hi mr.freeze,
I believe this is not secure
The entire purpose of storing hashes of password is to protect against
database exploitation.
If some part of your db is publicly revealed, it doesn't mean that
passwords are revealed (because hash functions are "one way
functions").
In your proposi
Thanks master Massimo !.
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To post to this group, send email to web2py@googlegroups.com
To unsubscribe from this group, send email to
web2py+unsubsc
The DAL generates update code for table fields like this.
ALTER TABLE auth_permission ADD group_id__tmp INT, ADD
CONSTRAINT ... ;
The ', ADD' generates a SQL syntax error for SQLServer (at least for
version 2005) this syntax should be
ALTER TABLE auth_permission ADD group_id__tmp INT; A
You can
return response.stream(filelikeobject,chunk_size=64*1024)
On Sep 30, 11:50 pm, encompass wrote:
> I am creating a file (pdf actually) that is being generating in
> memory.
> I could save it and then grab it, but we all know there has to be a
> better way. How do I make a file like obje
Thank you. Could you please email this to me?
On Oct 1, 7:48 am, Nico de Groot wrote:
> The DAL generates update code for table fields like this.
>
> ALTER TABLE auth_permission ADD group_id__tmp INT, ADD
> CONSTRAINT ... ;
>
> The ', ADD' generates a SQL syntax error for SQLServer (at least
And how do you protect the password when creating the initial server
side password hash?
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To post to this group, send email to web2py@googlegroups
Hi Annet,
you could use the string replace function (if month IS a string):
{{=month.replace('_',' ')}}
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To post to this group, send email to web
Whats the benefit of using headers for inter-component communication
why not pass a json object in with the response?
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To post to this group, send e
-"In your proposition here, it seems to me you will allow anyone with
access to the hashed password to authenticate correctly: the password
hash becomes the password which you are now storing in cleartext in
the database. "
This is not the case. The string used to authenticate is a
combination o
As I stated, this and password changes are the weak point. It is not
a replacement for SSL, just a compromise when not available.
On Oct 1, 9:03 am, DenesL wrote:
> And how do you protect the password when creating the initial server
> side password hash?
--~--~-~--~~~--
By the way, the initial password is hashed on the client.
On Oct 1, 9:03 am, DenesL wrote:
> And how do you protect the password when creating the initial server
> side password hash?
--~--~-~--~~~---~--~~
You received this message because you are subscribed to th
Thanks guys for the help...
Doesn't know another options to offering reselling? I want my own web
page (and deploy a web2py application, but I'd like to offer to my
customers web2py apps in your sites too.
Regards.
--~--~-~--~~~---~--~~
You received this message
Hello
A long time ago I read something about putting javascript in one specific
page instead putting it in every page again. But why is this better? Because
if takes less size. Maybe there are also other good things about it but that
was the first one I thought about. However, do you think this is
Hi,
I have a problem and i will try to explain it here :
In my aplication I configurated Apache with WSGI so that when someone
redirects to my ip, apache redirects it to the web2py. Then I use a
Flex aplication with the web2py, calling remote method's with remote
objects, but flex has a securit
Guys:
Thadeus talks abut the reselling plans in Dreamhost, but I have to
implement my own control panel. Is it easy to deploy a control panel
for my clients? Really in some things I'm newbie.
Regards.
--~--~-~--~~~---~--~~
You received this message because you
So you are going to start a small web2py hosting company? Can you please
give me some more information? Because I think I also need web2py hosting
but I don't need all the heavy stuff like 200GB bandwidth, 1MB space
etc.
Thanks
2009/10/1 pepe_eloy
>
> Thanks guys for the help...
>
> Doesn't
One rarely needs to return metadata (js/flash) with response and with
the proposed mechanism one would not need any special API to create a
plugin. If using json the response would have to be encoded in json
and this would require new api.
