Browse files

Merge branch 'master' of github.com:webpy/webpy.github.com

  • Loading branch information...
2 parents c09ea47 + c5dd759 commit 4391615f3552245d69fe5f8ab7fb127a8bbe3d0b @anandology anandology committed Jun 26, 2012
Showing with 46 additions and 35 deletions.
  1. +1 −1 cookbook/query.md
  2. +7 −5 cookbook/userauthpgsql.md
  3. +1 −1 cookbook/xmlfiles.md
  4. +23 −10 docs/0.3/tutorial.md
  5. +3 −6 index.fr.md
  6. +1 −1 index.md
  7. +5 −5 install.md
  8. +1 −1 philosophy.md
  9. +3 −3 sites.md
  10. +1 −2 tutorial.md
View
2 cookbook/query.md
@@ -11,7 +11,7 @@ You want to perform advanced SQL statements like joins or counts.
### Solution
-webpy doesn't try to build layers between you and your database. Rather, it tries to make it easy to common tasks, and get out of your way when you need to do more advanced topics. Performing advanced database queries is no different. For example:
+webpy doesn't try to build layers between you and your database. Rather, it tries to make it easy to perform common tasks, and get out of your way when you need to do more advanced things. Performing advanced database queries is no different. For example:
import web
View
12 cookbook/userauthpgsql.md
@@ -12,9 +12,10 @@ title: User Authentication with PostgreSQL database
- A user authentication system could have a lot of functions. For this example, we're only going to manage the authentication process, through a postgresql database.
##Needed
-- The only one we need is web.py:
+- web.py for all the web functions, and hashlib to store the passwords securely:
import web
+ import hashlib
## 1st: The database
First of all, we need a table for the users. This scheme is very simple, but is enough for a lot of projects.
@@ -24,7 +25,7 @@ First of all, we need a table for the users. This scheme is very simple, but is
(
id serial NOT NULL,
user character varying(80) NOT NULL,
- pass character varying(80) NOT NULL,
+ pass character(40) NOT NULL,
email character varying(100) NOT NULL,
privilege integer NOT NULL DEFAULT 0,
CONSTRAINT utilisateur_pkey PRIMARY KEY (id)
@@ -55,7 +56,7 @@ There will be 2 states during the login/logout session:
## 3rd: Logged or not logged ?
-To manage the access for people who are logged or not, it's very easy. Just define the logged expression like this, and use it for your login/reset classes:
+To manage the access for people who are logged or not is very easy. Just define the logged expression like this, and use it for your login/reset classes:
##
def logged():
@@ -65,7 +66,7 @@ To manage the access for people who are logged or not, it's very easy. Just defi
return False
## 4th: Easy Privleges Management
-I manage my users, in 4 categories: admin+user+reader (logged), and visitors (not logged). The directory template is choosing according to the privilege specified in the table example_users.
+I manage my users in 4 categories: admin+user+reader (logged), and visitors (not logged). The directory template is choosing according to the privilege specified in the table example_users.
##
def create_render(privilege):
@@ -100,6 +101,7 @@ Now, let's have fun:
return '%s' % render.login()
- Ok, ok. Now, for the POST(). According to the .html file, we recover the variables posted in the form (see the login.html), and we compare it to the example_users.user row.
+- For security, we don't store passwords in the database directly, but store the hash of the password + salt; this is kind of line one-way encryption, so we can tell if the user's passwords match, but an attacker couldn't figure out what the password was to start with.
- If the login/pass is ok, redirect to the login_ok.html.
- If not, redirect to the login_error.html.
@@ -108,7 +110,7 @@ Now, let's have fun:
name, passwd = web.input().name, web.input().passwd
ident = db.select('example_users', where='name=$name', vars=locals())[0]
try:
- if passwd == ident['pass']:
+ if hashlib.sha1("sAlT754-"+passwd).hexdigest() == ident['pass']:
session.login = 1
session.privilege = ident['privilege']
render = create_render(session.privilege)
View
2 cookbook/xmlfiles.md
@@ -39,7 +39,7 @@ To serve this file, create a standard Web.Py program (i.e. response.py) and use
class index:
def GET(self, code):
web.header('Content-Type', 'text/xml')
- return render.index(code)
+ return render.response(code)
web.webapi.internalerror = web.debugerror
if __name__ == '__main__': app.run()
View
33 docs/0.3/tutorial.md
@@ -44,12 +44,6 @@ The first part is a [regular expressions](http://osteele.com/tools/rework/) that
This line says we want the URL `/` (i.e. the front page) to be handled by the class named `index`.
