#web-development

Don't tell me I didn't write that and can't xD

If somehow you are interested that takes the strings in two backticks() and returns it as <a href="two_backticks">two backticks</a>`

Oh god

@register.filter(name="replacer")
def messagetolink(text):
    split = text.split('`')
    even, odd = split[0::2], split[1::2]
    return format_html_join('', '{}<a href="' + site_name + '{}">{}</a>', ((a, ("_".join(b.split())), b) for a, b in itertools.zip_longest(even, odd, fillvalue='')))

# let's first clean up the function name.
def message_to_link(text):

# now let's rip that generator out of the return statement and put it on a line of its own
gen = ((a, ("_".join(b.split())), b) for a, b in itertools.zip_longest(even, odd, fillvalue=''))

# that's a bit better already, let's see how that looks
@register.filter(name="replacer")
def message_to_link(text):
    split = text.split('`')
    even, odd = split[0::2], split[1::2]
    gen = ((a, ("_".join(b.split())), b) for a, b in itertools.zip_longest(even, odd, fillvalue=''))
    return format_html_join('', '{}<a href="' + site_name + '{}">{}</a>', gen)

it's still hideous though.

I'm so irritated by this that I'm not even trying to add any more this kind of functionality, if I were able to do this I was planning on letting users share links to other websites too

But it is so damn incredibly hard for some reason

I wish we could use an f string for the second argument in format_html_join, but because django is hijacking the {}, we can't do that.

I wish it was possible to just mark_safe_permanantly(string)

# something like this
return format_html_join('', f'{}<a href="{site_name}{}">{}</a>', gen)

# would result in
SyntaxError: f-string: empty expression not allowed

so you'd need to escape them

and that's just even uglier

Anyway, for now I'm happy that I can let users toggle their posts' visibility

If somehow you are interested that takes the strings in two backticks() and returns it as<a href="two_backticks">two backticks</a>

wait, give me an example of that

input and output data

and on discord backticks are special characters so if you're gonna type them, escape them with backslash

