2.12.1 is out

[Massimo Di Pierro]

Changelog:

- security fix: Validate for open redirect everywhere, not just in login()

- allow to pack invidual apps and selected files as packed exe files

- allow bulk user registration with default bulk_register_enabled=False

- allow unsorted multiword query in grid search

- better MongoDB support with newer pyDAL

- enable <app>/appadmin/manage/auth by default for user admin

- allow mail.settings.server='logging:filename' to log emails to a file

- better caching logic

- fixed order of confirm-password field

- TLS support in ldap

- prettydate can do UTC

- jquery 1.11.3

- bootstrap 3.3.5

- moved to codecov and enabled appveyor

- many bug fixes

I am sure I am missing many important changes. Thanks to Niphlod, Paolo, Giovanni, Leonel, Mark, Tim, Anthony, Cassio, Stephen, and all those who's names I do not know or I do not remember but who are giving so much to web2py.

Thank you!

Massimo

[ermolaev...@gmail.com]

pickled.HIGHPROTOCOL - fixed?

[Massimo Di Pierro]

Ne because it iI do not know for sure that is a bug in web2py.

On Friday, 7 August 2015 14:14:18 UTC-5, ermolaev...@gmail.com wrote:

pickled.HIGHPROTOCOL - fixed?

[JorgeH]

thanks for the great job massimo and team!!

Is bootstrap 3 + as default?

[Massimo Di Pierro]

yes. It has been since 2.11.1

[黄祥]

same old error during pack all still show up said about cache directory.

step to produce an error:

download web2py source

extract and then run web2py

pack all welcome app

solution :

don't forget to create cache directory before you pack all your app

best regards,

stifan

[Massimo Di Pierro]

Ouch. This is serious. Releasing 2.12.2 in one a minute with a fix.

[ermolaev...@gmail.com]

if session stored in cookies - folders in /sessions folder created anyway ((

пятница, 7 августа 2015 г., 19:59:13 UTC+3 пользователь Massimo Di Pierro написал:

[Massimo Di Pierro]

Ouch! Will fix it asap.

[ermolaev...@gmail.com]

please insert in settings using pickle.HIGHPROTOCOL

if I set unuse.pickle_HP - than will switch off it

https://groups.google.com/forum/?hl=ru#!searchin/web2py/pickle/web2py/r3LcWSbEbmM/TI_enYLZCQwJ

now I edit it by hand ((

четверг, 13 августа 2015 г., 6:17:27 UTC+3 пользователь Massimo Di Pierro написал:

[ermolaev...@gmail.com]

++ please separate admin (backoffice) layout.html and frontoffice layouts!!!

++ please in appadmin/db - in settings set counter or records to show on one pape

100 recs is too long (((

++ please insert in admin/db in edit some record if that field is refernce to table - link to that table record (parent record for this field)

[ermolaev...@gmail.com]

- enable <app>/appadmin/manage/auth by default for user admin ???

no! - please set it as settings by default is desabled

I use admin only on local machine!

[ermolaev...@gmail.com]

for prevetn pickle error please add new param in session:

    session.connect(request,response,cookie_key='kjykGFDRETfxf65',compression_level=None, pickle_low=True)

If pickle_low: - not use high protocol foe pickle

[Massimo Di Pierro]

Fine with most of these. Can you send PR requests and I will review/accept/reject?

Massimo

[Paolo Valleri]

@Massimo, I've just noticed that web2py 2.12.2 points to an old version of pydal. is that correct?

see https://github.com/web2py/web2py/tree/R-2.12.2/gluon/packages

Paolo

[Niphlod]

due to bad commit https://github.com/web2py/web2py/commit/e95115deb401552d122ff06c3482c264e02eaf32 .... multi-groan :P

[Massimo Di Pierro]

Apologies. Will post a new version asap.

[Massimo Di Pierro]

2.12.3 is out and fixes this problem.

