This is *very* dangerous. You are allowing anybody to manipulate your
data on GAE as they please.
Massimo
On Nov 20, 6:56 am, Jonathan Benn <[EMAIL PROTECTED]> wrote:
> I have the same issue with appadmin. Here is my *very* quick & dirty
> solution (use at your own risk!).
>
> There are 3 modifications to make to appadmin.py (in the controllers
> folder):
>
> 1) At the beginning I disable the credentials check:
>
> #try: hosts=(http_host, socket.gethostbyname(remote_addr))
> #except: hosts=(http_host,)
> #if remote_addr not in hosts:
> # raise HTTP(400)
> #if not gluon.fileutils.check_credentials(request):
> # redirect('/admin')
>
> 2) For the index() function I add this as the next line after "_dbs=
> {}":
>
> GQLDB = gluon.contrib.gql.GQLDB
>
> 3) For the select() function replace:
>
> records=db(query).select(limitby=limitby,orderby=orderby)
>
> With this:
>
> records=db(eval(query)).select(limitby=limitby,orderby=orderby)
>
> NOTE: you will not be able to specify special query strings in
> appadmin, but everything else seems to work (including inserting or
> deleting records and listing all records)
>
> I hope that helps,
>
> --Jonathan
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"web2py Web Framework" group.
To post to this group, send email to web2py@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/web2py?hl=en
-~----------~----~----~----~------~----~------~--~---