I couldn't escape them, I tried, struggled just couple mins ago so I'm just gonna use | instead of backtick :D

`````

this is an example where |this part of the string| and |this part of the string| is converted to local links.

this is an example where <a href="http://127.0.0.1:8000/this_part_of_the_string">this part of the string</a> and <a href="http://127.0.0.1:8000/this_part_of_the_string">this part of the string</a> is converted to local links.<a href="http://127.0.0.1:8000/"></a>

While you are at it you can add a little feature like if a string is in between two *, the functions returns them as outside links :D

But that is purely optional :D

while I'm at it? I never said I was gonna do this :D

Oh, alright, I thought you wanted to try to rewrite that hideous function :D

Can someone assure me that using flask.g is request specific? If I use it to store user information on a request (to be able to identify who is making the request, before it happens(in a decorator)), is it ever going to collide if there are two request by two different users at the same time?

I'm not 100% sure from the doc

And it's application critical if it collides

it used to be. but isnt in the latest version. they changed it in like 0.10 or something

but whether things will collide or not is still an interesting question

g is in the application context in the latest version - but should still theoretically be wiped for every new request.

but the advantage of having it belong to the application context is that you can access it before the request is made. like in the before_request function if you're doing that. which used to be impossible.

so to answer your question - it should theoretically be safe from collision, and wiped for every request cycle. though I have never done any kind of extensive testing to that end.

I probably would do some tests before relying on it if it was "application critical"

okok thanks

I think it's a threadlocal

So it shouldn't conflict as long as everything is on the same thread

Python 3.7 will add tasklocals to asyncio which is gonna be awesome

On the following code:

@staticmethod
@namespace.marshal_list_with(article_full, envelope='articles')
def get():
    return Article.query.all()

I want to return a filtered(reduced) relationship of Article, should I go for something like: Article.query.join(ArticlePrice).filter(ArticlePrice.location_id=req_location).all()?

https://stackoverflow.com/questions/48156952/how-to-use-filter-in-count-q-in-django

Does anyone have an idea how I am supposed to use this undocumented thing? http://docs.sqlalchemy.org/en/latest/orm/query.html#sqlalchemy.orm.query.Query.add_columns

I don't know what it is expecting as parameter since it is not detailed 🙂

@namespace.marshal_list_with(local_article_full, envelope='articles')
def get(self, location):
    return Article.query\
        .filter(Article.prices.any(active=True), Article.prices.any(location_id=location))\
        .add_columns('price', Article.prices.price)\
        .all()

I'd like to get ALL Articles from the provided location, that are active=True and add a column to add its local price(add column 'price' equals to Article.prices.price where Article.prices.location_id equals to parameter location).

If that makes sense🤐

Note: The provided code is not working obviously

Basically, I want that in Flask-SQLAlchemy:

SELECT a.*, ap.price
FROM article a
INNER JOIN article_prices ap ON a.id = ap.article_id
WHERE ap.location_id = %location%
AND ap.active = true

@deep cave Do you have any tips on that? (sorry for pinging 😕 )

@signal karma What you want is a relationship

Check the sqlalchemy docs on relationships, there are specific ways to define them

I do have a relationship

But then it returns me an array.

not a specific value

What's wrong with that?

I want only the value ap.price WHERE ap.location_id = %location%

Realistically that's down to how your models are defined

seems like not since SQL can get it, and I can't figure out using SQLAlchemy

syntax problem

It sounds like it's possible that there could be more than one result for that, as far as SQLA understands

Or it's just that your relationship is defined incorrectly

The relationships page gives you a set of different types of relationship

It sounds like you need one-to-one or many-to-one but you're using one-to-many or many-to-many

You should also make sure your model enforces whatever relationship that you pick

Application logic isn't enough

@brave mantle sorry delay, I was on the SO 2018 survey 😛

I think you're missing the point. The SQL request I sent above is giving me the correct result, why should I change my models if SQL can get me the right result? I just want to port this SQL request to a Flask-SQLAlchemy syntax.

What's the point of having an ORM if you don't use it?

Use the ORM, it saves a lot of time

exactly

that's why I wanna use the sqlalchemy syntax

No, you don't get it

That isn't using the ORM

The method is undocumented because it's used internally, you're not supposed to use it yourself

I know what you mean. But my model should be fine, I just need to know what syntax I should use to get it right.

hm

but then maybe I should not use this one add_columns, but there should be a way to translate this sql into flask-sa

Define the relationship properly and use that

it is

I get an array of prices

I want to get only one out

how am I supposed to change my model for that?

Then it's not defined correctly

I'm cooking atm, I'll get you an example when I can

but, an Article has multiple Prices. Just when a user request the list of Artciles for a specific location, I want to return just the price of this location, not the array of prices.

alright 😉 🍳

Well, I think the array is still an SQLA object, you should be able to filter on it

An alternative would be to take the approach you need for many-to-many and make a separate relationships table you can join

that's what I have

Hm, more like an extra data table maybe

Wait, you said that locations have a price already

Can't you just get the price from the location then?

that's what I want!

here are the tables

So.. Define relationship in location and..

Use it?

class Article(db.Model):
    id = db.Column(db.Integer, primary_key=True)
    title = db.Column(db.String(255), nullable=False)
    description = db.Column(db.Text)
    image = db.Column(db.String(255))
    brand = db.Column(db.String(255), nullable=False)
    category_id = db.Column(db.Integer, db.ForeignKey("category.id"), nullable=False)
    prices = relationship("ArticlePrice", cascade="all, delete-orphan")

class ArticlePrice(db.Model):
    article_id = db.Column(db.Integer, db.ForeignKey("article.id"), primary_key=True)
    location_id = db.Column(db.Integer, db.ForeignKey("location.id"), primary_key=True)
    price = db.Column(db.Float, nullable=False)
    active = db.Column(db.Boolean, nullable=False)
    location = relationship('Location')

If that help =x

And this is not working

def get(self, location_id):
    return Article.query\
        .filter(Article.prices.any(active=True), Article.prices.any(location_id=location_id))\
        .all()

Eh? I've never seen .any() used

ah

Stackoverflow

but I am sure I can't make it work because I don't know the verbs

If you can gimme like half an hour or three quarters of an hour I should be able to show you what I mean

It you can't wait, head to github, GlowstoneMC/Site

We used it there

I am trying this for days, I think I can wait 😃

Haha, okay

@signal karma right, okay

Say we have a news post

https://github.com/GlowstoneMC/Site/blob/master/ultros_site/database/schema/news_post.py

News posts belong to single users

user = relationship("User", back_populates="news_posts")

And if we have users... https://github.com/GlowstoneMC/Site/blob/master/ultros_site/database/schema/user.py

They own multiple news posts
news_posts = relationship("NewsPost", back_populates="user", cascade="all, delete, delete-orphan")

The important thing here is back_populates="user"

Each post will have a single user association

but to complete that, you need to store the ID in the post, obviously

ok, fine so far

user_id = Column(Integer, ForeignKey("user.id"))

Alright, so if we want to get our latest three news posts

we might do

news_posts = db_session.query(NewsPost).filter_by(published=True).order_by(NewsPost.posted.desc())[0:3]

now what if you want to return the whole user information with a key last_post?

