Hi community,
I'm working with web2py, again. :-)
It took me hours today to realize validate_and_insert(field1=value1,
field3=value3, ...) only works for the fields appears, but not for those
absent. Is this a expected behavior or is it considered a bug?
See example.
# -*- coding: utf-8 -*-
I think this is expected, because the field.requires property exists
to be executed in forms and validate_and_insert() only simulates this
behaviour.
On Thu, Jun 27, 2013 at 7:30 AM, Ray (a.k.a. Iceberg) iceb...@qq.com wrote:
Hi community,
I'm working with web2py, again. :-)
It took me hours
Thanks for trying to help. But sorry I don't understand how your theory can
explain why the 2nd case in my example works and 3rd case didn't.
On Thursday, June 27, 2013 7:45:48 PM UTC+8, viniciusban wrote:
I think this is expected, because the field.requires property exists
to be executed in
On Thursday, June 27, 2013 8:39:23 AM UTC-4, Ray (a.k.a. Iceberg) wrote:
Thanks for trying to help. But sorry I don't understand how your theory
can explain why the 2nd case in my example works and 3rd case didn't.
The second case is equivalent to a form including both fields but the user
On Thursday, June 27, 2013 8:52:14 PM UTC+8, Anthony wrote:
On Thursday, June 27, 2013 8:39:23 AM UTC-4, Ray (a.k.a. Iceberg) wrote:
Thanks for trying to help. But sorry I don't understand how your theory
can explain why the 2nd case in my example works and 3rd case didn't.
The second
That's the security part of using forms: Web2py doesn't count on what
is coming in the request to make a form and validate.
It counts on your field definitions in form creation time. That's why
we have the fields argument in SQLFORM and in SQLFORM.factory.
When no field is explicitly passed, all
That makes sense. Thanks. And then it raises another concern: when in the
normal form situation, is it possible a user forges an http post without
several field, in order to bypass the IS_NOT_EMPTY() or whatever validator?
Is this a security vulnerability?
No, because the forged post
7 matches
Mail list logo