[web2py] error in book re: response attribute of gluon.sql.Rows?
Hello, I'm learning web2py by working my way through the book (2nd edition). I hit a road block in Chapter 6 (DAL) page 163 where it says: "A Rows object is a container for rows.colnames, rows.response" and goes on to explain that a Rows cannot be pickled or serialized by XML-RPC while a response object can. Following the instructions on this page results in an error about the Rows object not having a "response" attribute. Looking through the web2py API reference and source code I figured out that response definitely isn't part of gluon.sql.Rows. This was confirmed for me by reading this thread: http://groups.google.com/group/web2py/browse_thread/thread/9398eddc5b08ffe4/bf33513d16fef539?lnk=gst&q=book+select+rows+response#bf33513d16fef539 The error still exists in the online edition of the book at: http://web2py.com/book/default/section/6/5 There is also no mention of it at http://wiki.web2py.com/Errata_for_web2py_2nd_Edition_Book Anyways, thanks a lot for web2py. I'm really enjoying it so far, and I really appreciate all the effort that has gone into making such a productive environment. Keep up the good work! Jeremy McNaughton
[web2py] Re: error in book re: response attribute of gluon.sql.Rows?
You are right. This needs to be fixed. Massimo On Apr 18, 1:15 am, Jeremy McNaughton wrote: > Hello, > > I'm learning web2py by working my way through the book (2nd edition). > I hit a road block in Chapter 6 (DAL) page 163 where it says: "A Rows > object is a container for rows.colnames, rows.response" and goes on to > explain that a Rows cannot be pickled or serialized by XML-RPC while a > response object can. Following the instructions on this page results > in an error about the Rows object not having a "response" attribute. > > Looking through the web2py API reference and source code I figured out > that response definitely isn't part of gluon.sql.Rows. This was > confirmed for me by reading this > thread:http://groups.google.com/group/web2py/browse_thread/thread/9398eddc5b... > > The error still exists in the online edition of the book > at:http://web2py.com/book/default/section/6/5 There is also no mention > of it athttp://wiki.web2py.com/Errata_for_web2py_2nd_Edition_Book > > Anyways, thanks a lot for web2py. I'm really enjoying it so far, and > I really appreciate all the effort that has gone into making such a > productive environment. Keep up the good work! > > Jeremy McNaughton
[web2py] Re: Reading static files on GAE
PanosJee writes: > > Hello everyone I am working on a CSS/JS merger/minifier (with > expiration tags) and i want to deploy on AppEngine. > Unfortunately i cannot read static files on GAE as web2py has declared > everything in /static as static files > Do you have any ideas on how to circumvent this ? > You could move the JS and CSS to a template folder or a folder that is not static, and then make sure the .*js and .*css file patters are redirected to your minify script. Also, make sure you specify the content type in the headers when you return the result so it doesn't get treated as HTML by default. James -- Subscription settings: http://groups.google.com/group/web2py/subscribe?hl=en
[web2py] Re: _href and src url not rendered
I am not sure what is wrong here, and the example is complex so I
cannot understand the details. Nevertheless, I suggest replace
response.render('clublocatormail/send_mail.html',context)
with
from gluon.template import render
render(filename='clublocatormail/send_mail.html',context=context)
see if there is any difference.
Also try isolate the problem and simplfy send_mail.html so the point
that it contains only the line that causes the trouble.