and our User object will be available at post.user

OK, so you take your NewsPost query

filter by the user

so eg filter_by(user=User(whatever))

and order_by descending

and .one() it

then you'll get their latest news post, with the user object attached

If all you have is the user ID, you can filter_by(user_id=whatever) as well

an example of using .one():

try:
    news_post = db_session.query(NewsPost).filter_by(id=post_id, published=True).one()
except NoResultFound:
    raise HTTPNotFound()

I will try something

@brave mantle How do you get the user information while requesting NewsPosts?

no join?

@signal karma It's automatic

That's the point of specifying the relationship

ah because of the backref?

It does the join for you

is it the backref?

The backref helps, yeah

ha, new one, how would you get the User with last_posted_date?

Find the relevant news post

grab the .user from it

You'd have to do that in my model

But if you actually wanted a last post date for users, you should have that on the user object and update it when they post

hm =/

I can't do that in my case

Why not?

because it has multiple prices at the same time depending on the location, there is no one more relevant than another.

to be stored in articles

The thing is that in your example, you're gonna get the NewsPost and the user in news_post.user, right? What if you need all informations mixed at the root?

what? "all informations mixed at root"?

It's a bit stupid in your example, but it'd look like:

news_posts = db_session.query(NewsPost).filter_by(published=True).order_by(NewsPost.posted.desc())[0:3]
print(news_posts[0].username)

The answer is, well, you don't

instead of print(news_posts[0].user.username)

that'd be news_posts[0].user.username

right

You don't want it mixed

that's pretty bad sql design

okok

Ok, look at it this way

you have a set of tables

each table should represent one particular thing

and everything that belongs to that thing

When you're writing SQL yourself and doing joins yourself, you get mixed data from each table you joined, but that's messy and doesn't actually represent the structure of your database

Under the hood, SQLA still does those joins for you

But they're abstracted away, so you have something that actually looks and behaves like regular Python objects

that's the point of an ORM

Keeping your data compartmentalised like that is important for maintaining a piece of software that is clean and easy to work with

Sure, but I don't think what I am asking is irrelevant, just it doesn't match 100% your use case

You're conflating direct DB access with using an ORM

If you want direct DB access, SQLA provides a lower-level API for that purpose

but chances are you don't, and the ORM is designed so that you don't have to write or generate a single line of SQL yourself

When you have well-defined models like I showed you, you basically have a schema of the attributes to expect on that object

That's why your use-case doesn't actually make sense

You'd be adding attributes that aren't actually present in your definition

So how would you design an article table that has multiple prices depending on a location?

You would probably need a relationship table

I do

article ID and location ID mapping to price IDs

hm I don't have a price id...

every table should have an ID column

your SQL server uses it for indexing

usually, you want that to be some numerical ID primary key

I am closed to this model: http://docs.sqlalchemy.org/en/latest/orm/basic_relationships.html#association-object

Essentially what you have is a table with a primary key (ID) and a bunch of foreign keys

https://github.com/GlowstoneMC/Site/blob/master/ultros_site/database/schema/product_branch_association.py

then you provide it in your relationship using the secondary param

branches = relationship("ProductBranch", secondary="product_branch_association")

if you don't need the backref, don't make it

otherwise, if you have extra data in your association, you map it directly

It's just like any other relationship, just with a table in the middle

so you'd end up with something like article.article_price_assoc.price

you could put a property on the model if you wanted it to be just price but you wouldn't be able to set it with .price unless you define a setter

@brave mantle solution: https://stackoverflow.com/questions/48219143/how-to-translate-sql-into-sqlalchemy-shaping-output-model-differently-from-the

FYI, if you are interested 😛

Intredasting

for anyone familiar with knockout, how would i go about moving the results from one table to another when clicked on? i currently have it so when you click on a result it redirects you and instead generates a report based on params associated with the selected result however i would like to move it instead to a new "queue" table where when i click a button all results in the "queue" table get generated at the same time

@compact pelican what you're asking is very unclear to me..

@signal karma ive since fixed the issue i needed to point my nested databind to the parent forgot to do that

is anyone in this channel any good with knockout.js? if so could you please DM me? been having some issues with a multi-select report generation page and cannot figure out the multi-select. I have the generation working and it works with just one but i cannot for the life of me figure out how to get multiple pages to generate. Id explain more in this channel but i would just be blowing it up

Oh god I can't seem to find a solution to this

Title.objects.order_by("-entry__entry_date2").distinct()```
.distinct() simply doesn't work, apparently it is somehow related to me using order_by and distinct in the same queryset concurrently

halp me

need more context

django

Entry class has a foreign_key with Title, and I'm trying to sort Title objects with their entry dates

but why distinct?

When an entry is entered to a Title,

Otherwise if users enter entries to the same Title over and over again my index would show only the same Title after a while

surely your application should not be inserting duplicates?

So if even though the last 2 entry is entered to the Title x, I only want one title x in my query set

Uhm, what? :3

Pardon my weak English :8

Distinct is for filtering out duplicate values

Why are you inserting duplicates?

I am not, the ordey_by does it

If you weren't inserting duplicates, there would be no duplicates

https://i.hizliresim.com/p69PDo.png

i dont know if this is relevant, but in sql distinct comes before order by

Tried that too, still the same

https://i.hizliresim.com/PlBMVd.png

Help me or I'll suicide by drinking 50 more cups of coffee

untrasted domain@brittle copper

for picture

Gimme a sec

https://imgur.com/a/nEBLQ

@frigid hamlet

distinct takes an optional arg of what col to filter distinct by

make sure it is using the col you expect it to by manually specifying it.

oh shit was scrolled up

from mainsite.customcustom import EMAIL_USE_TLS, EMAIL_HOST, EMAIL_HOST_USER, EMAIL_HOST_PASSWORD, EMAIL_PORT

EMAIL_USE_TLS = EMAIL_USE_TLS
EMAIL_HOST = EMAIL_HOST
EMAIL_HOST_USER = EMAIL_HOST_USER
EMAIL_HOST_PASSWORD = EMAIL_HOST_PASSWORD
EMAIL_PORT = EMAIL_PORT

As soon as I add the above code to my settings.py I get this beautiful error

django.core.exceptions.AppRegistryNotReady: Apps aren't loaded yet.```

halp

Okay, fixed it, I'm a moron

Same

the fuck. why would you possibly do x = x

It was from a tutorial, thought it was a django thing

lol

this=this

self=self

what a tutorial.

That is next level programming

def changestyle(request):
    if request.user.is_authenticated():
        userstyleconfig = UserStyle.objects.get(user_name=User.objects.get(username=request.user.get_username()))
        referer = request.META.get('HTTP_REFERER')
        if userstyleconfig.user_style == "standard":
            userstyleconfig.user_style = "darkorange"
            userstyleconfig.save()
        else:
            userstyleconfig.user_style = "standard"
            userstyleconfig.save()
        if referer == f"{URL}change/changestyle/" or None:
            return HttpResponseRedirect(URL)
        return HttpResponseRedirect(referer)
    else:
        return HttpResponseRedirect(URL)```

ERR_TOO_MANY_REDIRECTS

halp

Okay, I'm a moron, nevermind

hello guys plse can someone refer me to a book on python web development

intermediate level

