[web2py] Re: cibersecurity audit issue about login

Hello António. Bruteforce in login is a common weakness that can be easy to solve. The most effective solution is implementing a CAPTCHA, in web2py I use google recaptcha because the implementation is easy and stops all the automations. In py4web I'm still unable to implement it in the login

Re: [web2py] Re: web2py 2.26.1 released

In my opinion Web2py is really comfortable but I strongly recommend to move to py4web. The scheduler in web2py is replaced with celery which is more powerful and py4web framework is really fast, light and is easy to code like in web2py. I’ve moved all my apps from web2py to py4web and I can’t

Re: [web2py] Re: uwsgi with web2py hard crash/locking with nginx

While I can't provide a specific solution, it might be a better approach to keep resource-intensive tasks separate from web2py, using a tool like Celery. This way, these tasks can run in the background without impacting the web server. This is a small docx about how to put it together:

[web2py] web2py with rocket server + nginx ?

Hello! I'm wondering if it is a good idea to use web2py with rocket server in combination with nginx as a reverse proxy like in py4web. I need to run py4web and web2py on the same server and using nginx without uwsgi for web2py would be easier for me. Cheers. Chris. -- Resources: -

Re: [web2py] web2py 2.23.0 released

Thanks you Massimo! Cheers! El El mar, 27 de dic. de 2022 a la(s) 04:26, Massimo Di Pierro < massimo.dipie...@gmail.com> escribió: > Hello Everybody, > > My apologies for not being as engaged in this group as I used to be. > > web2py 2.23.0 was released. > > It includes: > - DKIM support to

Re: [web2py] Re: Issue password in plain text before sending when login in the website via HTTPS

rity officer keeps complaining about that wo I need change some >> settings in web2py or do you have an idea how I can sort it out ? >> >> Kind regards >> >> Am Di., 22. Nov. 2022 um 02:23 Uhr schrieb Christian Varas < >> chriii...@gmail.com>: >>

Re: [web2py] Re: Issue password in plain text before sending when login in the website via HTTPS

Hi, It's OK, it's the way it works, If you put s local proxy like burp and then you go and capture traffic, it is ok that you can see clear text data because burp proxy puts their own certificate between client and backend, because of that burp proxy can decrypt and show you clear text data. If

[web2py] Google Recaptcha v3 in forms

Hi!, is there an implementation for google recaptcha v3 in web2py? If it exists, can someone point me in the right direction to add it? Cheers. Chris. -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) -

Re: [web2py] owasp anyone ?

Hi, well i can say based in my experience developing in web2py: "Cross Site Scripting (XSS): - XSS doesn't affect components in web2py (forms, grid, and returned data in view). XSS are effective here only when you use the data supplied by the user in a insecure way like: -

Re: [web2py] Web2py and database integration

Could you share your db.py ? Maybe there are declared 2 connections to db and one might be overwriting the one who connects to postgresql. Cheers. Chris. El El vie, 14 de may. de 2021 a la(s) 15:22, F.C. escribió: > I need some help. I have started web2py development with a passion to >

Re: [web2py] Re: Push Notifications

Hi! I need to implement this and receive the notifications in the phone android/iOS. For this do I need to make my own app? Or do you use an app who can subscribe to push notifications in pusher.com ? This is off topic but any recommendation is appreciated Cheers. Chris El El vie, 20 de nov. de

Re: [web2py] Dashboard library for Web2py performance/recommendation python vs. js

I would recommend to use a client side chart (JavaScript) because is less load to the server. The one that I use often is ChartJS is easy to configure and really nice looking. For a dashboard I use this 2 templates: Paper dashboard and AdminLTE. Cheers. Chris. El El mar, 17 de nov. de 2020 a

Re: [web2py] web2py docker container

Thanks! Is really useful :) El El lun, 21 de sep. de 2020 a la(s) 13:43, cabildocl escribió: > Hello, I share with you the web2py docker container. include web2py, > python3, nginx and gunicorn. > > > https://hub.docker.com/r/cabildocl/web2py > > > > > > > > -- > > > Resources: > > > -

