Search Results

Search found 14283 results on 572 pages for 'django generic views'.

Page 81/572 | < Previous Page | 77 78 79 80 81 82 83 84 85 86 87 88  | Next Page >

  • serving files using django - is this a security vulnerability

    - by Tom Tom
    I'm using the following code to serve uploaded files from a login secured view in a django app. Do you think that there is a security vulnerability in this code? I'm a bit concerned about that the user could place arbitrary strings in the url after the upload/ and this is directly mapped to the local filesystem. Actually I don't think that it is a vulnerability issue, since the access to the filesystem is restricted to the files in the folder defined with the UPLOAD_LOCATION setting. UPLOAD_LOCATION = is set to a not publicly available folder on the webserver url(r'^upload/(?P<file_url>[/,.,\s,_,\-,\w]+)', 'aeon_infrastructure.views.serve_upload_files', name='project_detail'), @login_required def serve_upload_files(request, file_url): import os.path import mimetypes mimetypes.init() try: file_path = settings.UPLOAD_LOCATION + '/' + file_url fsock = open(file_path,"r") file_name = os.path.basename(file_path) file_size = os.path.getsize(file_path) print "file size is: " + str(file_size) mime_type_guess = mimetypes.guess_type(file_name) if mime_type_guess is not None: response = HttpResponse(fsock, mimetype=mime_type_guess[0]) response['Content-Disposition'] = 'attachment; filename=' + file_name #response.write(file) except IOError: response = HttpResponseNotFound() return response

    Read the article

  • Elegant setup of Python logging in Django

    - by Parand
    I have yet to find a way of setting up Python logging with Django that I'm happy with. My requirements are fairly simple: Different log handlers for different events - that is, I want to be able to log to different files Easy access to loggers in my modules. The module should be able to find its logger with little effort. Should be easily applicable to command-line modules. Parts of the system are stand-alone command line or daemon processes. Logging should be easily usable with these modules. My current setup is to use a logging.conf file and setup logging in each module I log from. It doesn't feel right. Do you have a logging setup that you like? Please detail it: how do you setup the configuration (do you use logging.conf or set it up in code), where/when do you initiate the loggers, and how do you get access to them in your modules, etc.

    Read the article

  • Intersection of two querysets in django

    - by unagimiyagi
    Hello, I can't do an AND on two querysets. As in, q1 & q2. I get the empty set and I do not know why. I have tested this with the simplest cases. I am using django 1.1.1 I have basically objects like this: item1 name="Joe" color = "blue" item2 name="Jim" color = "blue" color = "white" item3 name="John" color = "red" color = "white" Is there something weird about having a many-to-many relationship or what am I missing? queryset1 = Item.objects.filter(color="blue") this gives (item1, item2) queryset2 = Item.objects.filter(color="white") this gives (item2, item3) queryset1 & queryset2 gives me the empty set [] The OR operator works fine (I'm using "|" ) Why is this so?

    Read the article

  • Representing geographical points/polygons in Python/Django

    - by Cornflake
    I'm building a website in Django, and I want one of my datatypes to be a geographical polygon. I want to mark points on a map (say, in Google Maps) and then store the resulting polygon in the database. Is there any way to do it that will save me the work of typing all the longitudes and latitudes manually? I guess I'm looking both for a geographical library for Python, and for a special website that will let me mark points on the map and save them in a standard format. Thanks!

    Read the article

  • Django: accessing session variables from within a template?

    - by AP257
    Hi all If I set a session variable in Django, like: request.session["name"] = "name" Is there a way I can access it from within a template, or do I have to retrieve it from within a view, and then pass it to a template? Asking because I have around 10 little session variables that I'd like to access within a template, and passing all 10 from the view to the template could get a bit messy. (I have to use session variables because it's a HttpResponseRedirect, but storing the variables in a database is overkill for my purposes.) So - any way to grab session variables directly within a template?

    Read the article

  • django templating system inheritance issue

    - by Suhail
    hi, i am having issues with my django templating system, i have a base.html file, which contains the content which will be common on all the web pages of the web site, the base.html file fetches some dynamic content, like the categories and the archives, which are passed to it by a python file, which fetches the categories and the archives data from a mysql database. the issue when i inherit this base.html file in other html files like index.html: {% extends "base.html" %} and when when i call the main index URL for ex: http://mywebsite.com/index/ the index page gets loaded, but the categories and the archives data that should get loaded from the base.html file does not. what am i doing wrong, please help.