I am working with django atm, i have a problem with moving the templates folder from app to project folder can someone help me?

Hmm, getting closer to the end I have a question if I did something uhm, incorrectly

My like, dislike and favorite functions are simply called with the posts id like www.wb.com/like/15/

GET requests?

Uhm, what exactly do you mean

I was gonna ask if I should make the functions in a form and the view called from just www.wb.com/like/ and with a post request

No idea how to do it with a get

Yeah, that's what I'd recommend doing

If you're using JS it doesn't actually have to be a form, but

You can just do an xmlhttprequest, which is a bit of a mouthful

we call them XHRs for short

How am I gonna know the post id if I don't do a form :3

Depends how your posts are defined

Here's an example XHR from one of my other projects

<span class="rate-options"><a data-href="http://127.0.0.1:8000/like/454/" class="like" title="şükela!">
                                    <svg class="dic" id="svg-chevron-up">
                                        <use xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="#dic-chevron-up-thick"></use>
                                    </svg></a><a data-href="http://127.0.0.1:8000/dislike/454/" class="dislike" title="çok kötü"><svg class="dic" id="svg-chevron-down">
                                        <use xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="#dic-chevron-down-thick"></use>
                                    </svg></a>
                                </span>```

    let oReq = new XMLHttpRequest();
    oReq.addEventListener("load", req_listener);
    oReq.open("POST", "/add_object");

    oReq.setRequestHeader("Content-type", "application/json");
    oReq.send(JSON.stringify({"type": type, data: obj, layer: layer}));

hmm

well, yeah, you answered your own question

use an attribute on the html

data-id and then post it with js

data-post-id="whatever" yeah

But I though POST request had to go into a form :3

Don't they

Nah

They're just verbs

forms are usually POSTed, but they don't have to be

Oh I see

One last question

Normally I do <form method="POST"> and in django request.POST.get(name)

Oh fuck

Okay I'm an idiot, nvm :D

Thank you :D

:>

Damn :(

?

https://imgur.com/a/O3mkh :(

Check the console then

lol

Are you building imgur?

what

xD

I built an imgur for work once.

that was a fun project

I bet it was

I hope you didn't store the images using git LFS

:P

halp me gays

guys*

check your logs

breh

yeah, check your logs

good idea

internal server error always means "check your logs"

Yup

in fact, most of the time you should just have a tail -f running to the relevant logs while doing webdev

a 500 is the webserver going "something broke "

I basically have a monitor dedicated to that :P

Uhm, should I return something if I only do some logic

"I just don't know what went wrong"

you don't have to return anything.

def like(request):
    userchoice = UserStyle.objects.get(user_name=User.objects.get(username=request.user.get_username()))
    entry_pk = request.POST.get("getnew", 246)
    entry = Entry.objects.get(pk=entry_pk)
    if entry in userchoice.user_dislike.all():
        userchoice.user_dislike.remove(Entry.objects.get(pk=entry_pk))
        userchoice.user_like.add(Entry.objects.get(pk=entry_pk))
    elif entry in userchoice.user_like.all():
        userchoice.user_like.remove(Entry.objects.get(pk=entry_pk))
    elif entry not in userchoice.user_like.all() or userchoice.user_dislike.all():
        userchoice.user_like.add(Entry.objects.get(pk=entry_pk))
    entry.entry_points = len(entry.user_like.all()) - len(entry.user_dislike.all())
    entry.save()```

Python functions return None implicitly

if you choose not to, python will return None

implic... yeah

:>

ValueError: The view mainsite.views.like didn't return an HttpResponse object. It returned None instead.

Ah, yeah, return a response then

well that's Django telling you it has special rules. :D

django!

strider.

strider?

I keep thinking of that GDQ run

"We went down this pipe and now we're in africa. Strider."

the strider run?

haha

yeah

that was a fun one

Yeah, :P

Lovely

One last thing guys

How do I get the javascript POST request in django

the same way you get any form or other POST

What are you actually POSTing? JSON?

request.POST.get("getnew", 246) just to see if it works I have this and it toggles post with id 246

My post part may be a little fucked up hang on

Since I imagine you could probably just POST like

function ajaxfeedbackhelper(x,y,z) {
    x[z].children[0].addEventListener("click", function () {
        var getnew = new XMLHttpRequest();
        if (x[z].classList.contains("like")) {
            getnew.open("POST", sitename + "feedback/like/");
            getnew.setRequestHeader('X-CSRFToken', cookies['csrftoken']);
        } else if (x[z].classList.contains("dislike")) {
            getnew.open("POST", sitename + "feedback/dislike/");
            getnew.setRequestHeader('X-CSRFToken', cookies['csrftoken']);
        }
        getnew.onload = function () {
            if (x[z].classList.contains("voted")) {
                x[z].classList.remove("voted")
            } else {
                if (y[z].classList.contains("voted")) {
                    x[z].classList.add("voted");
                    y[z].classList.remove("voted")
                } else {
                    x[z].classList.add("voted")
                }
            }
        };
        getnew.send(x[z].getAttribute("data-id"))
    });
}

function ajaxfeedback(feedback, affected) {
    for (var i=0; i<feedback.length; i++) {
        ajaxfeedbackhelper(feedback, affected, i)
    }
}

ajaxfeedback(ajaxlike, ajaxdislike);
ajaxfeedback(ajaxdislike, ajaxlike);```

"post=x"

ah you're literally just posting the ID

well in that case there's nothing to parse and you want the request body

sooo, request.POST ?

that's a multidict if I'm not mistaken

that won't be populated

you probably just want request.body

oh

why don't you print it?

how :o

print(request.body)?

I feel like I'm stupid I'm sorry but where do I do that exactly :( in shell?!

in your function

I'm lost, where would it print it

You know what print does, right?

Okay prints to the console, I'm sorry just didn't think it would print it there for some reason :(

Although, this does it :D

Good stuff

Fixes my problem :D

\o/

Thank you, gimme a hug 🤗

Bruh

Oh yours cuter :3

Ohh pepe :(

hey, like in Flask, return puts a string to a HTML document in function ?

You have to put it in one of the render functions before in django

im using django 2.0 and want a button on my website to delete all objects of the specified model, how will i go about doing that?

pls @ me when u gat answer

@grand badge Please ask a better question

The question you asked appears to be asking for someone to write it for you

I could give an overview if you want though

yes i would like that

More or less, you'll need a form with a button in it, or just a button that will submit using Javascript

oookaaay

You'll need a route that will be submitted to

okay

That route will then need to run the delete operation on your database, having done whatever authorization checks you need

soooo i need to make a model form right?

As I don't use Django I can't give that many specifics, but I don't think you need anything special

Just a single form with a button in your HTML should be fine

okay thx

Literally object.delete()

You just need to loop through the ones you want

That sounds inefficient, wouldn't you do that on the database?

They want to delete all the objects in the table

Okay, isn't it just Modelname.objects.all().delete()

i tried that, but it never worked unfortunately

Then put it in a for loop

Anyway GDUDE, while I have you here

I was turning all my hardcoded urls to template url patterns with {%url "urlname" regex_group = somevariable%}, how do I do this for GET requests?

My pagers are hardcoded rn

Like {%url "urlname" regex_group = somevariable%}?page={{next_page}}

No idea, sorry

I don't use that feature and I'm not sure why someone would

What :o

How else am I supposed to work with paginators 🤔

what do you mean "how do I do this for GET requests"

url(r'^(?P<title_text>[a-zA-Z0-9_]+)/$', views.title_page, name="titlepage") this is one of my url patterns

I'm using this as {%url "urlname" title_text=title.title_url%} in html