Re: [web2py] Re: WAF2PY 1.0

pie...@gmail.com>) escribió: > Fantastic! we need to port this to py4web. ;-) > > > On Monday, 3 August 2020 15:53:22 UTC-7, Christian Varas wrote: >> >> Thank you. >> >> I just tested on Debian 10, but it should work for any other OS as long >> the de

Re: [web2py] Re: WAF2PY 1.0

, mostwanted escribió: > Complements Chris, this is really impressive work. I see you have tested > on debian is it platform specific or will it run on any OS? > > On Monday, August 3, 2020 at 8:25:23 AM UTC+2, Christian Varas wrote: >> >> Hello all. >> I'm glad to announ

[web2py] WAF2PY 1.0

Hello all. I'm glad to announce WAF2PY 1.0  *What is this?* WAF2PY is a Web Application Firewall using NGINX and ModSecurity. WAF2PY provides a nice and easy to use web interface *powered by* *WEB2PY* that controls modsecurity and nginx configuration in an easy way, allowing you to configure

Re: [web2py] how do i escape some characters when saving to db

You welcome, just keep in mind when you decode a value with XML() it might be interpreted as HTML, and may lead to Cross Site Scripting (XSS) attacks. If an user craft an input like

Re: [web2py] how do i escape some characters when saving to db

Maybe you can try something like: db.something.insert(str(XML(request.vars.somevalue, sanitize=True))) I use this method to escape everything and convert all to string Then in the view to see the values not encoded use: {{=XML(value)}} Maybe helps Cheers. El El dom, 12 de jul. de 2020 a

Re: [web2py] Security Issue??????

Hi, There is not much to worry about, they are just best practices, informational or low issues. Except by CSRF but web2py already handle this - X-Frame-Options Header Not Set (15) Prevent that your site is used under an iframe on another site. Depends of the usage of the app -

Re: [web2py] CON Abandoned framework with (almost) no community

In my opinion the comparative is just crap :) Cheers. El El dom, 17 de may. de 2020 a la(s) 17:10, António Ramos < ramstei...@gmail.com> escribió: > How is that possible ? > https://www.slant.co/versus/1397/1746/~web2py_vs_django > I´m here and many others are here... > Who is trying to make us

Re: [web2py] Re: How to customize "Invalid function/someview" ?

Thanks for the help! Now I have a custom 40x error pages :) Cheers. Chris. El jue., 30 abr. 2020 a las 5:13, 'Annet' via web2py-users (< web2py@googlegroups.com>) escribió: > I think routes_onerror = [] in routes.py is whar you're > looking for: > > routes_onerror = [ >,(r'*/404',

Re: [web2py] Pack a big app

Hi, To transfer big apps, I do the following: Go to "applications" folder in web2py of serverv1, then zip your app, then move it through SSH or other method to the new server, and place it in the "applications" folder of web2py of server 2. Reload routes in web2py admin app. I haven't

Re: [web2py] Android and ios aops

Hi, i did this in android some years ago, you can run web2py using SL4A and installing the python package, then you have to move the web2py folder into the SL4A folder and run the web2py with no GUI. Other option could be Termux, is more easy, you can install packages with like “apt install

Re: [web2py] Which 4 or 2?

Hi, I think is better to start with *web2py*, is easy to learn and I believe that fit better to your site, py4web is really good and more faster, but in web2py you have more tools to do things. The transition after from web2py to py4web is not difficult. Cheers. Chris. El vie., 17 abr. 2020 a

Re: [web2py] Re: many users logged in, at the same time.

You can try: Apache benchmark Load impact (free account) Blazemeter (free account) Cheers. El El jue, 9 de abr. de 2020 a la(s) 17:44, Dave S escribió: > > > On Thursday, April 9, 2020 at 4:10:21 AM UTC-7, Wep2buy wrote: >> >> Hi every body: >> >> how can i test an app (like chat) from my

Re: [web2py] web2py 2.19.1 is OUT

Thanks!  El El sáb, 21 de mar. de 2020 a la(s) 18:52, Massimo Di Pierro < massimo.dipie...@gmail.com> escribió: > Sorry it took so long. > > Web2py 2.19.1 is finally out. > > It contains many small bug fixes including better support for python 3.6, > 3.7, and 3.8 > >