    Read the article

  • Prepopulate drop-box according to another drop-box choice in Django Admin

    - by onorua
    I have models like this: class User(models.Model): Switch = models.ForeignKey(Switch, related_name='SwitchUsers') Port = models.ForeignKey(Port) class Switch(models.Model): Name = models.CharField(max_length=50) class Port(models.Model): PortNum = models.PositiveIntegerField() Switch = models.ForeignKey(Switch, related_name = "Ports") When I'm in Admin interface and choose Switch from Switches available, I would like to have Port prepopulated accordingly with Ports from the related Switch. As far as I understand I need to create some JS script to prepopulate it. Unfortunately I don't have this experience, and I would like to keep things simple as it possible and don't rewrite all Django admin interface. Just add this functionality for one Field. Could you please help me with my problem? Thank you.

    Read the article

  • Django: Determining if a user has voted or not

    - by TheLizardKing
    I have a long list of links that I spit out using the below code, total votes, submitted by, the usual stuff but I am not 100% on how to determine if the currently logged in user has voted on a link or not. I know how to do this from within my view but do I need to alter my below view code or can I make use of the way templates work to determine it? I have read http://stackoverflow.com/questions/1528583/django-vote-up-down-method but I don't quite understand what's going on ( and don't need any ofjavascriptery). Models (snippet): class Link(models.Model): category = models.ForeignKey(Category, blank=False, default=1) user = models.ForeignKey(User) created = models.DateTimeField(auto_now_add=True) modified = models.DateTimeField(auto_now=True) url = models.URLField(max_length=1024, unique=True, verify_exists=True) name = models.CharField(max_length=512) def __unicode__(self): return u'%s (%s)' % (self.name, self.url) class Vote(models.Model): link = models.ForeignKey(Link) user = models.ForeignKey(User) created = models.DateTimeField(auto_now_add=True) def __unicode__(self): return u'%s vote for %s' % (self.user, self.link) Views (snippet): links = Link.objects.select_related().annotate(votes=Count('vote')).order_by('-created')

    Read the article

  • django 'urlize' strings form text just like twitter

    - by dana
    heyy there i want to parse a text,let's name it 'post', and 'urlize' some strings if they contain a particular character, in a particular position. my 'pseudocode' trial would look like that: def urlize(post) for string in post if string icontains ('#') url=(r'^searchn/$', searchn, name='news_searchn'), then apply url to the string return urlize(post) i want the function to return to me the post with the urlized strings, where necessary (just like twitter does). i don't understand: how can i parse a text, and search for certain strings? is there ok to make a function especially for 'urlizing' some strings? The function should return the entire post, no matter if it has such kind of strings. is there another way Django offers? Thank you

    Read the article

  • Datastore query outputting for Django form instance

    - by Jelle
    Hello! I'm using google appengine and Django. I'm using de djangoforms module and wanted to specify the form instance with the information that comes from the query below. userquery = db.GqlQuery("SELECT * FROM User WHERE googleaccount = :1", users.get_current_user()) form = forms.AccountForm(data=request.POST or None,instance=?????) I've found a snippet in a sample app that does this trick, but I can't modify it to work with the query I need. gift = User.get(db.Key.from_path(User.kind(), int(gift_id))) if gift is None: return http.HttpResponseNotFound('No gift exists with that key (%r)' % gift_id) form = RegisterForm(data=request.POST or None, instance=gift) Could anyone help me?

    Read the article

  • Project design / FS layout for large django projects

    - by rcreswick
    What is the best way to layout a large django project? The tutuorials provide simple instructions for setting up apps, models, and views, but there is less information about how apps and projects should be broken down, how much sharing is allowable/necessary between apps in a typical project (obviously that is largely dependent on the project) and how/where general templates should be kept. Does anyone have examples, suggestions, and explanations as to why a certain project layout is better than another? I am particularly interested in the incorporation of large numbers of unit tests (2-5x the size of the actual code base) and string externalization / templates.

    Read the article

  • Resizing uploaded files in django using PIL

    - by Nikunj
    I am using PIL to resize an uploaded file using this method: def resize_uploaded_image(buf): imagefile = StringIO.StringIO(buf.read()) imageImage = Image.open(imagefile) (width, height) = imageImage.size (width, height) = scale_dimensions(width, height, longest_side=240) resizedImage = imageImage.resize((width, height)) return resizedImage I then use this method to get the resizedImage in my main view method: image = request.FILES['avatar'] resizedImage = resize_uploaded_image(image) content = django.core.files.File(resizedImage) acc = Account.objects.get(account=request.user) acc.avatar.save(image.name, content) However, this gives me the 'read' error. Trace: Exception Type: AttributeError at /myapp/editAvatar Exception Value: read Any idea how to fix this? I have been at it for hours! Thanks! Nikunj

    Read the article

  • Limiting the maximum number of concurrent requests django/apache

    - by Johan
    Hi, I have a django site that demonstrates the usage of a tool. One of my views takes a file as input and runs some fairly heavy computation trough an external python script and returns some output to the user. The tool runs fast enough to return the output in the same request though. I would however want to limit how many concurrent requests to this URL/view to keep the server from getting congested. Any tips on how i would go about doing this? The page in itself is very simple and the usage will be low.

