Monday, 2007-04-09

*** dds has quit IRC		00:01
*** dds_ is now known as dds		00:17
*** gakman has quit IRC		00:50
*** rope has joined #pylons		00:50
*** gakman has joined #pylons		00:52
*** dds_ has joined #pylons		01:09
*** dds has quit IRC		01:22
*** dds_ has quit IRC		01:31
btbytes	how do i turn on gzip for output of particular actions?	01:51
*** pjenvey_ has quit IRC		02:01
*** phrank13 has joined #pylons		02:16
phrank13	Good day for all. Wich is the speedest way to run Pylons application ? with apache's mod_python ?	02:17
phrank13	I need maximal performance for my application, which way of deployment you suggest ?	02:19
xorAxAx	fastcgi is usually faster than mod_py	02:19
phrank13	but pictures at http://bluszcz.net/wiki/Benchmarks_cgi_fastcgi_modpython_psp say that mod_python faster ?	02:21
xorAxAx	my benchmarks said that fcgi is much faster	02:22
phrank13	thank you	02:22
xorAxAx	but i was using moin	02:22
xorAxAx	and not flup	02:23
phrank13	what is flup and moin ?	02:25
phrank13	what do they do ?	02:25
xorAxAx	flup is used in that benchmark as a fcgi adapter	02:25
xorAxAx	and moin is a wiki engine which has a different native fcgi adapter	02:26
xorAxAx	that can be configured e.g. not to use threads	02:26
phrank13	What about comparison of performance between "paster --server" and apache's fcgi ?	02:27
xorAxAx	i was comparing moin's builtin server which is based on the same code and fcgi and they didnt differ much in speed	02:28
xorAxAx	but note that a wiki is a more real world benchmark than a hello world page	02:28
phrank13	now i run my app through paster --server, and it seems to me that it works too slow	02:29
*** efm has quit IRC		03:13
*** gjh has joined #pylons		03:13
*** gldnspud has quit IRC		03:24
*** Justin has quit IRC		03:26
elefth	phrank13, you may also want to check out mod_wsgi although I really don't know how stable or fast it is: http://code.google.com/p/modwsgi/	03:31
phrank13	elefth, How do you run your's applications ?	03:32
*** gldnspud has joined #pylons		03:32
elefth	I use the Paste server at the moment.	03:33
phrank13	with ordinary paster --serve option ?	03:35
elefth	phrank13, yes, I have not deployed anything publicly yet.	03:36
elefth	phrank13, at work we deploy using mod_python but I don't know many details, the sysadmin does the production deployments.	03:37
phrank13	elefth, hm... I noticed that sometimes it works slow (paster --serve), but when you restart it - it works fine. Do you expirience such trouble ?	03:38
elefth	phrank13, no I have not noticed such a thing. Maybe you would like to ask in #pythonpaste	03:39
phrank13	elefth, and what about comparison between performance on paster and mod_python ?	03:40
phrank13	elefth, do you notice any difference ?	03:40
elefth	I haven't really paid any attention to performance so far, I am sorry.	03:41
phrank13	elefth, thanks, one more question. Do you use apache's mod_python ?	03:42
elefth	I personally don't. We do at work as I mentioned earlier.	03:42
phrank13	ok	03:43
*** rope has left #pylons		03:50
*** shovelhead has joined #pylons		04:07
*** marcin_ant has joined #pylons		04:37
*** negus has joined #pylons		05:00
negus	are there any security tests of Pylons?	05:02
*** int has quit IRC		05:03
*** int has joined #pylons		05:05
*** rdesh has joined #pylons		05:15
*** sleek has joined #pylons		05:30
*** sleek has left #pylons		05:30
*** rdesh has quit IRC		05:35
*** rdesh has joined #pylons		05:51
*** rdesh has quit IRC		06:09
*** timphnode has joined #pylons		06:14
vednis_	is there a Pylons equivalent to the Rails scripts/ directory?	06:24
vednis_	or should I look at hooking commands into paste.deploy?	06:24
*** AlexCONRAD_ has quit IRC		06:27
*** Kush- has joined #pylons		07:00
*** fullpony has joined #pylons		07:01
int	i wonder if someone uses elixir + psycopg2 ?	07:20
* int have "Segmentation fault" on create_all		07:20
int	but it works with sqlite db..	07:21
vednis_	int, some people use elixir. I use psycopg2 (without elixir)	07:21
vednis_	you could try re-installing psycopg2, in case the binaries are out of sync with libpg	07:23
Kush-	anyone here used lighttpd 1.5 with pylons/scgi?	07:24
Chairos	vednis: yeah, pylons uses paste.deploy	07:26
Chairos	phrank13: I suggest mod_proxy to one or more paster --serve instances	07:28
Chairos	phrank13: see http://pylonshq.com/project/pylonshq/wiki/DaemonTools and http://pylonshq.com/project/pylonshq/wiki/ApacheReverseProxy	07:28