Massimo
On Apr 17, 3:26 am, annet wrote:
> I converted the send_mail function to a none mail function. The
> send_mail function:
>
> def send_mail():
>
> mailinglist=db((db.bedrijfcontactpersoon.bedrijf==db.bedrijf.id)&(db.bedrijfcontactpersoon.bedrijf==db.bedrijfinschrijving.bedrijf)&
> \
>
> (db.bedrijfcontactpersoon.contactpersoon==db.contactpersoon.id)&(db.bedrijfinschrijving.inschrijving==2)&
> \
> (db.contactpersoon.subscription==True))\
>
> .select(db.bedrijf.bedrijfsnaam,db.bedrijfcontactpersoon.bedrijf,db.contactpersoon.id,db.contactpersoon.email,
> \
> orderby=db.bedrijfcontactpersoon.bedrijf)
> for item in mailinglist:
> context=dict(item=item)
> message=response.render('clublocatormail/
> send_mail.html',context)
> recipient=item.contactpersoon.email
> boolean=mail.send(to=[recipient],subject='Bedrijfsgegevens ' +
> item.bedrijf.bedrijfsnaam + ' in Fitwise',message=[None,message])
> if boolean:
>
> db.mailing_stats.insert(bedrijf=item.bedrijfcontactpersoon.bedrijf,contactpersoon=item.contactpersoon.id,
> \
> controller='clublocatormail',functie='send_mail')
> else:
>
> db.admin_stats.insert(bedrijf=item.bedrijfcontactpersoon.bedrijf,contactpersoon=item.contactpersoon.id,
> \
> controller='clublocatormail',functie='send_mail')
> return True
>
> ... and its view:
>
>
>
>
> Template - Single Column
>
>
>
>
> cellpadding="0">
>
>
>
> cellpadding="0">
>
>
>
> Having trouble viewing this email? {{=A('View
> it in your browser',
> _href=URL(r=request,c='clublocatormail',f='browser_version',args=[item.bedrijfcontactpersoon.bedrijf,item.contactpersoon.id]),
> _target="_blank")}}
>
>
>
>
>
>
>
>
>
> cellpadding="0">
>
>
> align="left">
>
> Fitwise
>
> Fitwise is een informatie en
> communicatie tool op internet waarmee u uw klanten en potentiële
> klanten moeiteloos bereikt en waarmee zij
> u moeiteloos kunnen vinden via onze
> {{=A('club locator',
> _href=URL(r=request,c='clublocatormail',f='clublocator',args=[item.bedrijfcontactpersoon.bedrijf,item.contactpersoon.id]),
> _target="_blank")}}.
> Als ondernemer wilt u natuurlijk dat uw
> bedrijfsgegevens in ons systeem up-to-date zijn. Controleer daarom
> {{=A('uw bedrijfsgegevens in Fitwise',
> _href=URL(r=request,c='clublocatormail',f='check_details',args=[item.bedrijfcontactpersoon.bedrijf,item.contactpersoon.id]),
> _target="_blank")}}
>
> Zijn uw bedrijfsgegevens in ons systeem
> niet up-to-date of wilt u uzelf als contactpersoon aanmelden. Vul dan
> het
> {{=A('wijzigingsformulier',
> _href=URL(r=request,c='clublocatormail',f='update_form',args=[item.bedrijfcontactpersoon.bedrijf,item.contactpersoon.id,]),
> _target="_blank")}} in.
> Zijn uw bedrijfsgegevens in ons systeem up-
> to-date? Laat het ons weten via het
> {{=A('bevestigingsformulier',
> _href=URL(r=request,c='clublocatormail',f='update_form',args=[item.bedrijfcontactpersoon.bedrijf,item.contactpersoon.id,]),
> _target="_blank")}}.