Re: [web2py] Re: Py4Web "tags" should be SCOPES

About the signed URLs, is already implemented on this pull request https://github.com/web2py/py4web/pull/114 I haven’t tried yet. Cheers. El El mié, 26 de feb. de 2020 a la(s) 13:33, villas escribió: > Hi Kevin > > JWT seems to have everything we might need, although I am not > knowledgable

Re: [web2py] Re: LOAD in py4web

I think it can be usefull if you use another template not based in vue. Cheers. El El lun, 24 de feb. de 2020 a la(s) 03:31, Massimo Di Pierro < massimo.dipie...@gmail.com> escribió: > We can add it in utils. But before we do. Do other peopl find it useful? > Is that a pattern we should

Re: [web2py] py4web issue on get requests

Hi Torrini, I don’t know what is causing the error but you can use a local proxy like burp suite to catch your client request and see what’s wrong with that request. If is malformed you can see with with this. Cheers. El El sáb, 22 de feb. de 2020 a la(s) 01:38, Edoardo Torrini <

Re: [web2py] list index out of range when removing some fields in SQLFORM.grid & clicking the remaining button

i’m quite sure that exist a switch like “searchable=False” to disable the search field. Usually I get this error when the attribute on sqlform that I’m trying to modified does not exist, maybe check the correct Index of the list. Cheers. El El sáb, 15 de feb. de 2020 a la(s) 17:13, mostwanted <

Re: [web2py] webp2y XML helper sanitize line breaks under python3.6

under python 3.6 is the problem. >> Do you have an idea for a work around except of eliminating all line >> breaks, cause I can't do this? >> >> Best regards >> Clemens >> >> >> On Wednesday, February 12, 2020 at 4:42:53 PM UTC+1, Christian Varas >

Re: [web2py] webp2y XML helper sanitize line breaks under python3.6

tr(string) >> pattern = re.compile('|'.join([re.escape(k) for k in >> list(replacement_dict.keys())]), re.M) >> return pattern.sub(lambda x: replacement_dict[x.group(0)], string) >> > > And this solution worked very well with python 2.7, having even line &g

Re: [web2py] webp2y XML helper sanitize line breaks under python3.6

I had an issue with line breaks too, I remove lie breaks like this with python 3.7 some_string = some_string.replace(“\n”, ””).replace(“\r”, ””) XML(some_string, sanitize=True) Cheers Chris El El mié, 12 de feb. de 2020 a la(s) 04:37, Clemens < clemens.odend...@claret-clover.de> escribió: >

Re: [web2py] Raspberry pi cannot connect to postgreSQL

Hi, looks like the problem is the password... The error says: FATAL: password authentication failed for user "posgres Doble check the password for the user, try to connect manually to pg to ensure you have the correct password. If password is ok, maybe is a bug or something else, I think I saw

Re: [web2py] py4web in Google App Engine route app

Hi I haven’t tried GAE but maybe is the controller. Are you using the decorator ’action()’ to expose the function ?. Ex: @action('some_name') def some_function(): return locals() Then you acces like http://IP/your_app/some_name Cheers. Chris. El El mar, 4 de feb. de 2020 a la(s) 15:46,

Re: [web2py] Re: Web2py or py4web for a brand new project

use Python3. > > -Jim > > > On Thu, Jan 23, 2020 at 6:44 AM Christian Varas > wrote: > >> Thanks for all that you share guys. >> >> I would like to ask for a recommendation. >> >> I have a web interface made with web2py, this interface manage

Re: [web2py] Re: Web2py or py4web for a brand new project

Thanks for all that you share guys. I would like to ask for a recommendation. I have a web interface made with web2py, this interface manage a web application firewall (nginx and modsecurity). It does commands and file modifications in the system to manage properly the WAF, the database is

Re: [web2py] Re: post file to a server

Hi, I have an app that use CKeditor who send images to the server and the function who catch this file is more or less like this: Server TWO def ImgUpload(): a = stuffs.Stuffs() #Custom library name = a.password(20) rand_name = a.password(20) #path where the files will be saved

Re: [web2py] Re: web2py on Raspbian and Python 2 or 3?