-Now we need to create an application specifying the urls.
-
- app = web.application(urls, globals())
-
-This tells web.py to create an application with the URLs we listed above, looking up the classes in the global namespace of this file.
-
<a name="getpost"> </a>
## GET and POST: the difference
@@ -65,14 +59,33 @@ In our web.py code, we make the distinction between the two clear:
This `GET` function will now get called by web.py anytime someone makes a `GET` request for `/`.
-Alright, now we just need to finish up with a final line telling web.py to start serving web pages:
+Now we need to create an application specifying the urls and a way to tell web.py to start serving web pages:
- if __name__ == "__main__": app.run()
+ if __name__ == "__main__":
+ app = web.application(urls, globals())
+ app.run()
-This tells web.py to serve the application we created above.
+First we tell web.py to create an application with the URLs we listed above, looking up the classes in the global namespace of this file.
+And finally we make sure that web.py serves the application we created above.
Now notice that although I've been talking a lot here, we only really have five or so lines of code. That's all you need to make a complete web.py application.
+For easier access, here's how your code should look like:
+
+ import web
+
+ urls = (
+ '/', 'index'
+ )
+
+ class index:
+ def GET(self):
+ return "Hello, world!"
+
+ if __name__ == "__main__":
+ app = web.application(urls, globals())
+ app.run()
+
<a name="start"> </a>
## Start the server
@@ -166,7 +179,7 @@ Using your database engines admin interface, create a simple table in your datab
CREATE TABLE todo (
id serial primary key,
title text,
- created timestamp default now,
+ created timestamp default now(),
done boolean default 'f' );
And an initial row:
View
9 index.fr.md
@@ -140,7 +140,7 @@ Le [bivalidateur](http://xhtml-css.com/) vérifie votre HTML et la validation CS
"très élégant et concis (sans oublier que c'est écrit par Aaron Swartz, dont les compétences en codage sont impressionnantes), et ça ne m'a pas fait perdre de temps."
- Jonas Galvez, Aupeo [#][26]
- [26]: http://shortb.net/~f561f1
+ [26]: http://www.artima.com/forums/flat.jsp?forum=106&thread=146149
"Le premier framework ... sur lequel je peux bidouiller du code et voir quelque chose fonctionner sans même être obligé de comprendre la logique de celui-ci. Un plaisir à intégrer."
- Delaunay Antoine built [a photo gallery][28] and [an agenda][34] with it
@@ -151,12 +151,12 @@ Le [bivalidateur](http://xhtml-css.com/) vérifie votre HTML et la validation CS
"Guido [van Rossum, Créateur de Python], vous constaterez probablement que web.py convient le mieux à votre style. ...Si vous ne l'aimez pas, je ne peux imaginer lequel des autres douzaines d'autres framework sortis vous *pourriez* aimer."
- Phillip J. Eby, créateur du Python Web Server Gateway Interface (WSGI) [#lien][30]
- [30]: http://shortb.net/~f561f2
+ [30]: http://www.artima.com/forums/flat.jsp?forum=106&thread=146149&start=30&msRange=15
"... l'exemple [Cheetah] que j'ai vu sur web.py à l'air "bon". (web.py itself OTOH gets an "F", for undocumented code with too much magic behavior. upvars(), bah.)" [ Note traducteur : A préciser]
- Guido van Rossum, Créateur de Python [#Lien][31]
- [31]: http://shortb.net/+f561f3
+ [31]: http://www.artima.com/weblogs/viewpost.jsp?thread=146503
"il suffit de dire je crois, que Aaron se dirige dans la bonne direction."
- Harry Fuecks: [un simple wiki avec web.py][32]
@@ -226,9 +226,6 @@ Le [bivalidateur](http://xhtml-css.com/) vérifie votre HTML et la validation CS
* [tricks](/tricks)
-* [best essays](http://www.bestessays.ca/)
-
-
### Communauté web.py
View
2 index.md
@@ -68,4 +68,4 @@ web.py was originally published while Aaron Swartz worked at [reddit.com][20], w
"Guido [van Rossum, creator of Python], you'll probably find that web.py best suits your style. ... If you don't like it, I can't imagine which of the other dozens of frameworks out there you *would* like."
