Interesting (FYI):
http://threatpost.com/en_us/blogs/mass-sql-injection-attack-hits-sites-running-iis-061010
I have it this far..
users_tags = db((db.user_tags.user_id == auth.user.id))
viewed_users_tags = db((db.user_tags.user_id == request.args[0]))
I think it's the right direction... but how do I find the releation
between those two sets.
another things that might be useful is..
auth_user is my
I coded a widget to use with a Field object.
Because I need some javascript actions i wrote pure html-javascript
code that my widget returns.
It runs, but when I accept the form values are in request.vars, but
not in form.vars.
How can i store values in form.vars without using input widgets
defined
http://effbot.org/zone/element-index.htm
comes with Python
On Jun 11, 9:55 pm, GoldenTiger wrote:
> Hi I want to write a Web2Py app to import all content from my ning
> networks
> I have not experience with xml libraries, so before starting I would
> like asking advice to users who knows about t
Massimo, Thadeus:
I'm need to study this carefully, but it sounds really great! I
already implemented a system months ago as per what I wrote above.
However, it seems like there is more native support, now, so I want to
re-implement. Is this thread the only documentation, or is there
something else
Hi I want to write a Web2Py app to import all content from my ning
networks
I have not experience with xml libraries, so before starting I would
like asking advice to users who knows about this:
-which libraries to use?
-possible or predictable problems?
-any similar experience?
I'll thank any hel
ahh... right, thanks
so you could just leave it as is and just change the documentation.
Or perhaps a "function" really does consist of the "file name +
extension". if you think that is so, then ya gotta change the code.
On Jun 11, 4:23 pm, mdipierro wrote:
> true. Let me give this some thoug
if you are looking to prevent access, you should instead be doing
something like this:
chown -R nobody:nobody *.py
... etc.
On Jun 11, 5:41 pm, Yarko Tymciurak
wrote:
> This would be a security concern: I do not think you want web
> executables / files owned by root. You would then be force
This would be a security concern: I do not think you want web
executables / files owned by root.You would then be forced to open
up accessibility to the files (so that something which _is not root_
can run / read them) --- which would weaken security; OR you would
(???) need to run as root
how about this:
chown -R root:root *.py
chown -R root:root gluon
chown -R root:root scripts
chown -R root:root applications/*/modules/
chown -R root:root applications/*/models/
chown -R root:root applications/*/controllers/
chown -R root:root applications/*/views/
chown -R root:root applications/*
you can use a lambda
On Jun 11, 4:32 pm, Doug Warren wrote:
> Should this be a lambda instead so you could specify your own function
> completely? I used to own an ISP and one of the challenges was
> running the network news server. You'd have > 1M files on a 20 gig
> drive and have to give the
Should this be a lambda instead so you could specify your own function
completely? I used to own an ISP and one of the challenges was
running the network news server. You'd have > 1M files on a 20 gig
drive and have to give them to multiple peers over their lifetime.
One thing that we did for per
if you use server='gae' you should use login=None
Not sure if this is the problem anyway. Do you get any error?
On 11 Giu, 10:12, pecos1046 wrote:
> I use the email verification option for new user registration. It
> works fine in test mode on the google-appengine sdk. However when I
> upload the
lock-web2py.sh is a fantastic idea!
On Jun 10, 4:28 pm, mdipierro wrote:
> perhaps we should a web2py/scripts/lock-web2py.sh
>
> On Jun 10, 3:49 pm, Thadeus Burgess wrote:
>
>
>
> > www-data needs write access to databases/cache/sessions etc. IF a
> > hacker were able to gain access *somehow* an
true. Let me give this some thought.
meanshile you can do
outes_in = (
('/$c/$f\.$ext', '/init/$c/$f.$ext'),
)
or
outes_in = (
('/$c/$anything', '/init/$c/$anything'),
)
On 11 Giu, 14:41, NickFranceschina wrote:
> I know file extensions are optional... but you do have some nice
> funct
I know file extensions are optional... but you do have some nice
functionality in there that allows passing file extensions on to the
view... so if I were to request "app/controller/function.html" I would
get the matching (or generic) .html template... but if I were to
request "app/controller/funct
I use the email verification option for new user registration. It
works fine in test mode on the google-appengine sdk. However when I
upload the application to Google and change the smtp server to "gae"
it is unable to send the verification email. The Google GAE log show
the following warning messa
Field('name','upload',authorize=f)
where
def f(row):
if auth.user and auth.user.id is allowed to download row.id
return True else return False
the authorize function is called automatically (if declared) when
somebody attempts to download an uploaded document.