Chairos	negus: security tests?	07:28
*** efm has joined #pylons		07:30
*** pobrien has joined #pylons		07:31
vednis_	I wonder if you could write an 'unpack' option for paste.deploy.	07:31
vednis_	it would let you pull, say, your static files, and some helper scripts, into the project root directory	07:31
*** creiht has joined #pylons		07:32
vednis_	then, when setting up on a new system, I don't have to go 'paster setup-app etc...'	07:32
Chairos	I don't think that would work very well with deploying from eggs.	07:32
vednis_	I can just do 'paster unpack myapp', and point my Apache at newdir/wwwroot/cgi-bin	07:33
Chairos	I'd suggest talking with windle/benbangert and ianbicking about that.	07:33
Chairos	But, I don't think it will work well.	07:33
vednis_	Chairos, I don't think you can deploy entirely from eggs	07:33
Chairos	oh?	07:34
Chairos	why not?	07:34
vednis_	if you are using CGI, for instance, or you have custom data directories (as I do)	07:34
Chairos	I've got a pylons app right now deployed from the egg.	07:34
Chairos	custom data directories aren't that hard.	07:35
vednis_	but they must be on the file-system; so, no egg-only install	07:35
Chairos	sure there could be. have a 'custom data dir' option in your .ini file, and when you call websetup.py it can set up any files needed in that folder	07:35
vednis_	Chairos, true, and that's what I do. But that isn't a pure-egg install	07:36
vednis_	you need to find ways to migrate other schemas at the edge of the system	07:36
Chairos	I guess I misunderstand what you mean by pure-egg, then.	07:37
vednis_	db migrations are one example	07:37
vednis_	filesystem structures are another	07:37
vednis_	and server deployment supporting components, cgi-scripts, for example, are a third	07:37
vednis_	I guess that's why capistrano grabs a check-out and push from svn	07:38
vednis_	using a tag	07:39
*** __pv has joined #pylons		07:44
*** efm has quit IRC		07:48
*** efm has joined #pylons		07:49
*** zzzeek_ has joined #pylons		08:03
int	can someone look on my websetup.py? i still has segfault with it, but plain psycopg2 works. so i guess something wrong with setup http://pastebin.ca/431228	08:05
vednis_	oh, cool: http://swapoff.org/wiki/blog/2007-03-20-activating-a-workingenv-from-python	08:11
*** bradmw has joined #pylons		08:14
steg	hmm, does anybody do redirect-after-post with toscawidgets forms ?	08:19
steg	I'm posting from a form to a different controller/action and I'd like to redirect on errors back to the posting page so it can redisplay with errors/user input	08:19
steg	I don't think it'll be hard to roll my own, just wondering if anybody knows if it already exists	08:19
Chairos	well, it exists for formencode-validated forms	08:20
steg	oh, cool.. is that part of formencode ?	08:20
__pv	I think TW does have its own validate function that does this	08:20
steg	I don't think TW's validate function handles this	08:20
Chairos	steg: it's part of pylons: http://pylonshq.com/docs/0.9.4.1/module-pylons.decorators.html#validate	08:20
Chairos	see also "Validation the Quick Way" in http://pylonshq.com/docs/0.9.4.1/form_handling.html	08:21
__pv	Chairos: but TW has a different validate function	08:21
__pv	from toscawidgets.mods.pylonshf import validate	08:21
steg	ok, thanks	08:21
__pv	I'm using it like this: @validate(form, error_handler='index')	08:22
steg	__pv: yes, but that doesn't redirect does it?	08:22
steg	it just hands the request over to the index action to deal with	08:22
__pv	steg: yes, reading the source, it seems that it doesn't redirect	08:23
__pv	but I guess it's easy to roll your own	08:23
steg	yeah	08:24
steg	I didn't think the formencode one redirected either	08:24
steg	in fact, I don't think it does, I'll have to check	08:24
Chairos	the formencode one does redisplay the form with user input and errors.	08:25
__pv	ditto for the TW one, to my understanding	08:25
steg	I'd like to redirect, so I'll roll my own.	08:26
steg	it should be quite simple	08:27
steg	perhaps I'm looking at this the wrong way, though	08:28
steg	I have a shopping cart, handled by CartController, it has a .add() action that is designed to take a POST of product_id, number	08:29
steg	Products can be added from several different pages, and I'd like a POST form on all these different pages that targets CartController.add()	08:30
steg	hence if .add() doesn't validate, I want to redirect to whichever page submitted the form and display the errors there	08:30