I run web2py in a raspberry with Apache or nginx. Then the auto start is automatically. Cheers. El jue., 22 de ago. de 2019 04:02, lucas escribió: > sorry for the long delay on this post. I've been theme parking with the > kids all summer. > > ok, I've got rocket running on the pi with

Re: [web2py] Re: How to add vertical Scroll bar to the table in SQLGORM.grid

+1, datatables is your friend Cheers El lun., 5 de ago. de 2019 22:27, Jim S escribió: > I'd look at implementing datatables.net to do that. > > https://datatables.net/ > > -Jim > > On Saturday, August 3, 2019 at 9:22:26 PM UTC-5, Ryan wrote: >> >> Hi all, instead of having multiple page of

Re: [web2py] Como retornar apenas um item apartir de uma busca no campo usando web2py

Hi, why doesn't work good with first() ? if you do: db(db.table.xx==request.vars.xx).select().first() it will return just the first record, if it doesn't is because the record does not exist. other way to do this is with limitby: db().select(db.person.ALL, limitby=(0, 2)):

Re: [web2py] Re: Anthony was right... web3py has a big naming conflict

WebThreePy? Web4Py ? Cheers. El lun., 22 de jul. de 2019 16:29, John Bannister escribió: > Why not something as simple as py3web > > > > *From:* web2py@googlegroups.com [mailto:web2py@googlegroups.com] *On > Behalf Of *Leonel Câmara > *Sent:* 22 July 2019 16:26 > *To:* web2py-users >

Re: [web2py] How to try - exception - finally os.path.join

What about try: file_location = os.path.join(request.folder, 'views','plot') except Exception as error: print (error) El lun., 1 de jul. de 2019 23:47, Quang Lam escribió: > Hi All, i try to do the try - exception - finally for os.path.join how > somehow it does not catch the

Re: [web2py] Generating graph with chartjs

Sorry the delay, the second chart is a radar chart Cheers. Chris. El mar., 11 de jun. de 2019 18:25, Dave S escribió: > > > On Sunday, June 9, 2019 at 3:06:01 PM UTC-7, Christian Varas wrote: >> >> II have this site www.climbersoul.cl using AdminLTE, and I with grap

Re: [web2py] Re: I can not import module in app

I'm facing the same issue, did you already found the solution? Btw, I'm running web2py in my android phone, maybe for me is quite different... Cheers. Chris. El jue., 23 de may. de 2019 07:03, Константин Комков escribió: > Maybe it info can help? > Error snapshot [image: help] >

Re: [web2py] More then one buttons on form

Hi, well what I do to change some attributes in the forms is modifiying the form before to be returned/rendered: You can access to the elements in the form like a list Ex: form = SQLFORM.factory(Field('hoho'), Field('haha') )

[web2py] Validate image with IS_IMAGE()

Hello guys, I'm trying to validate and save and image from FieldStorage() of ckeditor (not from the web2py slices) i'm using the validor IS_IMAGE() like this IS_IMAGE()(request.vars['upload'].value) I'm getting the following "invalid image" message.

[web2py] Improve the images load

Hi, I would like to ask for recommendations to serve images with web2py. I have a site (*https://climbersoul.cl *), this site is a kind of Wikipedia for spots climbing in Chile. This site will have a lot of images, and I would like to know how to optimize the load of the

Re: [web2py] Displaying Uploaded PDF Documents

Your model says: db.define_table('*pdfs')* And you controller points to another table (db.*pdfDocs)* Your controller should be *CONTROLLER CODE* def viewer(): row = db(db.*pdfs*.id ==request.args(0)).select(db.*pdfs*.fileS).first()

Re: [web2py] SQLFORM with specific record

_id == auth.user['id']).select() > or > ROW = db.lugar[auth_user['id']] > > See: > > http://web2py.com/books/default/chapter/29/06/the-database-abstraction-layer#Shortcuts > > *Ben Duncan* > DBA / Chief Software Architect > Mississippi State Supreme Court > Electronic F