On Oct 1, 9:25 am, AndrewLoot wrote:
> Whats the benef
It is a tradeoff. If you have a lot of JS code that does not change
over time you want it in a separate file so that it gets cached and
not requested all the time. If you have very small JS than it is
better to embed it in the page so that you save from checking with the
server if the file has bee
I think you need a route. Something like:
routes_in = (('.*:/crossdomain.xml', '/yourapp/static/
crossdomain.xml'),)
routes_out= ()
On Oct 1, 9:19 am, Felipe wrote:
> Hi,
>
> I have a problem and i will try to explain it here :
>
> In my aplication I configurated Apache with WSGI so that when
Thanks, so if I'm going to build something like MySpace in web2py (just as
example) it would be better to put it into one file? And does web2py support
this or would take that a lot of tweaking?
2009/10/1 mdipierro
>
> It is a tradeoff. If you have a lot of JS code that does not change
> over ti
Maybe I did not understand the word API but that means you need to rebuild
everything? Or do you mean a new json API?
Sorry :$.
2009/10/1 mdipierro
>
> One rarely needs to return metadata (js/flash) with response and with
> the proposed mechanism one would not need any special API to create a
>
Looks pretty good but the problem is you need to write a book again if you
implement this in to web2py :p.
2009/10/1 AndrewLoot
>
> Whats the benefit of using headers for inter-component communication
> why not pass a json object in with the response?
> >
>
--~--~-~--~~~
Well, the idea is build my own site using web2py and offering hosting,
but if any customer wants an application I can offer it using Web2py
Regards
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"web2py-users" group
Hi,
I was wondering if there is a backup source code method built in to
web2py or if someone has built a py script to backup all applications
including the routes.py and app.yaml file to a timestamped tar or
zipped folder. If so would you mind posting the script?
Basically I want to back up my
Aha! I'm glad you said this.
I tried out your tests above, and they did indeed work.
The difference between those and my function in the initial post that
did not work is that test1 returns a string directly, and the test
index() above returns a dictionary, like in the auth tutorial:
@auth.requi
I've got a friend that's letting me try out web2py on his unlimited
host so I can compare to the GAE. However, I'm just not clear on how
to get this setup.
He's using midphase and I have cPanel and FTP access to the site.
I've uploaded the contents of my web2py folder into the Public_html/
myfol
Massimo,
after rev.1244 the spanish translation file is supposedly included but
it is not there.
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To post to this group, send email to web2py@goog
That is not the problem but now I understand the problem
Consider this:
def test1(): return dict(vars=BEAUTIFY(request.vars))
@auth.requires_login()
def test2(): return dict(vars=BEAUTIFY(request.vars))
@auth.requires_login()
def test3():
response.flash = str(request.vars)
return dict(f
when done let us know and we'll list it on the support page.
On Oct 1, 10:06 am, pepe_eloy wrote:
> Well, the idea is build my own site using web2py and offering hosting,
> but if any customer wants an application I can offer it using Web2py
>
> Regards
--~--~-~--~~~-
I just mean that if we want plugin components to return JSON instead
of using the proposed mechanism, than people programming plugins would
not be able to return a dict() and have it rendered by a view as they
are used to, we would have to create a new programming paradigm and
new functions (API)
If it is done can you please tell me? I am too interested. BTW look at this:
http://www.hipercenter.com/init/hospedagem/web2py. Maybe you can use it.
2009/10/1 mdipierro
>
> when done let us know and we'll list it on the support page.
>
> On Oct 1, 10:06 am, pepe_eloy wrote:
> > Well, the idea
hmm... I will fix it tonight.
On Oct 1, 10:39 am, DenesL wrote:
> Massimo,
> after rev.1244 the spanish translation file is supposedly included but
> it is not there.
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
Wow!
It looks very interesting!. I'll check. I hope this be I need.
Regards
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To post to this group, send email to web2py@googlegroups.com
To uns
I think the proposed system is minimally disruptive, programmers do
not need to know anything about AJAX/JSON
That sounds very good. I watched the video and it looks very good!