[Dmitri Ermolaev]

may be set some key for web2py?

web2py.exe --pickle_high_off

 - will off pickle.highprotocol anywhere

воскресенье, 16 августа 2015 г., 23:45:19 UTC+3 пользователь Massimo Di Pierro написал:

[Anthony]

On Friday, August 28, 2015 at 5:34:50 AM UTC-4, Dmitri Ermolaev wrote:

may be set some key for web2py?

web2py.exe --pickle_high_off

 - will off pickle.highprotocol anywhere

That will only help when running web2py via the built-in development server, so would be of limited usefulness.

Anthony

[Dmitri Ermolaev]

ok

may be do it in wsgihandle.py - for apache ?

пятница, 28 августа 2015 г., 15:47:47 UTC+3 пользователь Anthony написал:

[Massimo Di Pierro]

Once again, I would like to understand what is this problem with the HIGH_PROTOCOL. Can you explain to me again what the problem is?

Massimo

[Dmitri Ermolaev]

I use Apachi under Window server

error report:

https://groups.google.com/forum/#!searchin/web2py/pickle/web2py/r3LcWSbEbmM/TI_enYLZCQwJ

my suggestion replace code with:

try:

   pickle.dumps(self, pickle.HIGHEST_PROTOCOL)

ecxept:

   pickle.dumps(self)

понедельник, 31 августа 2015 г., 5:55:42 UTC+3 пользователь Massimo Di Pierro написал:

[Ron Chatterjee]

Does anyone has any issues downloading the latest Source Code from web2py site?

Because when I do python web2py.py (running python 2.7) I get hit with the error:

\...\...\gluon\sqlhtml.py", line 32, in <module> from pydal.helpers.methods import smart_query, bar_encode, _repr_ref

ImportError: cannot import name _repr_ref.

I don't get to run the server.

[Niphlod]

I'd imagine you are running with an unpinned version of pydal. Travis and appveyor (our CI) are not failing.

On Monday, October 19, 2015 at 5:07:33 PM UTC+2, Ron Chatterjee wrote:

Does anyone has any issues downloading the latest Source Code from web2py site?

Because when I do python web2py.py I get hit with the error:

[Ron Chatterjee]

Niphlod, I don't know what you just said, can you please break it down for me? What you mean unpinned version of pydal? I have a local version of pydal installed in my site packages. 

[Niphlod]

any version of web2py is tested to run with a TAGGED version of pydal. You can't mix and match. For example, current web2py works with pydal 15.09 .

[Richard Vézina]

Ron did you download web2py from Github or from web2py site... The latter should prevent fromt this issue, but if you use Git repo, you need to update pyDAL submodule, that what Niphold is explaning...

Richard

--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to the Google Groups "web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to web2py+un...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Ron Chatterjee]

I downloaded from web2py site. Anyway, I did pip uninstall pydal from my site packages and now it works fine. Somehow it was conflicting with the local pydal copy. Thanks for the help. I appreciate it! 

[Richard Vézina]

Hello Ron,

Do you know virtualenv?

You can avoid this kind of issue with it...

Get started...

Ref : http://docs.python-guide.org/en/latest/dev/virtualenvs/

Richard

[Ron Chatterjee]

You are right. I should use venv. Haven't tried with web2py. But I agree. 

[Richard Vézina]

You may still use web2py without venv, but consider using it for stuff like pyDAL... 

:)

It all depends of your needs and number of projects you manage...

Even if venv is always a better idea, I would say as a rule of thumb, if you didn't face any issue, and only manage one app and only use web2py framework, you can keep going without venv... But if you have more than one app, more than one project, more than one framework, you need to use venv. If you don't you will one day or another lost track on what you have installed soon and being away from one project for sometimes you may experiment one day package issue when you get back and are in urgency to push update to a client which is not fun at all...

Richard

[Alessio Varalta]

Thanks for the work

On Friday, 7 August 2015 18:59:13 UTC+2, Massimo Di Pierro wrote:

Changelog:

- security fix: Validate for open redirect everywhere, not just in login()

- allow to pack invidual apps and selected files as packed exe files

- allow bulk user registration with default bulk_register_enabled=False

- allow unsorted multiword query in grid search

- better MongoDB support with newer pyDAL

- enable <app>/appadmin/manage/auth by default for user admin

- allow mail.settings.server='logging:filename' to log emails to a file

[Gael Princivalle]

Hello.

