Note, SQLFORM was not intended for validating query strings. For that, you might instead want to use a library geared more toward that purpose, such as Cerberus <http://docs.python-cerberus.org/en/stable/index.html>, schema <https://github.com/keleshev/schema>, or Voluptuous <https://github.com/alecthomas/voluptuous>.
Anthony On Thursday, April 26, 2018 at 10:44:11 AM UTC-4, Anthony wrote: > > On Wednesday, April 25, 2018 at 11:01:23 PM UTC-4, Alfonso Serra wrote: >> >> Thanks Anthony. >> >> I think ill submit a patch, Im doing some debugging and i have noted a >> few things: >> Version 2.16.1-stable+timestamp.2017.11.14.05.54.25 >> >> gluon/html.py line 2217 >> kwargs['request_vars'] = kwargs.get( >> 'request_vars', current.request.post_vars) >> >> the validate method assumes post_vars are used. Using request.vars >> instead would save us having to declare the request_vars parameter. >> > > No, we should leave it as is. First, request.vars is a mix of post and get > vars, which may be used simultaneously for different purposes (e.g., a page > with a POST form on it may be at a URL that includes a query string). A > single form, on the other hand, is either POST or GET, so the form > processing code should by default use only the POST or the GET vars. > Second, even if we wanted to change it, that would break backward > compatibility, which we cannot do. > > >> Its actually good we are able to override but the form should be aware >> what variables to test against by default. >> >> gluon/sqlhtml.py line 1904 >> elif field.type == 'integer': >> if value is not None: >> fields[fieldname] = safe_int(value) >> >> sqlform.accepts actually does some kind of type checking but it looks >> that does not affect the acceptation. The lines were executed using >> .factory so maybe they could be used to check the variable types. >> > > I think validation should be left to the validators. In any case, if you > propose any changes, be sure they do not break backward compatibility. > > Anthony > -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