Chairos	ah.	08:30
Chairos	one way to do that would be to have all those forms POST to their own urls, and have the http://pylonshq.com/docs/0.9.4.1/module-pylons.decorators.rest.html#dispatch_on decorator forward the POSTs to .add()	08:31
Chairos	but there is probably a cleaner way I'm not seeing at the moment.	08:31
steg	that's what I'm worried about, I have a habit of missing the obvious sometimes :)	08:32
steg	Chairos: What I was going to do is save the Invalid object in the session and redirect	08:33
steg	which should automatic-able for the most part	08:35
steg	bbiab	08:35
*** zzzeek_ has quit IRC		08:39
*** gldnspud has quit IRC		08:39
*** zzzeek_ has joined #pylons		08:40
wiggy	can someone help me with authkit?	08:47
wiggy	it keeps going to the error-form after I login with the right credentials	08:48
wiggy	I'm guessing that is because it POSTs to the error document	08:48
*** gldnspud has joined #pylons		08:49
*** matt_good has joined #pylons		08:52
*** marcin_ant has quit IRC		08:54
*** ctc_patrick has joined #pylons		08:55
*** btbytes_ has joined #pylons		08:55
vednis_	sometimes developing with sqlite really sucks	08:59
vednis_	at home, the datetime columns work perfectly with SA	08:59
wiggy	SA?	09:00
vednis_	SQLAlchemy	09:00
vednis_	at work, sqlite gives me strings instead of datetimes. Same code, different behaviour!!	09:00
wiggy	date handling in SQL is unfortunately not very well defined	09:00
wiggy	heh, that's nasty	09:01
wiggy	for serious systems I tend to use unix times instead of datetime types, seems to be the only robust way to handle times in sql	09:01
*** shovelhead has left #pylons		09:01
wiggy	at least when you need to do things like work with time deltas	09:01
Chairos	vednis: do you have different versions of sqlite installed?	09:02
vednis_	Chairos, I don't believe so, but I have no way to check from this end :(	09:02
Chairos	I've had that behavior, and it turned out that one of my sqlite installs was at least two minor revisions behind the other.	09:02
xorAxAx	wiggy: so you can sell a lot of consluting hours in 2038? :)	09:02
vednis_	hehe	09:03
wiggy	64bit integers will safe your ass someday :)	09:03
wiggy	2037 is the year things go boom iirc	09:03
* wiggy curses authkit yet again		09:03
xorAxAx	http://en.wikipedia.org/wiki/Year_2038_problem	09:04
Chairos	just use 64 bits	09:04
xorAxAx	Chairos: yes, the db column needs to be 64 bits	09:04
Chairos	"In the positive direction, whether the approximately 293 billion representable years is truly sufficient depends on the ultimate fate of the universe, but it is certainly adequate for most practical purposes."	09:04
vednis_	$ sqlite3 -version	09:05
vednis_	3.3.3	09:05
vednis_	darnit >:(	09:05
xorAxAx	codename "half-devilish"	09:05
*** gldnspud has quit IRC		09:06
Chairos	vednis: OS X Tiger ships with 3.1.3, so if that's one of your machines...	09:06
vednis_	Chairos, nope, Fedora 3 here, Fedora 5 at home	09:06
*** gldnspud has joined #pylons		09:06
vednis_	I've been on linux for a long time :)	09:06
Chairos	FC3 ships with 3.1.2	09:07
vednis_	yeah, I had to update it	09:07
Chairos	I have 3.3.13 installed, now.	09:08
vednis_	gah, stupid me	09:08
*** windle has joined #pylons		09:08
* wiggy wonders why the httpexception middleware is called when authkit is earlier in the middleware stack		09:09
vednis_	it wasn't sqlite, it was a variable name being passed in as a string before a check from a refactoring I did 2 seconds ago	09:09
Chairos	ah	09:09
Chairos	heh	09:09
*** btbytes has quit IRC		09:10
vednis_	odd, I tried activate_workingenv, but for some reason python won't pick up the changes	09:16
*** windle has quit IRC		09:18
wiggy	pfft, finally got authkit working	09:22
wiggy	of course it was my own mistake	09:22
*** sloat has joined #pylons		09:28
*** nathan^ has joined #pylons		09:30
TownCrier	pylons: PylonsContractors edited <http://pylonshq.com/project/pylonshq/wiki/PylonsContractors?version=9> \|\| PylonsContractors edited <http://pylonshq.com/project/pylonshq/wiki/PylonsContractors?version=8> \|\| PylonsContractors edited <http://pylonshq.com/project/pylonshq/wiki/PylonsContractors?version=7>	09:41