[web2py] SQLFORM with specific record

Hello ! I'm trying to get a sqlform that display a specific entry, i've been able to get it work like in the book but just with one condition like this: record = db.rutas(request.args(0)) i need to do something like this: record = db.rutas.id == request.args(0) and db.lugar.user_id ==

[web2py] Different layout.html

Hi everyone! I'm wonder if there is another layout.html to use in web2py? I have adapted the adminlte template ( https://adminlte.io/themes/AdminLTE/index2.html) and but is not adapted at 100% (menu.py is not working and grid doesnt look good, but if you dont mind to add the menu manually on the

Re: [web2py] DAL's fake_migrat and fake_migrate_all and migration problem with auth tables

I never tryed fake migrate before but every time that I move an app to another server first I put the app in the server then I delete everything inside the database folder, then run the app via web browser (this create the structure of the database)? then resotre the db backup and done app +

Re: [web2py] Where does it GO?

It goes to the console where web2py is running or in the error logs of apache or nginx if you are running web2py in one of those. Cheers. Chris. El mié., 12 dic. 2018 11:39 a. m., Ben Duncan escribió: > If you put a "print" statement in you application (controller or view) > where does the

Re: [web2py] Re: upload a photo to your site by >

As Stifan says, please show us the code. If you follow the example in the book, image upload works perfect. About ">" what are you trying to do with this? Cheers. Chris. El vie., 7 dic. 2018 6:59 a. m., 黄祥 escribió: > perhaps you can show the code and the traceback error > ref: >

Re: [web2py] Re: mobile friendly login page

Sorry the image in the previous mails is broken, here is it: https://imgur.com/a/I1SsGlp Cheers Chris. El jue., 25 oct. 2018 a las 10:57, Lovedie JC () escribió: > Works good. > How about app buttons in a single line/row? > Regards > > On Thu, 25 Oct 2018 at 16:22, sandeep patel > wrote: > >>

Re: [web2py] Re: mobile friendly login page

hi, this is my login page, I'm using adminLTE as template, try this example, i might work for you, adminLTE works with boostrap like web2py, so I think that should work. [image: image.png] controller: def user(): return dict(page="Bienvenido", icon="", title="", form=auth()) *this is the

Re: [web2py] Re: Multiples requieres in SQLFORM

Thanks Anthony, Sorry is my fault, i didn't knew how to explain the issue... I ended up like this: Field("Grado", default=grados_roca[2], requires=IS_IN_SET([], multiple=False)), and works perfect, now I have a empty set that I can populate in the view Thank you! ☺ Cheers. Chris. El mar.,

[web2py] Login form and facebook oauth

Hello, I have an app with a facebook login (oauth),I took the example from the documentation and works fine. But I need to enable the login form included in web2py. Does anybody know how to make this 2 login methods works ? or if someone have an example about this? Any help would be very

Re: [web2py] global name 'Recaptcha' is not defined error when my app is run in web2py 2.17.1 (latest)

Use Recaptcha2() I have an app with new web2py and recaptcha2 working like a charm. Cheers. Chris El vie., 31 ago. 2018 9:48 a. m., Rahul escribió: > Hi All, > There seems to be an issue with latest version of web2py 2.17.1. I am > getting an exception like below for my project . However

[web2py] Error processing form with select multiple

Hi everyone!, I'm developing a site which have 3 forms in one page, and one of them have multiples selection fields. I'm facing an error when the form is processed and I have not been able to fix it. Error: * string indices must be integers, not str* *locals* *c* : '' *component_list* :

Re: [web2py] Re: Handling "Invalid function", "Invalid request", "Invalid controller"

Thank you, i will try this. Cheers. Chris. 2018-06-26 21:47 GMT-04:00 黄祥 : > perhaps this link can be used: > http://www.web2pyslices.com/slice/show/1529/custom-error-routing > > best regards, > stifan > > -- > Resources: > - http://web2py.com > - http://web2py.com/book (Documentation) > -

[web2py] Handling "Invalid function", "Invalid request", "Invalid controller"

Hello, I'm trying to redirect those errors to another page. Errors: invalid function (default/bla)invalid requestinvalid controller (bla/index)I've been playing with routes.py but I don't know how to map those errors. it is possible to do this without map all urls in routes.py ? Any help would