This is bad. You have postgresql <= 8.1. It does not follow the
official SQL convention for string escaping and does not allow
changing it. Your web2py app is vulnerable to serious SQL injections
unless you upgrade to postgresql 8.2 or later.
On Feb 1, 11:58 am, Leandro - ProfessionalIT
wrote:
Massimo,
After update my web2py with the last source version(tar.gz) I'm
receiving this error message:
OperationalError: parameter "standard_conforming_strings" cannot be
changed
Ps: My database is postgreSQL.
--
You received this message because you are subscribed to the Google Group
I think you have an old web2py version.
On Feb 1, 10:37 am, Leandro - ProfessionalIT
wrote:
> Massimo,
>
> > db.define_table('product cost',
> > Field('quote_products_id', db.quote_products, requires=IS_IN_DB
> > (db,
> > 'quote_products.id', lambda row: row.product.description')),
>
> Th
Massimo,
> db.define_table('product cost',
> Field('quote_products_id', db.quote_products, requires=IS_IN_DB
> (db,
> 'quote_products.id', lambda row: row.product.description')),
This field generate a error of string expected.
> Field('quote_products_id', db.quote_products, requi
P.S.
Instead of
compute=lambda row: double(row['human_cost'])*double(row
['external_cost'])
this should work too
compute=lambda row: row['human_cost']*row['external_cost']
not sure, but let us know.
On Jan 29, 9:03 am, mdipierro wrote:
> db.define_table('product cost',
> Field('quo
db.define_table('product cost',
Field('quote_products_id', db.quote_products, requires=IS_IN_DB
(db,
'quote_products.id', lambda row: row.product.description')),
Field('quote_products_id', db.quote_products, requires=IS_IN_DB
(db,
'quote_products.id', 'quote_products.product')),
6 matches
Mail list logo
