascript is the most common). A good library is stripogram - http://www.zope.org/Members/chrisw/StripOGram/readme Stripogram is inadequate for protecting against XSS attacks. It doesn't strip style="" attributes (which can contain executable code) and has very simplistic code for filtering javascript: style links. Here's their code for attribute filtering: if lower(k[0:2]) != 'on' and lower(v[0:10]) != 'javascript': self.result += ' %s="%s"' % (k, v) And here are three ways off the top of my head to defeat that: Click me (Note the leading space) Click me (IE will run this) Click me (IE will run this too; it was part of the MySpace worm: http://namb.la/popular/tech.html ) Filtering unsafe HTML is a deceptively hard problem - you need to be aware not just of the HTML spec but also of the full details of all of the common implementations and their bugs. Since the most widespread of these is closed source, good luck! Definitely don't use stripogram though. It will give you nothing more than a false sense of security. I'm going to submit these bugs to the library author. The best Python stripping code I've seen is in Mark Pilgrim's feedparser. You might want to try extracting it. Cheers, Simon
Re: Storing News articles - retaining some HTML tags
On 15 Jan 2006, at 23:22, tonemcd wrote: If your articles have HTML in them, you'll need to be careful that no 'dangerous' HTML is included (javascript is the most common). A good library is stripogram - http://www.zope.org/Members/chrisw/StripOGram/readme While I still strongly advocate not using StripOGram for filtering potentially hostile code, I should note that for the original poster's purpose (stripping tags from content that they themselves owned) it is probably a good solution - provided you are confident that there is no deliberately malicious code in their own data somewhere. Cheers, Simon
Re: Storing News articles - retaining some HTML tags
On 1/19/06, tonemcd <[EMAIL PROTECTED]> wrote: > Didn't realise stripogram was so open to those sort of exploits (I've > only ever used it to get rid of the stuff that might mangle layout). > There's obviously more to this than meets the eye. Here are some interesting resources on the challenges involved with escaping dangerous HTML. Cal Henderson (from Flickr) has developed a flitering library in PHP. It's documented in two tutorials - the code is also available (with unit tests): http://iamcal.com/publish/articles/php/processing_html/ http://iamcal.com/publish/articles/php/processing_html_part_2/ http://code.iamcal.com/php/lib_filter/ The changelog for LiveJournal's HTML sanitizing stuff list dozens of interesting vulnerabilities. The code is worth looking at too - lots of interesting comments: http://cvs.livejournal.org/browse.cgi/livejournal/cgi-bin/cleanhtml.pl Mark Pilgrim's feedparser library has unit tests for the sanitizing component: http://feedparser.org/tests/wellformed/sanitize/ http://feedparser.org/tests/illformed/sanitize/ Even PHP's strip_tags function (which doesn't attempt to sanitize, it just removes anything that looks like a tag) has had its fair share of problems: http://bugs.php.net/search.php?cmd=display&search_for=strip_tags Cheers, Simon
Re: Locale from URL Middleware
On 5 Apr 2006, at 12:26, limodou wrote: > Why you need do this? Because django can auto judge the language from > your browser request http head, or context settings, or settings. If > you like , you can provide a language selection in web page, and > that's enough. The url doesnot need to be special processed I think. I for one much prefer the language to be specified in the URL rather than being derived from the browser settings. I would prefer this behaviour to be supported (at least as an option) in Django core. I know that language detection based on browser HTTP headers is a feature of the HTTP specification, but personally I believe that it's a mistake in the spec. Here's my reasoning: 1. Serving up content from the same URL in a different language depending on browser settings is an idea that is based on the ideal situation where each translation is a perfect representation of the content's underlying meaning. This is clearly not a realistic proposition. Some languages have phrases that do not perfectly translate to other languages, and translations may not be perfect in any case due to human error. The French version of a page is fundamentally different from the English version, and I believe that the URL should reflect that. 2. Passing URLs around. If I copy and paste the URL of a page and send it to a friend / post it to my weblog, my expectation is that they will see exactly what I see. Likewise, if I quote something and cite the original URL, my expectation is that I'm pointing back to the source of that quote. Changing the content based on the language header breaks that expectation. Again, I know it's part of the HTTP spec - but it's so rarely implemented that very few users expect it to happen. 3. Related to the above: What if I spot a typo in a page and want to report it to the site owner? Sending them the URL is no longer enough - I have to tell them my browser's language setting as well. Given the above, I much prefer the approach taken by most sites that feature content in multiple languages where the language code is included somewhere in the URL. That's not to say that the user's browser language setting should be ignored - you can use it to inform them that the page is available in their preferred language (maybe with a nice big note at the top of the page, written in their native language of course). Tim Berners-Lee and the W3C may disagree with me on this one, but I'm convinced that using URLs to distinguish between languages is smarter than relying on browser settings alone. Cheers, Simon --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users -~--~~~~--~~--~--~---
Are there any Django events we're missing on Lanyrd?
Hi everyone, My main project at the moment is Lanyrd, the social conference directory. It's a site that helps you find conferences to attend or speak at, and that enables you to build a profile of talks you've given and events you've attended in the past. There's just one problem: right now we only know of 5 upcoming Django events, worldwide: http://lanyrd.com/topics/django/ Compare to other technical topics, that's not very impressive: http://lanyrd.com/topics/php/ http://lanyrd.com/topics/drupal/ http://lanyrd.com/topics/ruby/ Are there any events that we're missing? You can add them yourselves (don't forget to attach the Django topic) or alternatively tip me off via email and I'll add them myself. We're also very interested in past events. We have 37 for Django at the moment - again, if there are any missing I'd love to have them on the site: http://lanyrd.com/topics/django/past/ Finally, as a public service announcement we do have Atom feeds of most of our pages, so if you want to hear about Django events as they are announced you can subscribe directly to the above page. We also collect videos / slides / etc - we have 47 session videos in our Django collection which are worth browsing through, and we're keen on gathering more: http://lanyrd.com/topics/django/video/ We even have video from the first event after Django was released to the public, way back in 2005! http://lanyrd.com/2005/snakes-and-rubies/ Cheers, Simon -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