<span class="cite">&nbsp;&nbsp;&mdash;&nbsp; Phillip J. Eby, creator of the Python Web Server Gateway Interface (WSGI) [#][30]</span>
- [30]: http://shortb.net/~f561f2
+ [30]: http://www.artima.com/forums/flat.jsp?forum=106&thread=146149&start=30&msRange=15
View
10 install.md
@@ -50,7 +50,11 @@ see [recommended setup](/recommended_setup).
Another option is to use [Easy Install](http://peak.telecommunity.com/DevCenter/EasyInstall). Once Easy Install is properly setup:
- easy_install web.py
+ sudo easy_install web.py
+
+Or [PIP](http://packages.python.org/distribute/)
+
+ sudo pip install web.py
<a name="macosx"></a>
### MacOS X
@@ -286,7 +290,3 @@ If you want web.py to be accessible at 'http://example.com' instead of 'http://e
</IfModule>
If the `code.py` is in the subfolder `myapp/`, adjust the RewriteBase to `RewriteBase /myapp/`. If you have static files like CSS files and images to pass through, duplicate the line with the icons for each path you want to allow.
-
-See [Module mod_rewrite URL Rewriting Engine][4]
-
- [4]: http://shortb.net/~3kf44h
View
2 philosophy.md
@@ -19,7 +19,7 @@ In response to someone complaining about web.py having "yet another template lan
> reinventing old things with only small differences were necessary to
> achieve this goal, I would defend reinventing them. The difference
> between the ideal way and the almost-ideal way is, as Mark Twain
-> suggested, the difference between the lighting and the lightning bug.
+> suggested, the difference between the lightning and the lightning bug.
>
> But these aren't just small differences. Instead of exposing Python
> objects, web.py allows you to build HTTP responses. Instead of trying
View
6 sites.md
@@ -103,7 +103,7 @@ The [bivalidator](http://xhtml-css.com/) checks your HTML and CSS validation.
"very nicely written and concise (not to mention it's written by Aaron Swartz, whose coding skills are very trustable), and doesn't get in my way"
- Jonas Galvez, Aupeo [#][26]
- [26]: http://shortb.net/~f561f1
+ [26]: http://www.artima.com/forums/flat.jsp?forum=106&thread=146149
"the first framework ... where I could just scribble code and see something working without even having to try to understand the logic of it. A pleasure to integrate."
- Delaunay Antoine built [a photo gallery][28] and [an agenda][34] with it
@@ -114,12 +114,12 @@ The [bivalidator](http://xhtml-css.com/) checks your HTML and CSS validation.
"Guido [van Rossum, creator of Python], you'll probably find that web.py best suits your style. ... If you don't like it, I can't imagine which of the other dozens of frameworks out there you *would* like."
- Phillip J. Eby, creator of the Python Web Server Gateway Interface (WSGI) [#][30]
- [30]: http://shortb.net/~f561f2
+ [30]: http://www.artima.com/forums/flat.jsp?forum=106&thread=146149&start=30&msRange=15
"... the [Cheetah] example I saw on web.py looks "right". (web.py itself OTOH gets an "F", for undocumented code with too much magic behavior. upvars(), bah.)"
- Guido van Rossum, creator of Python [#][31]
- [31]: http://shortb.net/+f561f3
+ [31]: http://www.artima.com/weblogs/viewpost.jsp?thread=146503
"suffice to say I think Aaron is headed in the right direction."
- Harry Fuecks: [a simple wiki with web.py][32]
View
3 tutorial.md
@@ -5,8 +5,7 @@ title: web.py tutorial
# web.py tutorial
-* [english](http://webpy.org/tutorial3)
-* [español](/tutorial/es)
+* [english](http://webpy.org/docs/0.3/tutorial)
* português: [1](http://www.writely.com/View.aspx?docid=bbcm927cd2fmj) [2](http://www.writely.com/View.aspx?docid=bbcm927cd2fmj) [3](http://www.writely.com/View.aspx?docid=bbcm927cd2fmj)
* [français](http://sunfox.org/tutoriel-web-py-fr/)
* [pусский](http://bobuk.infogami.com/webpytrans)

0 comments on commit 4391615

Please sign in to comment.