2009/10/1 mdipierro
>
> I just mean that if we want plugin components to return JSON instead
> of using the proposed m
Ahh, ok! Makes sense now.
I think I misunderstood the tutorial, and thought that you have to add
form=auth() to the return dict of every function that's auth-
protected, not just to user().
Thanks again for your help! It works now.
Quick question, though, about the vars being dropped -- what if
What OS plattform you using?
On Oct 1, 8:16 am, Web2py-SuperFan wrote:
> Hi,
>
> I was wondering if there is a backup source code method built in to
> web2py or if someone has built a py script to backup all applications
> including the routes.py and app.yaml file to a timestamped tar or
> zippe
(FYI for everyone):
you can also email the group posting (with an attachment, e.g. a patch) by
mailing to:
web2py@googlegroups.com
with a subject line matching the thread topic.
On Thu, Oct 1, 2009 at 8:33 AM, mdipierro wrote:
>
> Thank you. Could you please email this to me?
>
> On Oct 1, 7:
On Oct 1, 11:04 am, Dmitri Zagidulin wrote:
> Ahh, ok! Makes sense now.
> I think I misunderstood the tutorial, and thought that you have to add
> form=auth() to the return dict of every function that's auth-
> protected, not just to user().
>
> Thanks again for your help! It works now.
>
> Qui
thats the performance aspect; there's also the robustness / maintenance
aspect --- if you copy js into (say) 40 files, and you enhance, or fix a
small bug it is a nightmare - don't copy/paste code (in general) unless
there is some compelling reason.
On Thu, Oct 1, 2009 at 10:02 AM, Pynthon Py
Ok! Thanks.
If I run up against this limitation, I'll send in a patch.
On Thu, Oct 1, 2009 at 12:16 PM, mdipierro wrote:
>
>
>
> On Oct 1, 11:04 am, Dmitri Zagidulin wrote:
>> Ahh, ok! Makes sense now.
>> I think I misunderstood the tutorial, and thought that you have to add
>> form=auth() to t
Argh!
[1] - just learn / get used to using a version control system locally (e.g.
mercurial, bazaar, git);
[2] - learn to make backups with that version control system (e.g. how
Massimo pushes his changes out to launchpad, for example, you can do the
same to push to another repository - on another
I generally like the concept, but am uncomfortable with the structure (or
lack of) of the plugin.
For example - plugin_comment I would prefer to see as in a directory - so
that distribution and installation would be simpler (as well as coding).
The naming convention (while good, quick for proof o
I have thought about that but:
- having a plugin folder means web2py would have to look for models in
multiple places. It could me mimicked in admin (the developers should
not see the plugin_* files under the [design] page but user a reparate
plugin page where model/views/controllers/etc are organ
On Thu, Oct 1, 2009 at 12:07 PM, mdipierro wrote:
>
> I have thought about that but:
> - having a plugin folder means web2py would have to look for models in
> multiple places. It could me mimicked in admin (the developers should
> not see the plugin_* files under the [design] page but user a rep
Anyway, this is interesting enough, I would like to see you set it out as
"experimental" - after I finish (my already far too late) registration work
for PyCon, this is interesting enough to me, I will make branches, try
things out. If I find something that really is compelling, I will suggest a
pa
I am not clear about your suggestion.
Under the current proposal the only required change is in
web2py_ajax.html and that is in trunk. The change to admin interface
is optional and can be done after some plugins are developed.
I am happy to consider your proposal but I would like to see a
docume
I think this is awesome and it was missing from web2py.
The only thing I found strange, is that you have to place the files
inside your application in multiple places. How about creating a
plugin directory (see Rails "vendor/plugins") where you could just
place the whole plugin structure there (l
Logically, I think the plugin should be organized as sub-folders (in
admin)
Physically, I am not convinced. The current mechanism only requires a
convention. If plugins where physically in a subfolder then web2py
would need major modifications to handle dispatching, bytecode
compiled applications
Could you write a description of how a URL should be dispatched to a
plugin if the plugin was in a subfolder?