On 11 Giu, 14:11, weheh wrot
I will take a look tonight.
On 11 Giu, 14:45, Álvaro Justen wrote:
> Hello Alexandre, nice work.
> I did it in past for SQLite and made it integrated to DAL
> I think we can union the implementations and try to get more databases
> working with this code.
>
> The email I sent to Massimo talking a
fixed
On 11 Giu, 14:39, Jose wrote:
> Hello,
>
> The next model is broken by a change in the trunk.
>
> db.define_table('TA',
> Field('f1'),
> Field('f2'),
> format='%(f1)s'
> )
>
> db.define_table('TB',
> Field('f1'),
> Field('f2', db.TA),
> )
>
> controller:
>
> def test():
fixed now.
On 11 Giu, 14:31, "mr.freeze" wrote:
> I get this on an app that worked before (running trunk):
>
> Traceback (most recent call last):
> File "C:\Users\freeze\workspace\web2py\gluon\restricted.py", line
> 178, in restricted
> exec ccode in environment
> File "C:/Users/freeze/wo
@auth.requires_login()
def download():
problem solved.
--
Thadeus
On Fri, Jun 11, 2010 at 2:11 PM, weheh wrote:
> Once assigned, the user_id that my app creates is never changed. I
> would use the auth.user.id field, but I don't like the fact that it's
> sequential and therefore, easily gu
Getting this on an initial setup of web2py trying to load the welcome
application. Not much in the logs...
[Fri Jun 11 12:45:39 2010] [notice] mod_python (pid=3793,
interpreter='example.com'): Importing module '/path/to/
modpythonhandler.py'
[Fri Jun 11 12:45:39 2010] [notice] mod_python (pid=379
Hello,
The next model is broken by a change in the trunk.
db.define_table('TA',
Field('f1'),
Field('f2'),
format='%(f1)s'
)
db.define_table('TB',
Field('f1'),
Field('f2', db.TA),
)
controller:
def test():
form=crud.create(db.TB)
error:
Traceback (most recent call last)
I get this on an app that worked before (running trunk):
Traceback (most recent call last):
File "C:\Users\freeze\workspace\web2py\gluon\restricted.py", line
178, in restricted
exec ccode in environment
File "C:/Users/freeze/workspace/web2py/applications/widgets/
controllers/default.py", l
Once assigned, the user_id that my app creates is never changed. I
would use the auth.user.id field, but I don't like the fact that it's
sequential and therefore, easily guessed. I doubt that uploads can be
hacked easily since you did such a good job with security.
Nevertheless, I prefer to have an
I have a rather interesting situation that came up yesterday.
An OAuth callback is statically set to domain2.com/appname however all
other web2py apps are hosted out of http://web2py.domain1.com/appname
So I have an Apache config like:
DocumentRoot "/home/domain1"
ServerName web
On 11 juin, 01:14, mdipierro wrote:
> The only way to keep a conversation would
> be to store a token in request.args(0) and keep it there in all links.
> Still the conversation is fragile and ends if the user types in a url
> without the token.
An url parameter of a get request with the session
On 11 juin, 09:42, szimszon wrote:
> This conversation thing could be handy for my inventory app... I just
> made use of session but the user starting new conversations to get the
> info to continue the original... after that we can't trust the info in
> session. ... :-o
Yes, it is exactly th
Sure.
Worked.
Installed simplejson with
sudo easy_install simplejson
Then get this traceback
It seems that the version in contrib is importing from simplejson
expecting its local version of the files, but instead it is pulling it
down from the site-packages.
--
Thadeus
On Fri, Jun 11, 20
As mentioned in irc, you're trying to execute the image as a command,
from the python os.system documentation:
os.system(command)
Execute the command (a string) in a subshell. This is implemented
by calling the Standard C function system(), and has the same
limitations. Changes to sys.stdin, e
If I understand the question... you can have two or more forms
form1=crud.create(db.table)
form2=crud.create(db.table_file)
return dict(form1=form1,form2=form2)
as long as the forms are about different tables. Else you have to use
SQLFORM and in accept give the forms different formname(s).