>
> Met
> vriendelijke groet
>
>
>
>
>
>
>
>
>
> height="61">
> Not interested anymore? {{=A('Unsubscribe',
> _href=URL(r=request,c='clublocatormail',f='unsubscribe',args=[item.bedrijfcontactpersoon.bedrijf,item.contactpersoon.id,]))}}
>
>
>
>
>
>
>
>
>
>
>
>
> The not_send_mail function:
>
> def not_send_mail():
>
> item=db((db.bedrijfcontactpersoon.bedrijf==db.bedrijf.id)&(db.bedrijfcontactpersoon.bedrijf==db.bedrijfinschrijving.bedrijf)&
> \
>
> (db.bedrijfcontactpersoon.contactpersoon==db.contactpersoon.id)&(d
Re: [web2py] Re: web2py on IDE
Vi/Vim mode would be really nice to have, but it's far from trivial to implement. On Apr 18, 2010, at 12:26 AM, Mengu wrote: > On 18 Nisan, 04:10, Doug Elkin wrote: >> Feel free to take these requests with a grain of salt... I know most >> things with development are easier said than done, but these are just >> things I'd really like to see: >> >> When doing tab-completion on web2py functions, I'd like to be able to >> see any other possible variables that can be passed to the function. >> There really isn't much documentation on a few of these, and sometimes >> you have to look up the source code to the function in epydocs to >> really find out the different possible options. >> >> Support for the storage class would be awesome. >> >> As far as the IDE itself goes, a VIM mode would be a final selling >> point for me. >> >> On Apr 16, 7:25 pm, Mengu wrote: >> > > i currently don't know how to do vim mode and never done a research on > this but i will take a look. your other suggestion is a must so i will > include it. > > > > On 18 Nisan, 05:57, Thadeus Burgess wrote: >> Instead of "Create new file" you can have "Create Controller"/"Create >> Model"/"Create View" etc etc.. And it will just make the file in the >> proper place for that framework. >> >> I would also like to see, for web2py, is to have exec/build mapped to >> F5, but for web2py projects it will launch a single instance of >> web2py, and load up your projects as simlinks to applications folder. >> Using Netbeans, each project I have to include web2py folder and the >> project folder, so I have 10 projects all pointing to the same web2py >> folder, it just seems to be a waist. >> >> -- >> Thadeus >> > > your first suggestion is already done, see at: http://omploader.org/vNDZ1cQ > > all web2py apps are in the main web2py folder/applications. so when > you create a new project, you just select the web2py path and i use > web2py.py to create the new folder. so you don't have to include > anything with my IDE. :) > > > -- > Subscription settings: http://groups.google.com/group/web2py/subscribe?hl=en
[web2py] Let the web server stream your files, not response.download!
http://bit.ly/ar4k8X -- Thadeus -- Subscription settings: http://groups.google.com/group/web2py/subscribe?hl=en
[web2py] Re: web2py on IDE
Remember - the simplest, most general initial approach to letting people edit a file in their own preferred editor is to allow external editors, and configuration of same. Yes, this gives up things (i.e. code completion) but at the same time it provides an important stepping stone: a way to do "everything" your favorite editor does which makes it more acceptable to implement "some of the most commonly used" key shortcuts within your ide (it doesn't have to do it "all" if it gives the user a way to get to the "real thing") Now, the tension you walk is how much to implement internally, but it can be dictated by your actual user population - you don't _have_ to do it all at first: just let your users tell you what they can't live without, and little by little it will evolve, you will find that more-or-less stable "sweet spot". - Yarko On Apr 18, 10:10 am, "G. Clifford Williams" wrote: > Vi/Vim mode would be really nice to have, but it's far from trivial to > implement. > > On Apr 18, 2010, at 12:26 AM, Mengu wrote: > > > On 18 Nisan, 04:10, Doug Elkin wrote: > >> Feel free to take these requests with a grain of salt... I know most > >> things with development are easier said than done, but these are just > >> things I'd really like to see: > > >> When doing tab-completion on web2py functions, I'd like to be able to > >> see any other possible variables that can be passed to the function. > >> There really isn't much documentation on a few of these, and sometimes > >> you have to look up the source code to the function in epydocs to > >> really find out the different possible options. > > >> Support for the storage class would be awesome. > > >> As far as the IDE itself goes, a VIM mode would be a final selling > >> point for me. > > >> On Apr 16, 7:25 pm, Mengu wrote: > > > i currently don't know how to do vim mode and never done a research on > > this but i will take a look. your other suggestion is a must so i will > > include it. > > > On 18 Nisan, 05:57, Thadeus Burgess wrote: > >> Instead of "Create new file" you can have "Create Controller"/"Create > >> Model"/"Create View" etc etc.. And it will just make the file in the > >> proper place for that framework. > > >> I would also like to see, for web2py, is to have exec/build mapped to > >> F5, but for web2py projects it will launch a single instance of > >> web2py, and load up your projects as simlinks to applications folder. > >> Using Netbeans, each project I have to include web2py folder and the > >> project folder, so I have 10 projects all pointing to the same web2py > >> folder, it just seems to be a waist. > > >> -- > >> Thadeus > > > your first suggestion is already done, see at:http://omploader.org/vNDZ1cQ > > > all web2py apps are in the main web2py folder/applications. so when > > you create a new project, you just select the web2py path and i use > > web2py.py to create the new folder. so you don't have to include > > anything with my IDE. :) > > > -- > > Subscription settings:http://groups.google.com/group/web2py/subscribe?hl=en
[web2py] Re: Let the web server stream your files, not response.download!