Everything is fine so far, but to add a paginator to titlepage

I need something like ?page=pagenumber

Django has a pagination system? That's kind of neat

Which I can't find a solution except hardcoding it into html

I've always done it myself

Yeah it is pretty easy :D

hm, I see.

I have never actually done this but let me fetch a django book from my bookshelf and see if I can figure it out.

Oh, thank you :D

@brave mantle

instance = Paginator(list, item_per_page)
page_item_list = instance(page)```

This is pretty much it

I'm thinking maybe you just make a second url pattern which includes the ?page=<page_number> in the expression

and then you call that one instead

is that an option?

@brittle copper

Hmm, I can always try

might be a better way but I'm not finding it in my django books

Well, this works and if I don't want to use hard coded urls this is what I have to use for now, thanks :D

yeah.. I think you're stuck with that.

but at least it works

btw this book is excellent

Too bad I have to restructure all the views again

https://www.twoscoopspress.com/products/two-scoops-of-django-1-11

I highly recommend it if you're gonna keep working with django

This is my life now, I try to fix something and all the sudden I have to do 10 hours of manual labour :D

Alrighty, will look at it when come across another problem

it's not online or anything, you'd have to actually buy it

but it's not really for solving problems, rather for learning best practices and methodology

but it's really well written

Just clicked at link, yeah; probably can't afford it rn :D

yeah, that's fair enough

just figured I'd mention it just in case you want a django book in the future.

Although, bookmarked it

Aren't we at Django 2.x though? :P

django 2 exists, but I think 1.11 is still LTS

oh wait, no look at that.

yeah actually the book I have is for django 1.8

I guess maybe there's no two scoops for django 2 yet.

Just found it, django itself too is saying "fuck you your urls have to be ugly"

how do i use requests to inject js into pages

you mean response?

forgot how, but you can work with static files@raw rapids

may be js script can be added to page as static object

but it headpain, before cofigure once

@raw rapids try just use "safe" flag in template variable, may be it will be enought, if js was generated on server side

inside django template html file variable syntax

if i right remember it something like html {safe|myvar}

where myvar is html <script>...</script> js code

How is that even related to requests library @frigid hamlet

may be i wrong translate... for me this text look like request info about ways to using django webframework that inject js code in response html page.@brittle copper

how do i use requests to inject js into pages this?

:o

like python server generate jscode and then transport this code use response into html.... yes , this text

i use this once... in django project..., that inject threejs 3d model js code into js template inside html, but forgot how :|

and lazy to search and read code again

this http://helpmedraw.pythonanywhere.com/

You can just use javascript files in static folder and reference them from your template html

if he's talking about actual "JS injection" then I think he's hard pressed to do such a thing with a library that doesn't execute JavaScript

https://venturebeat.com/2018/02/08/chrome-will-start-marking-all-http-sites-as-not-secure-in-july/

good

Yep

agreed

amazing to finally see this!

What would you consider when making an API: Django or Flask?

Or maybe another toolset?

an API to compliment an existing application?

RESTful, in theory?

RESTful, yup

And yes, to complement an existing application

Flask is a pretty standard choice

I don't know that I've ever seen Django pulled in exclusively for use as an API

Yeah it's just that I'm more comfortable with Django right now as I'm still learning

But flask seems very simple and easier than Django actually

it's pretty lightweight and generally used for beginners and simple tasks

I haven't used it in... maybe 3 years

my last opinion on it was that the way I was taught to use it was not terribly pythonic, but when used in a more reasonable fashion it actually starts to look and feel a bit more like django

(I might also just be inventing memories, take it for what it's worth)

3 years? That's a lot, what's your framework or library of preference?

haven't been writing web apps in Python in 3 years! :P

Flask is probably the one I've had the most experience with, so I'd probably default to it unless I had time to research alternatives

Oh, you don't do webapps then? Or maybe in another language?

last web application I wrote was a quick PHP prototype, I think

toying with converting some network storage into web accessible cloud storage for the sysadmin team I was with

but in general, yeah, not working with webapps

Like an OwnCloud sort of app?

exactly like!

we actually tried to fit OwnCloud and NextCloud to our needs afterward

owncloud is pretty damn good.

and yeah, I'd like to second the suggestion that flask is a better choice than django for a restful api.

styled is right that django and flask can be made to look similar, if you use class-based views and an ORM database with flask and split the codebase over lots of files and folders. but with Flask you have the option of writing your restful api in a single file with decorated function-based views. you can use a lightweight NoSQL database. it's all very self-contained.

in a word, Flask is less opinionated than Django.

solve the problem with however much complexity you require.

on the topic of Django, is there a way to call a template filter after rendering the template somehow?

specifically I have a blog which uses Markdown to render the posts, and would like to add a live preview to the admin

the markdown gets rendered through a template filter, or template tag, I forgot the exact naming

would I have to set up an endpoint on my site that does nothing but render the markdown given to it, and then call that endpoint from the admin?

god i have no idea of web dev I think I need to do that though, judging from the responses on SO at least

well, you could probably solve it with a bit of javascript

and have the preview be truly live.

I think that's what I would do.

without javascript, you will have to call some endpoint, yes.

I mean you could probably roll this preview stuff into the same endpoint you're already on at that point by spitting in an optional arg or something, but I'm not sure it'd be better.

"solve it with a bit of javascript" as in parsing the markdown in JS?

that's one option

you could also have javascript dynamically load in whatever you're using for markdown already

as a daft example, javascript might make an ajax call and fetch the html from an endpoint you made to do this, and then just stick it on the page.

although it might be faster to just have a js markdown library handle it

(I'm sure there are a bunch)

I mean, there's probably a hundred ways to solve this with js. I'm not sure what the best method would be for your project, you'll probably have to do some research for that.

but for this kind of thing - a post preview - it's probably the way to go.

you don't wanna be reloading the page every time the preview is gonna change.

yeah

i'll probably go with fetching it from an endpoint, since I don't want to get into any weird issues because of library differences

thanks!

np, let us know how you solve it

pretty interesting stuff.

will do 👍

@meager anchor When you say you are using an endpoint, are you re-rendering the markdown everytime they type a character??

uh

😃 I'll have to think of something smart

probably something along the lines of "if nothing was entered within the past x seconds, submit a request to grab the rendered output"

A lot of people use Showdown

https://github.com/showdownjs/showdown

If its on the client it means you arent having to send a HTTP request for every character

Yeah

Hm, maybe the whole "render the markdown on the server" approach is a bit stupid in the first place when i could just render it on the client

Yea

Isn't there any easy way to share stuff on facebook?

Facebook sharer requires an app id

My twitter sharer looks like this for reference

def sharetwitter(self):
    entry_title = self.entry_title.title_text.replace(' ','+')
    url = URL.replace(':','%3a').replace('/','%2f')