On J
I think you're using an older version. Can you clear your browser
cache and try again. My apache cache rules may not be working
properly.
On Jun 11, 4:32 am, AsmanCom wrote:
> Hi,
>
> it seems that Client Tools wont work anymore on web2py Version 1.79.2:
>
> Traceback (most recent call last):
>
> in controller
> form=crud.create(db.page)
> return dict(form=form)
Is this possible with two tables? I have two tables, page and
page_files, the page is stored in page and all files in page_files as
one page can have many files.
> - you use form.vars.id. That is only created by
I'm working on an application that takes a Turtle Art (.ta) file, runs
it, creates a .png of the result, and displays it in a table. So far I
can create the .png and it's placed in the uploads folder with the
same name as the original .ta file but when i try to run
session.new_image = form.var
if you set migrate=True web2py does the check for you and eventually
creates tables. It can only detect tables if they were created by
web2py itself since it uses metadata for that purpose.
On Jun 11, 7:25 am, mika wrote:
> hi i would like to make my application generate database at startup
> (st
somewhere you have
orderby='table.field'|'table.field'
instead of
orderby=db.table.field|db.table.field
On Jun 11, 7:25 am, szimszon wrote:
> validators.py:
> 376: groupby = self.groupby or reduce(lambda a,b:a|b,self.fields)
>
> Traceback (most recent call last):
> File "/home/szimszon/fejl
This conversation thing could be handy for my inventory app... I just
made use of session but the user starting new conversations to get the
info to continue the original... after that we can't trust the info in
session. ... :-o
On jún. 11, 15:10, pierreth wrote:
> On 11 juin, 01:14, mdipierr
Why not use the web2py way...
in controller
form=crud.create(db.page)
return dict(form=form)
and in view
{{=form}}
You code does not work because:
- request.vars.file contains a cgi.FieldStorage object and you cannot
put that id the database
- the the actual file has to
On 11 juin, 01:14, mdipierro wrote:
> yes but people don't just navigate by submitting forms. they also
> navigate by clicking links. The only way to keep a conversation would
> be to store a token in request.args(0) and keep it there in all links.
> Still the conversation is fragile and ends if t
Hi, Everybody
I was working on one of my application, and I need to create the form
in which user can add fields ( in row of table dynamically) .I did
manage to implement it by javascript and user can delete and add
fields in form dyanmically.
Then my problem comes in my controller how to read thi
validators.py:
376: groupby = self.groupby or reduce(lambda a,b:a|b,self.fields)
Traceback (most recent call last):
File "/home/szimszon/fejlesztes/sajat/web2py/gluon/restricted.py",
line 178, in restricted
exec ccode in environment
File "/home/szimszon/fejlesztes/sajat/web2py/application
hi i would like to make my application generate database at startup
(sth like first run) - i mean generating automatically all needed
relations (hardcoded)..
on startup i would like to check if database was prepared before
How to achieve this? what to do with migration?
i though about such code (
Just got the problem solved !
It is kind of cheating but i works..
here is the code
def dic_lista(lista):
for i in range(len(lista)):
for key in lista[i]:
try:
lista[i][key] = lista[i][key].decode('utf8')
Hi,
it seems that Client Tools wont work anymore on web2py Version 1.79.2:
Traceback (most recent call last):
File "gluon/restricted.py", line 178, in restricted
File "D:/web2py/applications/clienttools/controllers/default.py",
line 265, in
File "gluon/globals.py", line 96, in
File "D:/
Hello,
in my application there is a need for users to add there own pages and
an a page you should be able to upload files (Word, Excel), multiple
files.
So instead of defining "Field('picture','upload',default=''))" in my
page table I made a own table just for the files.
First I didn´t have the
Did some more testing today...i left out the corrections for orderby.
the attached patch includes that bit as well. sorry for the extra file.
i don't think there are any other clauses that you can put ID in, is
that correct?
also, if anyone is using GAE development server with sqlite, key qu
47 matches
Mail list logo