Is this cherokee specific? Would it work on apache? Just a comment. This will bypass db.table.field.authorize so auth permissions on downloads will not be enforced. Massimo On Apr 18, 11:34 am, Thadeus Burgess wrote: > http://bit.ly/ar4k8X > > -- > Thadeus > > -- > Subscription settings:http://groups.google.com/group/web2py/subscribe?hl=en
[web2py] Re: cool html5 stuff
Seems like a lot of really nice stuff, but are the browser ready for it, yet? A lot of the presentation didn't display properly or work properly in Firefox, from what I could tell. And IE 8 couldn't display it at all. What do you think, Massimo -- is it ready for prime time? On Apr 17, 3:47 pm, mdipierro wrote: > http://apirocks.com/html5/html5.html#slide39 > > -- > Subscription settings:http://groups.google.com/group/web2py/subscribe?hl=en
[web2py] Re: cool html5 stuff
On Apr 18, 2:02 pm, weheh wrote: > Seems like a lot of really nice stuff, but are the browser ready for > it, yet? A lot of the presentation didn't display properly or work > properly in Firefox, from what I could tell. And IE 8 couldn't display > it at all. What do you think, Massimo -- is it ready for prime time? No - clearly it is not, but it is being developed.. RIght now, canvas seems to be widely working - this is how processing.js works (as well as other, things, svg having a bit of a rebirth); The slides behave differently in different browsers, but this is still cool. The most ineresting part of this: to find what works in which browsers at any given point (i.e., the canvas element), and to explose how your website can detect, and then take "earliest" advantage of those components which are "nearer" to being stable. This _is_ fun, indeed! (but also a bit "bleeding edge" ... yet, like anything else: be prepared, monitor development, and _you too_ can be ready when the technology components are!) - Yarko > > On Apr 17, 3:47 pm, mdipierro wrote: > > >http://apirocks.com/html5/html5.html#slide39 > > > -- > > Subscription settings:http://groups.google.com/group/web2py/subscribe?hl=en
Re: [web2py] Re: Let the web server stream your files, not response.download!
It works with apache, as long as you install the module. Cherokee just has it enabled by default, and is the webserver I use currently. The advantages of X-Sendfile is that you still get to have permissions on downloads, its simply, if they are not authorized, do not set a x-sendfile header. You can do any checks you wish on the web2py end. -- Thadeus On Sun, Apr 18, 2010 at 2:00 PM, mdipierro wrote: > Is this cherokee specific? Would it work on apache? > > Just a comment. This will bypass db.table.field.authorize so auth > permissions on downloads will not be enforced. > > Massimo > > On Apr 18, 11:34 am, Thadeus Burgess wrote: >> http://bit.ly/ar4k8X >> >> -- >> Thadeus >> >> -- >> Subscription settings:http://groups.google.com/group/web2py/subscribe?hl=en >
[web2py] Re: Let the web server stream your files, not response.download!