    Read the article

  • Django "Page not found" error page shows only one of two expected urls

    - by Frank V
    I'm working with Django, admittedly for the first time doing anything real. The URL config looks like the following: urlpatterns = patterns('my_site.core_prototype.views', (r'^newpost/$', 'newPost'), (r'^$', 'NewPostAndDisplayList'), # capture nothing... #more here... - perhaps the perma-links? ) This is in an app's url.py which is loaded from the project's url.py via: urlpatterns = patterns('', # only app for now. (r'^$', include('my_site.core_prototype.urls')), ) The problem is, when I receive a 404 attempting to utilize newpost, the error page only shows the ^$ -- it seems to ignore the newpost pattern... I'm sure the solution is probably stupid-simple but right now I'm missing it. Can someone help get me on the right track...

    Read the article

  • Python / Django : emulating a multidimensional layer on a MySQL database

    - by Sébastien Piquemal
    Hi, I'm working on a Django project where I need to provide a lot of different visualizations on the same data (for example average of a value for each month, for each year / for a location, etc...). I have been using an OLAP database once in college, and I thought that it would fit my needs, but it appears that it is much too heavy for what I need. Actually the volume of data is not very big, so I don't need any optimization, just a way to present different visualizations of the same data without having to write 1000 times the same code. So, to recap, I need a python library: to emulate a multidimensional database (OLAP style would be nice because I think it is quite convenient : star structure, and everything) non-intrusive, because I can't modify anything on the existing MySQL database easy-to-use, because otherwise there's no point in replacing some overhead by another.

    Read the article

  • Django filter with two constraints on related model

    - by BJ Homer
    I have a django app with models as follows: A Question model An Answer model, with a ForeignKey back to the Question. (A question can have multiple answers.) A Flag model, with a ForeignKey to the Answer. (An answer can be flagged as inappropriate.) All of the above also have a user field, defining the user that created that object. I'm trying to get a list of all Questions with answers from the current user which have been flagged. I tried this: Question.objects.filter(answer__user=user).\ filter(answer__flag__isnull=True).distinct() … but I believe that will return a list of Questions with answers from the current user and with answers which have been flagged, but will not necessarily guarantee that it is the user's answer that has been flagged. Is there an easy way to do this? Basically, I want to make the answer part of the filter refer to the same answer on both of them. Please let me know if something is unclear.

    Read the article

  • Local sites not displaying in VirtualBox when using Django's local development server?

    - by littlejim84
    Hello. I develop web applications using Django on Mac OSX 10.6. I use Django's built in local development server which I run on my computer's IP (such as: http://192.168.0.11:8001/). I test my applications in Firefox, Safari and Chrome and all display fine. I use Sun's VirtualBox with 3 different instances of Windows XP that have IE6, IE7 and IE8 on them. For whatever reason, these sometimes just don't display the Django sites. They come up with 'The page cannot be displayed'. Eight times out of ten, they display fine and function normally but for no reason at all they won't display. Sometimes restarting Django's local development server from the Terminal will fix the problem, sometimes it won't. Is there some sort of VirtualBox settings or Django settings that I need to set to ensure smooth operation of this? Am I overlooking something? Has anyone else had these problems?

    Read the article

  • Django "Error: cannot import name escape" on windows

    - by Sam
    I cannot run the dev server because of this error ("Error: cannot import name escape"). I assume its because of modifications I've done to the project, but i have no idea how to find where the error is originating from to fix it. I don't import anything called escape anywhere. Update Using django-admin.py rather than the projects manage.py, don't know why... Update 2 Now manage.py is working. This may be because I had a file called email.py which was trying to import email.mime.text (ie trying to import itself) renaming to sendemail.py solved this problem.

    Read the article

  • importing CELERY* environment variables in django settings.py causes celeryd not to start

    - by Taras
    I just spent 2 hours trying to figure out why django celery stopped working. Celery would being to start, but would stop short of printing out the configuration items, implying that it wasn't starting correct. The log would only contain The celery.decorators module along with the magic keyword arguments, are deprecated, and will be removed in version 3.0. Please use the celery.task module instead of celery.decorators, and the task.request should be used instead of the magic keyword arguments: from celery.task import task See http://bit.ly/celery22major for more information. """)) It turns out that some celery env variables that I was importing to try and fix a different problem were causing celery not to start correctly: from celery.tests.config import CELERY_QUEUES, CELERY_DEFAULT_QUEUE, CELERY_DEFAULT_ROUTING_KEY Even though I wasn't using them anywhere. Does anyone know what was happening?