    pk = self.pk
    hashtags = ','.join(str(i) for i in self.entry_title.title_channels.all())
    return f"https://twitter.com/intent/tweet?text={entry_title}%3a+{url}entry%2f{pk}%2f&hashtags={hashtags}"```

pretty sure there's functions in the standard library to do the URL encoding

I'm pretty sure my 800 line views.py can be written in 400-500 lines

800 lines

:'(

So, about the facebook share? Anything? :'(

well it doesnt look that bad to me to be honest

apart from the url encoding

This is twitter though

Thats twitter

Can't do the facebook one :(

ahh

Trying to get client-side markdown rendering with highlighting working reminds me why I rendered it on the server in the first place

either I don't get any exception and it doesnt work, an exception that doesnt make sense, or something else oh well, back to server side rendering..

:(

rendering on the server with AJAX calls?

yeah but, i, uh, changed my mind again

the only issue I have now is code highlighting, which .. should work at some point

lol

the feature planning phase is always a rollercoaster

wheeeeeeee

finally worked it out 🙏

I should probably work through FCC sometime.

huh?

you don't know fcc?

no

not this again

I tried to paste it but Discord apparently maintains its own clipboard again. anyways - https://freecodecamp.org

Oh I see

at which point would you say does caching make sense?

If the endpoint puts either a lot of heavy load, or gets hit a lot

Quite a vague answer I understand

vague questions get vague answers

True

hmm

does anyone know how to add a proxy to scrapy?

http://scrapy.readthedocs.io/en/latest/topics/downloader-middleware.html#module-scrapy.downloadermiddlewares.httpproxy

essentially, setting the HTTP proxy environment variable will allow scrapy to use it

i understand you have to set it so its active but where do i add it when rnning the crawler

you set it before you run the crawler

I assume you are on windows?

https://i.seph.club/jarin.png

mac

where do i set it

on mac or linux, you can run the export command before running your scraper

you're using Terminal to run?

yes

how do i run

export https_proxy=<proxy>
python3 scraper.py

i set the value of it to 1 right

no

'scrapy.downloadermiddlewares.httpproxy.HttpProxyMiddleware' : 1,

https://i.seph.club/jarin.png

is that in a file?

if it's like a config file or something, then yeah

k

and if i do export do i oput that in a pthon file

No

You type that into your terminal and then run the scraper

like in the command I sent

export https_proxy=<proxy>
python3 scraper.py

but does it set the variable for the whole system

No, is that what you intend for it to do?

no

only for the scrapy crawler

but i run the crawler like this

Then it won't most likely

scrapy crawl <spider name>

then you just do

export https_proxy=<proxy>
scrapy crawl <spider name>

how will i know if its working

I've never used scrapy, I wouldn't know, I'm just going by what the docs say on using a proxy

Alright, I've integrated a live markdown preview into the Django Admin with some help of @mental chasm since i'm horrible with JS - this is what it looks like:

it might possibly be nicer to have the preview to the right of the content but i have no idea how to do that without grabbing yet another css framework think it's okay like this

Looks good

I think that looks pretty good.

Thanks!

<div class='container'> <div class='row'> <div class='large-6'>Code content</div> <div class='large-6'>Preview Content</div> </div> </div>

If you are using bootstrap, maybe you could get markdown to implement this ¯_(ツ)_/¯

i'm not, it's the default django css, but thanks

Can anyone who knows how to use requests dm me I need hel

Help

You can ask your question in #help-coconut, #help-grapes or #help-falafel

hey guys

my code works but it's not getting all the fields I want.. I think it has something to do with the source code in html..
span or something.. so it's missing out certain fields

# LIST OF FIELDS TO SCRAPE
list_of_fields = ['Market Cap', 'Enterprise Value', 'Trailing P/E', 'Forward P/E', 'PEG Ratio', 'Price/Sales', 'Price/Book', 'Enterprise Value/Revenue', 'Enterprise Value/EBITDA', 'Fiscal Year Ends', 'Most Recent Quarter', 'Profit Margin', 'Operating Margin', 'Return on Assets', 'Return on Equity', 'Revenue', 'Revenue Per Share', 'Quarterly Revenue Growth', 'Gross Profit', 'EBITDA', 'Net Income Avi to Common', 'Diluted EPS', 'Quarterly Earnings Growth', 'Total Cash', 'Total Cash Per Share', 'Total Debt', 'Total Debt/Equity', 'Current Ratio', 'Book Value Per Share', 'Operating Cash Flow', 'Levered Free Cash Flow', 'Beta', '52-Week Change', 'S&P500 52-Week Change', '52 Week High', '52 Week Low', '50-Day Moving Average', '200-Day Moving Average', 'Avg Vol (3 month)', 'Avg Vol (10 day)', 'Shares Outstanding', 'Float', '% Held by Insiders', '% Held by Institutions', 'Shares Short', 'Short Ratio', 'Short % of Float', 'Shares Short (prior month)', 'Forward Annual Dividend Rate', 'Forward Annual Dividend Yield', 'Trailing Annual Dividend Rate', 'Trailing Annual Dividend Yield', '5 Year Average Dividend Yield', 'Payout Ratio', 'Dividend Date', 'Ex-Dividend Date', 'Last Split Factor', 'Last Split Date']

#stock_ticket = 'TEF.MC'
sourceCode = str(urllib.request.urlopen('https://finance.yahoo.com/quote/TEF.MC/key-statistics?p=TEF.MC').read())
for field in list_of_fields:
    if(list_of_fields!=""):
        ScrapedValue = sourceCode.split('>' + field)[1].split('</td></tr>')[0].split('>')[-1]
        print ("field=",field, " / scraped valued= ", ScrapedValue) ```

for example.. fields like Fiscal year ends.... and Dividend date. .. are not being printed.. I think it's because it's in date format.. but I'm not sure how to correct it :< please help

It's because a 'normal' field that you can parse looks like

<td class="Fz(s) Fw(500) Ta(end)" data-reactid="75">5.37</td>

And the fields you can't parse like Fiscal years looks like

<td class="Fz(s) Fw(500) Ta(end)" data-reactid="90"><span data-reactid="91">Dec 31, 2016</span></td>

Your code can't handle the extra <span> element.
@native tide

Not 100% sure if this is the right channel, but I'll ask anyway..
I have a Discord / Reddit / Twitch Bot for subscribing / unsubscribing to Twitch stream events through commands. Twitch handles this by sending callbacks to my site, which has to respond accordingly.
If they send me an event, e.g. "stream x went online", I need to access the database of the Bot to find out which guilds and which subreddits are following the stream for events and then do either

• send the update to a webhook on discord
• update the sidebar of a subreddit
  Now to my question, in django, is there a way to access a database from another project like that, or am I taking the wrong approach? I mean, I could also just import sqlite and then do the querying myself, but this all seems like bad practice. Would be happy for any suggestions

@meager anchor First of all: Don't use sqlite

Second of all, the database should be on the site - the bot should access it via a HTTP API

what's wrong with SQLite?

also hm okay

poor concurrency and speed

I only have like 2 guilds actively using this

Your site isn't going to be so forgiving

🤔

http://howfuckedismydatabase.com/sqlite/

🤔

sqlite is only good for testing

I think I'll just go with the hacky import-sqlite-way

You're going to actually break it if you do that

Why

You've got a file-based DB and more than one process accessing it

you're gonna corrupt it

goddamnit

"Multiple processes can have the same database open at the same time. Multiple processes can be doing a SELECT at the same time. But only one process can be making changes to the database at any moment in time, however."

the site doesnt make changes

Yeah, but you can't guarantee that the reads will be atomic

sqlite isn't writing as soon as you make a change, and you could be reading during a write as well

if it breaks I'll learn from it, and if not I'll save a couple hours of rewriting half my bot and my website to have an API

the couple hours is worth it when you're learning to do things the right way :P

i've had to rewrite half my bot twice already because twitch moved to their new and amazing API, and all for the one guild that uses it

Sounds like you could use some modularity, but yeah, that happens

probably

it'a pretty quick to switch out your sqlite for postgres or something.

which is easy to make available to all your services.