I see. Than the current download function could be improved to take advantage of this. On Apr 18, 3:01 pm, Thadeus Burgess wrote: > It works with apache, as long as you install the module. > > Cherokee just has it enabled by default, and is the webserver I use currently. > > The advantages of X-Sendfile is that you still get to have permissions > on downloads, its simply, if they are not authorized, do not set a > x-sendfile header. You can do any checks you wish on the web2py end. > > -- > Thadeus > > On Sun, Apr 18, 2010 at 2:00 PM, mdipierro wrote: > > Is this cherokee specific? Would it work on apache? > > > Just a comment. This will bypass db.table.field.authorize so auth > > permissions on downloads will not be enforced. > > > Massimo > > > On Apr 18, 11:34 am, Thadeus Burgess wrote: > >>http://bit.ly/ar4k8X > > >> -- > >> Thadeus > > >> -- > >> Subscription settings:http://groups.google.com/group/web2py/subscribe?hl=en
Re: [web2py] Re: Let the web server stream your files, not response.download!
Precisely! -- Thadeus On Sun, Apr 18, 2010 at 6:43 PM, mdipierro wrote: > I see. Than the current download function could be improved to take > advantage of this. > > On Apr 18, 3:01 pm, Thadeus Burgess wrote: >> It works with apache, as long as you install the module. >> >> Cherokee just has it enabled by default, and is the webserver I use >> currently. >> >> The advantages of X-Sendfile is that you still get to have permissions >> on downloads, its simply, if they are not authorized, do not set a >> x-sendfile header. You can do any checks you wish on the web2py end. >> >> -- >> Thadeus >> >> On Sun, Apr 18, 2010 at 2:00 PM, mdipierro wrote: >> > Is this cherokee specific? Would it work on apache? >> >> > Just a comment. This will bypass db.table.field.authorize so auth >> > permissions on downloads will not be enforced. >> >> > Massimo >> >> > On Apr 18, 11:34 am, Thadeus Burgess wrote: >> >>http://bit.ly/ar4k8X >> >> >> -- >> >> Thadeus >> >> >> -- >> >> Subscription >> >> settings:http://groups.google.com/group/web2py/subscribe?hl=en >
[web2py] what do you make of this?
http://twitter.com/idlecool/status/12408675362 -- Subscription settings: http://groups.google.com/group/web2py/subscribe?hl=en
[web2py] Re: what do you make of this?
I wonder if this is an innocent report, from a false positive - or a valid report. Bitdefender had some trouble with false reports recently; see: http://krebsonsecurity.com/2010/03/bad-bitdefender-antivirus-update-hobbles-windows-pcs/ But that Windows expoits exist for / in PDF files is also a real issue; see: http://krebsonsecurity.com/2010/04/ipack-exploit-kit-bites-windows-users/#more-2468 Google pdf viewer opened this fine; it might be worth querying this user about the version of bitdefender, and what it is it reported. It might also help to be clear about what software was used to generate this file - or, better yet - to take it off of your private web site, and (if you're going to share it) post it to the files area on Google Groups. Just some thoughts. - Yarko On Apr 18, 7:07 pm, mdipierro wrote: > http://twitter.com/idlecool/status/12408675362 > > -- > Subscription settings:http://groups.google.com/group/web2py/subscribe?hl=en
Re: [web2py] what do you make of this?
On Apr 18, 2010, at 5:07 PM, mdipierro wrote: > http://twitter.com/idlecool/status/12408675362 You never know, but it seems doubtful, especially since the pdf came from Keynote. Bitdefender has had problems with false positives in the past. -- Subscription settings: http://groups.google.com/group/web2py/subscribe?hl=en
[web2py] Re: what do you make of this?