Massimo
On Oct 1, 12:42 pm, Jon Romero wrote:
> I think this is awesome and it was missing from web2py.
>
> The only thing I found strange, is that you have to place the files
> inside
[3] Is exactly the reason why I was asking :)
I don't know if rsync exists in the windows world, and if it does, I'd
suggest using it, for backup purposes, IMO can't be beaten, rsync will
(optionally) update only what was changed in the code so the bandwith
used (if you copy say, from server to s
Moreover some plugins may need to override normal web2py files, like
layout.html, base.css, web2py_ajax.html, generic.*. etc.
This cannot be done if the plugin is physically contained in a
subfolder.
Massimo
On Oct 1, 12:42 pm, Jon Romero wrote:
> I think this is awesome and it was missing from
http://www.itefix.no/i2/node/10650
On Oct 1, 12:58 pm, Julio wrote:
> [3] Is exactly the reason why I was asking :)
>
> I don't know if rsync exists in the windows world, and if it does, I'd
> suggest using it, for backup purposes, IMO can't be beaten, rsync will
> (optionally) update only what
mercurial (or git) is a better option than rsync for many reasons (and
both are really efficient) than rsync. Rsync is more general -
executables are available for PCs (I used it a lot in corp world;)
On 10/1/09, Julio wrote:
>
> [3] Is exactly the reason why I was asking :)
>
> I don't know if
As I said some weeks ago, a similar plugin system could be a real big
step in the right direction. Next, a site like drupalmodules.com...
On Sep 30, 9:09 pm, Massimo Di Pierro wrote:
> Here is a video explaining the proposal
>
> http://vimeo.com/6836681
>
> Attached is
Yeah, I'm a bit old-fashioned. Hard to teach an old dog new tricks.
I'm on vista and looks like the Rsync for Windows link posted above
does not support vista.
I prefer to have a zip/tar of it all on to a sdcard and then I can
look at the date to get at what I wanted if i need to revert
I'm a V
thinking aloud...
It seems to me that a plugin is not necessarily a self contained
object and it does not have less rights than an application.
Any subset of an application can be a plugin. An entire application
can be a plugin of another application. A plugin of one app should be
installable so
Massimo showed one link to an rsync for win; if you google, you will
find several more - but you will also find posts about how "all" the
win rsyncs hang on large files
I used cygwin rsync on huge syncs (where other things failed). People
think cygwin is a pain to install - its not; it can get
exactly what I have in mind!
On Oct 1, 1:34 pm, Peterle wrote:
> As I said some weeks ago, a similar plugin system could be a real big
> step in the right direction. Next, a site like drupalmodules.com...
>
>
> On Sep 30, 9:09 pm, Massimo Di Pierro wrote:
>
> > Here is a vi
Massimo -
For the purpose of this kind of discussion, it is useful to talk about
"components" (plugin is sort of a concept about how you use / deploy
components).
So in general, a solution (application) is made of components. To be
reusable (where possible, desireable) components must be
encaps
logically, a component should be able to be used without any changes
to your app code, other than the interface (calls).
How that is accomplished (directories or not) has more to do with
maintenance and deployment (and upgrade) considerations. If there
turn out to be practical show stoppers ther
Work's fine !
Thanks Massimo.
-- Leandro.
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To post to this group, send email to web2py@googlegroups.com
To unsubscribe from this group, send email
I normally used the following terms (although this ca be changed):
- a plugin is a part of an application that can reused across
applications.
- a component is something you can embed in a view and talks with the
app via ajax.
A plugin can define 0 components (like a layout plugin) or 1 or more
On 1 oct, 00:47, mdipierro wrote:
> OK. check trunk.