    Read the article

  • Django json serialization problem

    - by codingJoe
    I am having difficulty serializing a django object. The problem is that there are foreign keys. I want the serialization to have data from the referenced object, not just the index. For example, I would like the sponsor data field to say "sponsor.last_name, sponsor.first_name" rather than "13". How can I fix my serialization? json data: {"totalCount":"2","activities":[{"pk": 1, "model": "app.activity", "fields": {"activity_date": "2010-12-20", "description": "my activity", "sponsor": 13, "location": 1, .... model code: class Activity(models.Model): activity_date = models.DateField() description = models.CharField(max_length=200) sponsor = models.ForeignKey(Sponsor) location = models.ForeignKey(Location) class Sponsor(models.Model): last_name = models.CharField(max_length=20) first_name= models.CharField(max_length=20) specialty = models.CharField(max_length=100) class Location(models.Model): location_num = models.IntegerField(primary_key=True) location_name = models.CharField(max_length=100) def activityJSON(request): activities = Activity.objects.all() total = activities.count() activities_json = serializers.serialize("json", activities) data = "{\"totalCount\":\"%s\",\"activities\":%s}" % (total, activities_json) return HttpResponse(data, mimetype="application/json")

    Read the article

  • Inlines in Django Admin

    - by Oli
    I have two models, Order and UserProfile. Each Order has a ForeignKey to UserProfile, to associate it with that user. On the django admin page for each Order, I'd like to display the UserProfile associated with it, for easy processing of information. I have tried inlines: class UserInline(admin.TabularInline): model = UserProfile class ValuationRequestAdmin(admin.ModelAdmin): list_display = ('address1', 'address2', 'town', 'date_added') list_filter = ('town', 'date_added') ordering = ('-date_updated',) inlines = [ UserInline, ] But it complains that UserProfile "has no ForeignKey to" Order - which it doesn't, it's the other way around. Is there a way to do what I want?

    Read the article

  • How to set up Django app to make cookies work on subdomain

    - by Dzida
    Hi, I have deployed my application on subdomain.domain.com (it works only on that one subdomain). Everything works fine except the fact that from time to time users cannot log in to application (the message "Looks like your browser isn't configured to accept cookies. Please enable cookies, reload this page, and try again" is shown when trying to log into admin panel). I've noticed that restarting the web server eliminates this problem for some time. Does anyone have experience with setting up django project on subdomain and can guide me how to configure my application to make it work correctly without need to ocasionally make reset?

    Read the article

  • Python / Django : emulating a multidimensionnal layer on a mySql database

    - by Sébastien Piquemal
    Hi, I'm working on a Django project where I need to provide a lot of different visualizations on the same data (for example average of a value for each month, for each year / for a location, etc ...). I have been using OLAP database once in college, and I thought that it would fit my needs, but it appears that it is much to heavy for what I need. Actually the volume of data is not very big, so I don't need any optimization, just a way to present different visualizations of the same data without having to write 1000 times the same code. So let's recap : I need a python library : to emulate a multidimensional database (OLAP style would be nice because I think it is quite convenient : stat structure, and everything) non-intrusive, because I can't modify anything on the existing mysql database easy-to-use, because otherwise there's no point in replacing some overhead by another.

    Read the article

  • Getting users latest tweet with Django

    - by Hanpan
    I want to create a function which grabs every users latest tweet from a specific group. So, if a user is in the 'authors' group, I want to grab their latest tweet and then finally cache the result for the day so we only do the crazy leg work once. def latest_tweets(self): g = Group.objects.get(name='author') users = [] for u in g.user_set.all(): acc = u.get_profile().twitter_account users.append('http://twitter.com/statuses/user_timeline/'+acc+'.rss') return users Is where I am at so far, but I'm at a complete loose end as to how I parse the RSS to get there latest tweet. Can anyone help me out here? If there is a better way to do this, any suggestions are welcome! I'm sure someone will suggest using django-twitter or other such libraries, but I'd like to do this manually if possible. Cheers

    Read the article

  • How can I selectively override a django .count() method

    - by Tom Viner
    I'm using postGresSQL and my main table has about 20,000 rows. Sometimes count() methods can take ages or even timeout. Mod.manager.filter(...).count() I need to selectively override the count() method depending on what filter has been applied. Just having a cache of results would be a great gain but I'd like to be able to say: if filter query is just {'enabled'=True} then return 20,000 without touching the db. Note: I can't prevent the call to .count() as it's inside django's pagination, which always does a count.

    Read the article

< Previous Page | 77 78 79 80 81 82 83 84 85 86 87 88  | Next Page >