I ran the PDF file referred to through Microsoft Security Essentials and it was fine. Also checked online at http://www.kaspersky.com/scanforvirus and http://www.virustotal.com and it came out clean. On Apr 18, 7:07 pm, mdipierro wrote: > http://twitter.com/idlecool/status/12408675362 > > -- > Subscription settings:http://groups.google.com/group/web2py/subscribe?hl=en
[web2py] GAE, parents, and row objects.
Hi, Quick question when using web2py with GAE. I need to assign a model as the parent of another entity. How can I retrieve the GAE "model instance" from a web2py query...? book = db.book[request.args(0)] [The book is returned as a row] I'd like to do the following: db.review.insert(parent = book, text = 'The book was great) Is there an easy way to do this? Thanks in advance, Matt -- Subscription settings: http://groups.google.com/group/web2py/subscribe?hl=en
Re: [web2py] what do you make of this?
On Apr 18, 2010, at 5:07 PM, mdipierro wrote: > http://twitter.com/idlecool/status/12408675362 Speaking of viruses in PDFs, I hope that everyone on this list using Acrobat or Adobe Reader knows to disable JavaScript. It's of little to no use in PDFs (except for some interactive forms, I think), and it's the principle infection vector. Just say no. -- Subscription settings: http://groups.google.com/group/web2py/subscribe?hl=en
[web2py] Re: GAE, parents, and row objects.
No but there should. Will look into this. If anybody has come concrete proposals, let me know. Massimo On Apr 18, 7:30 pm, Matt wrote: > Hi, > > Quick question when using web2py with GAE. > > I need to assign a model as the parent of another entity. > > How can I retrieve the GAE "model instance" from a web2py query...? > > book = db.book[request.args(0)] > > [The book is returned as a row] > > I'd like to do the following: > > db.review.insert(parent = book, text = 'The book was great) > > Is there an easy way to do this? > > Thanks in advance, > Matt > > -- > Subscription settings:http://groups.google.com/group/web2py/subscribe?hl=en
[web2py] Re: GAE, parents, and row objects.
Thanks Massimo. Matt On Apr 19, 1:53 pm, mdipierro wrote: > No but there should. Will look into this. If anybody has come concrete > proposals, let me know. > > Massimo > > On Apr 18, 7:30 pm, Matt wrote: > > > > > Hi, > > > Quick question when using web2py with GAE. > > > I need to assign a model as the parent of another entity. > > > How can I retrieve the GAE "model instance" from a web2py query...? > > > book = db.book[request.args(0)] > > > [The book is returned as a row] > > > I'd like to do the following: > > > db.review.insert(parent = book, text = 'The book was great) > > > Is there an easy way to do this? > > > Thanks in advance, > > Matt > > > -- > > Subscription settings:http://groups.google.com/group/web2py/subscribe?hl=en
[web2py] Traceback on delete plugin.
Traceback (most recent call last):
File "/home/thadeusb/Applications/web2py/gluon/restricted.py", line
178, in restricted
exec ccode in environment
File
"/home/thadeusb/Applications/web2py/applications/admin/controllers/default.py",
line 1058, in
File "/home/thadeusb/Applications/web2py/gluon/globals.py", line 96,
in
self._caller = lambda f: f()
File
"/home/thadeusb/Applications/web2py/applications/admin/controllers/default.py",
line 778, in plugin
models=filter_plugins(models),
File
"/home/thadeusb/Applications/web2py/applications/admin/controllers/default.py",
line 774, in filter_plugins
regex=re.compile('^plugin_'+plugin+'(/.*|\..*)?$')
TypeError: cannot concatenate 'str' and 'NoneType' objects
--
Thadeus
--
Subscription settings: http://groups.google.com/group/web2py/subscribe?hl=en
[web2py] can I hook my code to db.connect() ?
Hi.
Sometimes I have to execute this line prior to making a query:
oradb.executesql("ALTER SESSION set NLS_DATE_FORMAT = '-MM-DD
HH24:MI:SS';")
That is because Oracle by default uses different date format that causes my
queries to fail.