I was running this script without problems with 2.9.13:

def add_phplist_user(f,id):
    auth_user = db.auth_user(id)
    #add user
    last_id = db_phplist.phplist_user_user.insert(
        email = auth_user.email,
        confirmed = auth_user.newsletter)
    phplist_listuser = db_phplist(db_phplist.phplist_listuser).select(orderby=db_phplist.phplist_listuser.id)
    last_phplist_listuser = phplist_listuser.last()
    db_phplist.phplist_listuser.insert(
        id = last_phplist_listuser.id + 1,
        userid = last_id,
        listid = 2)

db.auth_user._after_insert.append(lambda f,id: add_phplist_user(f,id))

Now with 2.12.3 I have this ticket:

<type 'exceptions.AttributeError'>

Versione

web2py™	Version 2.12.3-stable+timestamp.2015.08.19.00.18.03
Python	Python 2.7.5: /usr/local/bin/python (prefix: /usr)

Traceback

1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. 15. 16. 17. 18. 19. 20. 21. 22. 23. 24. 25. 26.

Traceback (most recent call last): File "/home/tasko/webapps/w2p_2_12_3/web2py/gluon/restricted.py", line 227, in restricted exec ccode in environment File "/home/tasko/webapps/w2p_2_12_3/web2py/applications/mompala_negozio_bio_torino/controllers/default.py", line 508, in <module> File "/home/tasko/webapps/w2p_2_12_3/web2py/gluon/globals.py", line 412, in <lambda> self._caller = lambda f: f() File "/home/tasko/webapps/w2p_2_12_3/web2py/applications/mompala_negozio_bio_torino/controllers/default.py", line 470, in user return dict(website=website,form=auth()) File "/home/tasko/webapps/w2p_2_12_3/web2py/gluon/tools.py", line 1614, in __call__ return getattr(self, args[0])() File "/home/tasko/webapps/w2p_2_12_3/web2py/gluon/tools.py", line 2935, in register hideerror=self.settings.hideerror): File "/home/tasko/webapps/w2p_2_12_3/web2py/gluon/sqlhtml.py", line 1711, in accepts self.vars.id = self.table.insert(**fields) File "/home/tasko/webapps/w2p_2_12_3/web2py/gluon/packages/dal/pydal/objects.py", line 715, in insert [f(fields, ret) for f in self._after_insert] File "/home/tasko/webapps/w2p_2_12_3/web2py/applications/mompala_negozio_bio_torino/models/db.py", line 52, in <lambda> db.auth_user._after_insert.append(lambda f,id: add_phplist_user(f,id)) File "/home/tasko/webapps/w2p_2_12_3/web2py/applications/mompala_negozio_bio_torino/models/db.py", line 42, in add_phplist_user last_id = db_phplist.phplist_user_user.insert( File "/home/tasko/webapps/w2p_2_12_3/web2py/gluon/packages/dal/pydal/base.py", line 906, in __getattr__ return super(DAL, self).__getattr__(key) File "/home/tasko/webapps/w2p_2_12_3/web2py/gluon/packages/dal/pydal/helpers/classes.py", line 30, in __getattr__ raise AttributeError AttributeError

Someones knows why?

Thanks, regards.

[Anthony]

Hard to say without more context, but looks like there is no phplist_user_user table defined on the db_phplist DAL object.

Anthony

[Richard Vézina]

Could it be because in your select inside your function you not specifying any fields/columns (should be db_phplist.phplist_listuser.ALL)

Also you have a mix of db and db_phplist is the latter defined somewhere?

Richard

--

[Gael Princivalle]

Thanks Anthony. In fact db_phplist tables where commented. Sorry.

Thanks Richard.

With:

db_phplist.phplist_listuser.ALL ticket was an SQL error:

ProgrammingError: (1064, "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ' phplist_listuser.userid, phplist_listuser.listid ORDER BY phplist_listuser.id' at line 1")

But with:

db_phplist.phplist_listuser.id>0

It works.

Regards.

[Richard Vézina]

Yes, I think web2py allow this : db(db.where_clause).select()

But there is nothing like being explicit... In SQL this won't work :

SELECT

FROM table_name

WHERE table_name.field_name = something

So...

Richard