Are you calling this create form with ?id=##
This confuses web2py. pass the id as args[0] and replace
id=request.vars.id
with
id=request.args[0]
Let me know if this is the problem.
On Feb 10, 8:24 am, Maurice Ling <mauricel...@gmail.com> wrote:
> To add, this problem does not seems to exist in Version 1.51
> (2008-11-19 14:48:02).
>
> Maurice Ling
>
> On Feb 10, 2:57 pm, Maurice Ling <mauricel...@gmail.com> wrote:
>
> > Hi Massimo
>
> > I have a problem here. One of my functions work perfectly in Version
> > 1.47 (2008-10-27 12:36:17) but failed in Version 1.56.2 (2009-02-08
> > 21:49:34) with this error
>
> > Traceback (most recent call last):
> > File "D:\web2py\gluon\restricted.py", line 98, in restricted
> > exec ccode in environment
> > File "D:/web2py/applications/cynote/controllers/cynote.py", line
> > 145, in <module>
> > File "D:\web2py\gluon\globals.py", line 74, in <lambda>
> > self._caller = lambda f: f()
> > File "D:/web2py/applications/cynote/controllers/cynote.py", line 26,
> > in show
> > if comments.accepts(request.vars,session):
> > File "D:\web2py\gluon\sqlhtml.py", line 422, in accepts
> > raise SyntaxError, 'user is tampering with form'
> > SyntaxError: user is tampering with form
>
> > A snipplet of the model is this:
>
> > cynotedb.define_table('entry',
> > SQLField('title'),
> > SQLField('file','upload'),
> > SQLField('filename'),
> > SQLField('keywords',length=256),
> > SQLField('notebook',cynotedb.notebook),
> > SQLField('datetime','datetime',default=now),
> > SQLField('description','text'))
>
> > #the comment table
> > #entry_id link to entry table
> > cynotedb.define_table('comment',
> > SQLField('author'),
> > SQLField('file','upload'),
> > SQLField('filename'),
> > SQLField('body', 'text'),
> > SQLField('datetime','datetime',default=now),
> > SQLField('entry_id',cynotedb.entry))
>
> > The code in question is this:
>
> > def show():
> > # called to show one entry and its linked comments based on
> > # the entry.id
> > # called by TOC in order to provide an entry.id
> > id=request.vars.id
> > entries=cynotedb(cynotedb.entry.id==id).select()
> > # to prevent showing a 'None' (null) entry
> > if not len(entries): redirect(URL(r=request,f='entries'))
> > # form to post new comments
> > comments=SQLFORM(cynotedb.comment,fields=['author','body'])
> > # give entry.id for comment output
> > comments.vars.entry_id = id;
> > # return the comment that is listed with the entry id
> > records=cynotedb(cynotedb.comment.entry_id==id)\
> > .select(orderby=cynotedb.comment.entry_id)
> > # show a flash when comment is posted
> > if comments.accepts(request.vars,session):
> > response.flash = "comment posted"
> > return dict(entry=entries[0],comments=comments,records=records)
>
> > The error seems to lie at
> > if comments.accepts(request.vars,session):
> > response.flash = "comment posted"
>
> > When I comment out these Version 1.56.2 (2009-02-08 21:49:34), the
> > function works but I am not able to add new comments into
> > cynotedb.comment table.
>
> > I think this error seems to be induced by a new version of web2py.
> > My reasons being:
>
> > 1. When I run a older developmental version of my application (cynote)
> > in Version 1.47, it works nicely - Not in Version 1.56.2
>
> > 2. When I copy and pasted the older version into my application in
> > web2py Version 1.56.2 (trying to rule out indentation and invisible
> > characters error), it failed.
>
> > 3. When I copied the entire application directory into web2py Version
> > 1.47, it works fine.
>
> > Hence, the only reason that I cannot rule out is the difference in
> > web2py versions.
>
> > Please advice.
>
> > Thanks
> > Maurice Ling
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"web2py Web Framework" group.
To post to this group, send email to web2py@googlegroups.com
To unsubscribe from this group, send email to
web2py+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/web2py?hl=en
-~----------~----~----~----~------~----~------~--~---