>
> On Sep 30, 10:33 pm, mdipierro wrote:
>
Thanks
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To post to this group, send email to w
What you are doing is fine-tuning the performance of your app before you're
written it. Do the cleanest design you can to get the functionality you
want. If there are performance problems, THEN start to tweak and optimize
the code. Premature optimization is the root of all evil. Well, the root
Hi ed,
you can do:
if form.accepts(...):
if request.vars.toyrhttp://groups.google.com/group/web2py?hl=en
-~--~~~~--~~--~--~---
Claiming one is better than the other is in the eye of the beholder
don't you think? - I think the point here is *what* exactly does
SuperFan needs, from the title of the post I can see he's looking for
a "backup" option, but does he refer to a pure backup solution or a
source control solution?, I
OK, putting on my flame suit...
I don't like it.
I distrust anything that relies on AJAX as the prime mechanism for achieving
modularity of design. To me, AJAX is a useful parlor trick that works on
most, but not all, browsers. It should be used as a cool "look what I can
do" thing that enhance
Patch is attached.
Thanks!
> On Wed, Sep 30, 2009 at 5:51 PM, mdipierro wrote:
>>
>> Yes. If you send me a patch to do this I will take it.
>> Thank you for reporting the issue.
>>
>> On Sep 30, 2:38 pm, Dmitri Zagidulin wrote:
>>> I have a web2py app (running on Ubuntu Linux) that has to connec
Hi there my problem is when i validate my input, i have this code in
the model
db.define_table("Country",
Field("nCountry", "string", default=None, label="Name",
notnull=True, requires=[IS_NOT_EMPTY('Please insert a country name'),
IS_UPPER(), IS_NOT_IN_DB(db,'Country.nCountry','This country
On Wed, Sep 30, 2009 at 16:09, Massimo Di Pierro
wrote:
> Here is a video explaining the proposal
>
> http://vimeo.com/6836681
>
> Attached is a document containing the proposal, the code, and
> requesting help modify admin to do this.
>
> This would make it easy to build a repository of plu
How about using GnuPG?
server would send public key, client encrypts using it and sends
encrypted msg back, server uses private key to get unencrypted
content.
qooxdoo has a crypto package that can be used on the client side
http://qooxdoo.org/contrib/project/crypto
and GnuPG is available for
This:
requires=[IS_NOT_EMPTY('Please insert a country name'),
IS_UPPER(), IS_NOT_IN_DB(db,'Country.nCountry','This country is
already in the database')],
should already do what you asked as long as you do not have already
data in the DB.
You can add one more validator instead
IS_MATCH('[a-zA-Z]
Thanks, that looks like a good solution. I'll check it out.
On Oct 1, 4:33 pm, DenesL wrote:
> How about using GnuPG?
>
> server would send public key, client encrypts using it and sends
> encrypted msg back, server uses private key to get unencrypted
> content.
>
> qooxdoo has a crypto package
this is all good discussion, and interesting - but still
implementation level (e.g. explorative, and all at a very low level).
That is ok, but before we get lost in the details, lets have a look
at some real workflow to develop.
1 - I want a way to guickly create a dummy layout so I can work out
I can see you prefer rsync.
You should use what you are comfortable with and what works for you.
I also see the multiple benefits to limiting when rsyn is used, so I
won't agree with you, but I won't argue against your choice.
On 10/1/09, Julio wrote:
>
> Claiming one is better than the other
There are two kind of web frameworks:
- push: the controller pushes variables to the view and out
- pull: the view calls the functions it needs to render parts of the
page
web2py is push. You are asking to implement pull as well.
I would not be opposed to a helper {{=LOAD(...)}}} that does some
IS_MATCH('[a-zA-Z]+',error_message='Only charaters allowed')
This works but if i want to add spaces, for las name for example: De
La Rosa
How can i do this?
On 1 oct, 16:46, mdipierro wrote:
> This:
>
> requires=[IS_NOT_EMPTY('Please insert a country name'),
> IS_UPPER(), IS_NOT_IN_DB(db,'Coun
On Thu, Oct 1, 2009 at 5:45 PM, Sophie wrote:
>
> IS_MATCH('[a-zA-Z]+',error_message='Only charaters allowed')
>
This reads:
any string of one or more of any combination of upper or lower case
letters...