yeah

well, I just figured out that twitch doesn't send the stream name / game name anymore, just IDs, so half of this is broken anyways

you interact with both databases in almost exactly the same way, usually.

at least if you're just sending sql queries to sqllite with execute or something. psycopg2 will be identical.

just gotta change the import.

and a remotely accessible db is a nice thing to have. for future projects.

i'm using Django ORM in my web app and SQLite ORM in my bot, so its no issue at all

probably just changing a connection string

right right.

yeah that should be pretty simple

so I think gdude is right, you should just get a database that supports this.

yeah

well I need to integrate the twitch app into my django web app somehow now, so I'll have it in two projects...

I think I'll just go with adding an API to my site

@brave mantle

🅶🅳🆄🅳🅴 - Yesterday at 11:15
sqlite is only good for testing```

Well that just isnt true

Oh, well sure, if you're making a small application that you're only ever gonna use yourself, or you're locking yourself into a model with no concurrency, sure

Are you high?

There are quite a few use cases

I'm high but continue

what's wrong with sqlite for small-scale stuff?

Nothing at all

What's wrong with sqlite for bigger stuff?

I'm not kidding around I really don't know :(

Only one write can happen at one time

So you would need to implement some sort of queue system

Which if you have a high volume of requests, may not be what you want

file-based sqlite is known to be pretty slow, as well

Slow compared to what?

slow compared to most anything with its own daemon, really

in-memory sqlite is okay I guess, but I'm not sure of the use-cases of that

That is a pretty bold claim

Considering SQLite doesnt have the network overhead i doubt there is much truth in that

I was going to use sqlite for trading card thing, but decided against it due to not really feeling like writing a parser for moving things into a dict

What?

unrelated

But i still dont understand the last part

I'm lazy.

I would use sqlite otherwise

but I'm using pickle instead

Do you mean because SQLite returns a tuple?

the dicts I'm using are nested, pickle is just more convenient.

Regardless, I will try to make it work later when I finish up the actual content of the project.

Ok

My fault for derailing an argument on the practicality of sqlite3

but really it boils down to how frequently the database is accessed

Running a bot for a personal server would be fine, but a multi-server bot like tatsumaki might need something better

(just adding a tl;dr for anyone who doesn't care to scroll up)

https://www.sqlite.org/whentouse.html

It's sqlite is probably not going to be your bottleneck for a discord bot of any size.

Once you get past 1000 servers, it'll be unusable unless you're using a beefy enough rig for d.py's AutoShardedBot

at 1k servers, Discord forces you to shard

The "correct" way to do it is to split off into multiple processes, but asyncio is generally pretty fast

oh, for multiple instances? You have to implement c/s for the bot anyway.

No reason to compare them at that point if you have to stand up a server anyway.

c/s?

client/server

Oh, if you've got more than one instance, yeah, for sure

unless you wanted to be silly and make like

an sqlite server daemon

which I'm sure exists, tbh

I LOVE NFS AND FILE LOCKING

I mean what

lol

(No really that's the solution for some software that I deploy at an event each year.)

(These motherfuckers all access a single database file on a network share using a lock file.)

(homemade format database*)

Yikes

Used samba one year to do it so I could script inotify to make a copy after each write mtime change just in case

Was scary D:

Also, bananas are a neat fruit

At least they weren't using shelve, I suppose :P

I'm going to assume that not having heard of shelve is a good thing ;p

It's one of those python modules you only see beginners using

It's a key value store that is serialised with pickle and has no querying aside from the keys

Single file of course

I have written this module at some point

data_store = {} 😂

:P

lmfao

ok so, i have no clue what to use as a backend for my nonexistant website

flask flask flask

but google told me that its single-threaded

but you can do wsgi with gunicorn or some other webserver OR enable the multi threading option?

ok so google tells me theres single threaded, but not that theres a multithreading option?

how did i not know about this

huh

i read about a multi threading option

and flask is made for wsgi anyways

google gunicorn with flask

im gonna be honest with you i have no idea what wsgi or gunicorn is

all i want is like a do this and this when someone goes to /home and give them this page

so like flask, but not one thread

wsgi is inherently not compatible with asynchronous programming

however

what you usually do is use a worker manager, like gunicorn

so you're actually running like 24 copies of your flask app

and it dispatches requests to whichever ones aren't busy

ah ok gunicorn sounds useful

can you make it dynamically spin up more workers if the load increases (though i doubt my website will get that much attention)

I think so, but you probably don't need it

With flask, you can combine it with gevent as well, which is what we're doing with the python discord site

and gunicorn will handle most of that as well

so we're using gevent, gunicorn, and flask?

Yep

ahhh ok

i will look into all of those things

thanks for the advice!

Just use Django like a real man

Flask love

^

flask + gunicorn + nginx + gevent best

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

now we just need some nice db

and its perfect

• Cassandra

joseph will say rethink now

oh

I prefer cassandra

yeah cassandra is quite nice

especially for larger scale stuff

I mean it's only for larger scale stuff lmao

you can just keep adding and adding and dding nodes

running it for anything smaller is overkill

yeah

However the issue is

"While Cassandra can be made to run on small servers for testing or development environments (including Raspberry Pis), a minimal production server requires at least 2 cores, and at least 8GB of RAM. Typical production servers have 8 or more cores and at least 32GB of RAM."

I have none of those

so when I want to mess around with cassandra

I have to fire up a cassandra node at my work

and start messing with it from home

which is slow

you work?

how old are you?

in my teens

We can get sorta jobs here

starting at 14

dafuq

ikr

we are allowed to get jobs with 14 and then just like minimal paid jobs

so we are again back to

I NEED TO AGE FASTER

i ceo i 12

henlo am 2 years of age i am ceo of my friends minecraft server

😃

😄

lmao

what

ok so we ARE allowed to work once we are 13

for 2h a day

when a linux install loads dll's onto your machine

when we are 16 we may accept jobs full time and work for four weeks a year

(if we are still in school during that you CAN leave school with 15 and work 8 hours a day)

and how much may you work?

@kind steppe

I work 4h on weekends

he

working on weekend in not hospital or hotel job

illegal here

lmao

(for kids)

sad

hey i know what would be fun

running a cassandra node on my laptop

could get interesting

okay so

the command to start it told me it took too long to start

and to check the status

the status check command timed out and told me it may not be started

cassandra are you lying

no cassandra is always saying the truth

o

maybe

YOU are lying 😱

yes

lmao what

it started but then exited a few seconds later

and then the log dir is empty

nevermind cassandra got pissy at java

😄

this was a bad move

what happened?

laptop ram spiked to 100 and laptop froze

🤣

remotely killed it

it still appears to be running

did even the ttys freeze

yes

it is

yes they did

what

thats like

nearly impossible

not when you have 100% RAM & CPU usage

Datacenter: datacenter1
=======================
Status=Up/Down
|/ State=Normal/Leaving/Joining/Moving
--  Address    Load       Tokens       Owns (effective)  Host ID                               Rack
UN  127.0.0.1  103.69 KiB  256          100.0%            a922cfab-b51e-4462-ac9a-79ab236d56fa  rack1

huh okay

it's still running

wat

Datacenter: datacenter1

??

yeah i'm using the default install stuff

it auto assigns a datacenter and rack