The problem is that doing that in model is incorrect - this should be
executed just once for each db connection.
Doing that just prior to query is inconvenient and still incorrect - I am
probably reusing same connection.
Can I somehow tell web2py to execute this sql right after calling connect()?
Regards
Alexey
--
Subscription settings: http://groups.google.com/group/web2py/subscribe?hl=en
[web2py] Session id gets re-used
Hi all, In my application, the session id seems to be getting re-used across different sessions. To explain: Login 1: --- print str(session) on user/logout shows the following: , 'last_visit': datetime.datetime(2010, 4, 19, 11, 18, 37, 417024), 'remember': False} >}> Login 2: , 'last_visit': datetime.datetime(2010, 4, 19, 11, 20, 1, 154791), 'remember': False}>}> Now I have set expiration auth.settings.expire=600 . Now someone reviewing security of my application said that having the same session id can allow someone to "hijack" the session. How can I cause a completely different session id for a user after every new login? Sorry my knowledge of this is quite limited. Would appreciate any insights here. Thanks, Aditya -- Subscription settings: http://groups.google.com/group/web2py/subscribe?hl=en
[web2py] Re: Session id gets re-used
Update: This seems to work in user(): if request.args(0) == 'login': session.clear() Am I doing something wrong or unnecessary? On Apr 19, 10:57 am, Adi wrote: > Hi all, > > In my application, the session id seems to be getting re-used across > different sessions. > > To explain: > > Login 1: > --- > print str(session) on user/logout shows the following: > > bcba-25bc46eac3ce', '_formkey[login]': '2af20030-f787-4623-851d- > e823988a4df2', '_formkey[client_create]': 'd4f4a845-f6e1-403a-9e11- > b92d2da1b023', '_formkey[job_create]': > 'c3325e1c-3f1d-409d-875b-240a8026f168', 'flash': None, 'auth': > 'registration_key': '', 'incorrect_login_count': 0, 'email': > 'aditya.sa...@gmail.com', 'reset_password_key': '', > 'last_password_change': datetime.datetime(2010, 4, 1, 15, 16, 13), > 'password': > '9db266ab73d140f31b9ba732110c956673c5c9de84918842fd5f3759206508ea437fd7ad90 > 242cf185b52b0f0bc53593b408b729b735f2bb8305963de8386c93', > 'account_locked': False, 'id': 1}>, 'last_visit': > datetime.datetime(2010, 4, 19, 11, 18, 37, 417024), 'remember': False} > > >}> > > Login 2: > > bcba-25bc46eac3ce', '_formkey[login]': '9e0813ad-41f5-4c1d-8634- > b6aa6dd6faf2', '_formkey[client_create]': 'd4f4a845-f6e1-403a-9e11- > b92d2da1b023', '_formkey[job_create]': '1424bef4-2a3e-43d2-8a6f- > be6d91098e88', 'flash': None, 'auth': 'user': '9db266ab73d140f31b9ba732110c956673c5c9de84918842fd5f3759206508ea437fd7ad90 > 242cf185b52b0f0bc53593b408b729b735f2bb8305963de8386c93', > 'incorrect_login_count': 0, 'id': 1, 'reset_password_key': '', > 'last_password_change': datetime.datetime(2010, 4, 1, 15, 16, 13), > 'registration_key': '', 'account_locked': False, 'email': > 'aditya.sa...@gmail.com'}>, 'last_visit': datetime.datetime(2010, 4, > 19, 11, 20, 1, 154791), 'remember': False}>}> > > Now I have set expiration auth.settings.expire=600 . Now someone > reviewing security of my application said that having the same session > id can allow someone to "hijack" the session. How can I cause a > completely different session id for a user after every new login? > > Sorry my knowledge of this is quite limited. Would appreciate any > insights here. > > Thanks, > Aditya > > -- > Subscription settings:http://groups.google.com/group/web2py/subscribe?hl=en