>
> This works but if i want to add spaces, for las name for example: De
> La Rosa
> How
Joe I don't know where to start... you provide no fundamental support
for your opinion, I would love to hear some specific problems. By the
way what browsers don't support ajax? So according to this idea im
guessing you think Google Maps, Gmail or just about any compelling
application on the web i
For acute what can i do. I see examples for php '/&([aeioun])(acute|
tilde);
i dont find for python
On 1 oct, 19:21, Yarko Tymciurak wrote:
> On Thu, Oct 1, 2009 at 5:45 PM, Sophie wrote:
>
> > IS_MATCH('[a-zA-Z]+',error_message='Only charaters allowed')
>
> This reads:
>
> any string of one or
and it must have
> javascript enabled! So all plugins that we create will need that
> visitor's browser have javascript enabled (some clientes don't have by
> default or by security issues (companies disabled it, for example),
> others DON'T have support for javascript etc.)
in my experience in
Hi Denes,
Thank you very much.
Ed
On Oct 2, 4:26 am, DenesL wrote:
> Hi ed,
>
> you can do:
>
> if form.accepts(...):
> if request.vars.toyr form.errors.toyr='Valid Years: %s - 2000'%request.vars.fromyr
> else:
> # code to handle valid form input here
> if form.errors:
> response.f
you can also offload some of the javascript by loading jquery from
google: http://code.google.com/apis/ajaxlibs/documentation/index.html#jquery
http://encosia.com/2008/12/10/3-reasons-why-you-should-let-google-host-jquery-for-you/
Richard
On Oct 2, 12:51 am, Pynthon Pynthon wrote:
> Hello
>
>
HI,
I have one(master) to many, except the many doesn't exist so
how do you get to the next one( master).
In the days of goto I would go back to read a master until I get a
master that was equal to many
Thanks for any advice,
Jim
--~--~-~--~~~---~--~~
You
there is a new cron in trunk that fixes some issues.
I really need two testers:
- one for linux
- one for windows (both source and binary)
1) make an app a0 and in the controller default.py create a function
def testme(): 1/0
2) make a corontab for a0 that contains
*/1 * * * * root *default/tes
I tested crontab for Linux Gentoo web2py_1_67_2.
message error in console
WARNING:root:WEB2PY CRON Call returned code 1: No error message
available
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
If you remove the 1/0 and add a print "hello" what do you get?
On Oct 1, 10:39 pm, shuval wrote:
> I tested crontab for Linux Gentoo web2py_1_67_2.
> message error in console
> WARNING:root:WEB2PY CRON Call returned code 1: No error message
> available
--~--~-~--~~~--
def testme():
print "Hello"
No messages in console.
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To post to this group, send email to web2py@googlegroups.com
To unsubscribe from this grou
We know it is calling it so it works. It is not supposed to print
anything on success.
For some reason it is not capturing the error message.
It is not a major issue but it would help debugging. Strange, on mac
it shows the error.
Hmmm.
On Oct 1, 11:07 pm, shuval wrote:
> def testme():
> p
Sorry, I do not understand. Is this a quesiton about OUTER JOIN vs
INNER JOIN?
On Oct 1, 10:09 pm, jayvandal wrote:
> HI,
> I have one(master) to many, except the many doesn't exist so
> how do you get to the next one( master).
> In the days of goto I would go back to read a master unt
New version. Another round of bug fixes and feature additions. There
is now a demo appliance that includes all of the examples and a tool
for testing the JQuery class.
http://www.web2pyslices.com/main/slices/take_slice/8
On Sep 26, 5:39 pm, "mr.freeze" wrote:
> After lots of bug fixes, featur
I have just activated an in-house developed, well integrated cart and
information site; built with web2py at http://www.zgus.com. The site
sells customised instrumentation parts for which sourcing information
is important.
I have specially mentioned Web2py in the announcement of the
activation in
92 matches
Mail list logo