in prod I could say "oh yeah it's in us-west and on rack 12

so if there was an issue with it

I could go fix that node

cqlsh> SELECT key, broadcast_address, rack, cql_version FROM system.local;

 key   | broadcast_address | rack  | cql_version
-------+-------------------+-------+-------------
 local |         127.0.0.1 | rack1 |       3.4.4

(1 rows)

lmao what

but

if cassandra is still running

what claimed so much ram then

startup of cassandra i'd assume

a nice feature of CQLSH is that you can open up doc links from inside the interface

help INSERT_JSON opens up the inserting json docs

only issue is it links to 404 documents lmao

luckily the directory is indexable so you can find things in the end

this is nice tho

INSERT INTO mytable JSON '{"\"myKey\"": 0, "value": 0}'

json inserting

for some reason this is working

so from some quick benchmarks everything seems good

jus a high cpu usage lol

i never knew about the json insert so i was messing with it kek

@kind steppe gunicorn?

You meant: uwsgi

wat

no

yissss

is beautiful

no

u

Does anyone have any idea, how flask's Request object, changes, depending on what function it's in? For example, if I register a callback for /home/, how can the Request object change, depending on the request for /home/ that was made?

If anyone knows what I mean by that :p

the request object is a thread local

That's what you need to research :P

Alrighty

Looking for some help on a project, I'm new to python for WD and was given some JS and CSS by work to design a site.

I'm using Flask. I don't have any HTML or JS background so I'm looking for a second set of eyes to see if there's something basic I'm mixing up.

My issue is the flask site is supposed to pull information from csv files and display them as a graph, however I get the GET 404 error of the csv file when I try. Here is some of the code:

@indigo holly Your .csv file in not in your static dir

Wow, such a silly mistake. Thanks

Anytime :D

Hey guys, I'm new and learning Python. Kinda stuck, have learned the basics and not sure where to go next. I'm interested in learning some web dev stuff, any recommendations? I feel like I have a good grasp of how to structure functions and code, but have no idea about how to arrange files or develop a website.

the almost universal recommendation for beginner web frameworks in Python is Flask http://flask.pocoo.org/

small, simple, extremely common and well-documented

Cool, thanks. Do you think Flask is a better start than Django?

yep

if you're just getting out of the basics and haven't touched web dev before? absolutely

Will check it out

I've generally seen django espoused as the more powerful option but

Generally beginners won't need the shiniest chrome and biggest engine and raddest rides

I gotcha.

I actually don't subscribe to the point of view that django is more powerful.

it's just more opinionated.

the gist I seem to get from others is that django makes more executive decisions whereas flask gives more freedom

not that I know too much about any of this

yeah, that's what I mean by opinionated

you can use a document-oriented database like mongo or rethinkdb with django if you absolutely want to

but it sure doesn't make it easy for you

it reaaally wants you to use a SQL database.

flask, on the other hand, let's you choose freely and has no bias towards one or the other.

and this is a recurring theme when comparing the two.

@deep cave I am by no means a webdev so I don't have any strong opinions one way or the other

that's okay, you're entirely correct of course that django is espoused as the powerful option.

I acknowledge that it is. but as someone who works with python and web, I don't subscribe to that point of view. just figured I'd put that out there. :)

flask seems to be a lot simpler also

it can be. a single file is all you need.

django requires a whole hierarchy of files.

but, to be clear, it can also be just as complex as django.

depends what you're doing.

Hello, I know this is a very newbie question but, are patch, delete and put relevant HTTP methods?

I know get, head and post are, but I haven't seen real world examples with patch, put or delete

PUT and DELETE are valid HTTP methods

I've never actually heard of PATCH being one.. ?

pretty sure it isn't

Yeah, they are, I now put and delete are http methods, but my question is: are they relevant methods in real world escenarios?

there's actually a number that don't bump around much anymore https://developer.mozilla.org/en-US/docs/Web/HTTP/Methods

I think DELETE is useful.

I use it when I write restful API's that interact with databases to handle removing stuff.

I use PUT for like.. uploading files and the likes.

you could technically just use POST for that too, but it feels wrong.

I mean, you could use POST for everything, but the point is to have some seperation

none of them are strictly speaking useful in the sense of "do you absolutely need to use this because it has a special feature"

I will say that I very rarely use OPTIONS, though.

Oh, ok so: POST, PUT, GET and DELETE are the most used methods then?

and yeah, it seems PATCH is a thing

yep, without a doubt.

those are all fairly common to see.

PUT a little less so than the others.

POST and GET extremely common.

gotcha, thanks @deep cave 👌🏻

I only use POST and GET

I don't know what the others are and whether if they can do things that POST can't do

Since after POST you can pretty much do anything with that info at the backend

You can accept whatever you want. You should consider accepting others, as they can be used to convey the semantics of your api

That's espe true if you're making an api. Not so much if you're making a site

But be aware, that PUT is highly exploitable, so be sure to add a good authentication method before working with PUT

In what way is PUT more exploitable than other methods?

PUT can directly mess with local files, someone can write, lets say, a PHP file in your server and enable code execution

uploading a web shell, etc.

Only if you have a server with that set up

Yeah, good practices mitigate a lot of vulnerabilities like this, if your server is correctly configured, and has a good authentication system then it won't be vulnerable

Just don't have put write local files at all

If you're building a web backend you're in control of that

It's not like adding a put endpoint in flask suddenly enables people to write local files

I know, but a lot of sysadmins and web developers are just lazy, leave services with their default settings and believe me, there are a LOT of http services with PUT enabled to everyone 🤣

Ok, your experience is different to mine. I've never worked with a server where there was a PUT endpoint, enabled or not, that just wrote local files

Congratulations

Is requests THAT good?

I have a feeling Daniel Greenfeld was doing something horribly wrong

He might not have written the original code.

wow

I already know so much about requests

How can you even write something in 1200 lines while it can be done in 10

Like

OOP

Do you write python code to turn your code into c then compiles it which then open a python terminal and does the necessary 10 lines of code?

Even that wouldn't be 1200

He never really spcified what it was

This talk https://www.youtube.com/watch?v=o9pEzgHorH0 covers how Jack Diederich went from 660 to 5, same order of reduction

I've seen that

hence my jab at OOP

Is that even real

I'm trying to imagine what one may have wrote in those 600 lines

it's quite easy to do actually

especially if you follow OOP standards hard

you kinda have to step back and look at how people want to use your library and what you're actually providing

and always think about the cost of fracturing your code

It's official, I can now use requests pretty okay

but I can't show what I did with it

Why not?

NDA probably

National defense academy?

non-disclosure agreement

I love requests

Lots of contracts require signing one of those these days, especially in IT

https://www.digitalocean.com/community/tutorials/how-to-work-with-web-data-using-requests-and-beautiful-soup-with-python-3

requests and beautifulsoup are a great combo

10/10

throw in some selenium

actually I can't show what I did because it's lewd

owo?

but if you really want to see you can dm me

depends on the type of lood we're taaaalkin

uhhhhhhhhhhhhhhhhhhhhhhhhh

the e621 api is next

oh fooey that's hardly lood