*** benbangert has joined #pylons		09:51
*** pjenvey_ has joined #pylons		10:15
*** Kush- has quit IRC		10:16
*** marcin_ant has joined #pylons		10:40
*** efm has quit IRC		10:59
*** Kush- has joined #pylons		11:09
*** btbytes__ has joined #pylons		11:21
*** btbytes__ is now known as btbytes		11:21
*** btbytes_ has quit IRC		11:30
*** marcin_ant has quit IRC		11:53
*** Kush- has quit IRC		12:03
*** efm has joined #pylons		12:03
*** ronchilla has joined #pylons		12:29
*** hinoglu has joined #pylons		12:46
*** scane has quit IRC		12:50
*** etrepum has quit IRC		12:54
*** GSF has quit IRC		13:05
*** hinoglu has quit IRC		13:11
*** etrepum has joined #pylons		13:46
Chairos	benbangert, zzzeek_: I have a question about the cache object.	13:53
zzzeek_	ugh	13:53
*** uche has quit IRC		13:53
Chairos	Specifically, I want to completely clear the entire cache object. Is there a simple way to do that, or must I manually delete the files?	13:53
zzzeek_	theres no clear() on it ?	13:53
Chairos	I can't find any documentation of its methods.	13:53
zzzeek_	yes i know	13:53
Chairos	except what's here: http://www.myghty.org/docs/cache.myt#caching_interface	13:54
zzzeek_	:)	13:54
zzzeek_	ok so you are using the myghty cache interface ?	13:54
zzzeek_	it has a clear() method on it	13:54
*** uche has joined #pylons		13:54
Chairos	I'll be using pylons.cache, which I'm told works exactly the same way as the myghty cache.	13:54
Chairos	okay, cool.	13:54
Chairos	thanks	13:58
*** btbytes__ has joined #pylons		14:01
nathan^	zzzeek_	14:05
zzzeek_	ya	14:05
nathan^	We're using myghty and mod_apache, and is there an easy way to get my new data to be "seen" without constantly restarting the server?	14:06
nathan^	Does that even make sense to you?	14:06
zzzeek_	what sort of data	14:06
zzzeek_	templates should get automatically reloaded	14:06
nathan^	Yeah	14:07
zzzeek_	no server restart needed as long as you have the default flags set	14:07
nathan^	It seems like it sometimes doesnt automatically do it, or maybe it's the code behind	14:07
nathan^	Like the .py objects that we use	14:07
zzzeek_	those arent templates, those are your python modules	14:07
zzzeek_	module reloading is not very easy in python since other unchanged modules may be referencing the module that gets reloaded	14:08
zzzeek_	then they point to the wrong state	14:08
nathan^	Yeah	14:08
nathan^	Restarting the server seems to do the trick	14:08
ronchilla	Hi guys. Which session handler does pylons use by default? (paste or beaker)	14:09
creiht	Hmmm.... If any of you are following the ExtJS stuff, this looks interestin: http://extjs.com/forum/showthread.php?t=4301	14:09
xorAxAx	nathan^: what is "mod_apache"?	14:09
zzzeek_	i dont think that problem has really been solved, recently i saw a post by guido where he was like, "here, ill write seomthing that does it" and he had some little reloader...but its genrally its the kind of thing thats talked about a lot, debated, etc.	14:09
xorAxAx	with fcgi its easy	14:09
xorAxAx	just kill your fcgi process	14:09
zzzeek_	im sure he means mod_python	14:09
xorAxAx	well, mod_py was the wrong choice then	14:09
*** btbytes has quit IRC		14:10
zzzeek_	i usually develop with a standalone server	14:10
zzzeek_	easy to restart	14:10
ronchilla	creihjt: you are right it does look interesting	14:10
nathan^	Yeah my mistake, I mis-typed.	14:10
*** primco- has quit IRC		14:10
nathan^	I meant mod_python	14:10
*** primco has joined #pylons		14:10
nathan^	It's easy enough to restart apache, I was just curious if there was another way	14:10
zzzeek_	if you specifically are putting data inside of python modules, you can build a reloader	14:10
zzzeek_	mygthy does have a module importer that it uses for templates which has some wacky "reload" logic built in	14:11
zzzeek_	but thats not used when you import a normal module	14:11
zzzeek_	but if you look at python's imp module you can manually load modules from files, check timestamps, etc.	14:11
etrepum	it's easy, but not fast, to restart apache	14:11
zzzeek_	or use reload(module)	14:11
etrepum	or paste for that matter	14:11
etrepum	you lose requests and stuff, it's not entirely pleasant	14:11
nathan^	Right, we have a bunch of sql abstraction stuff that we use in modoles	14:11
nathan^	Modules too!	14:11
zzzeek_	nathan: theres ways to do waht you want though theres complications	14:12
nathan^	Well, since it's my dev server it's not a big deal to restart	14:12
nathan^	It seems like more trouble than it's worth to programatically reload	14:12
zzzeek_	id look into accessing the module in some way that checks the timestamp on the file and reloads, if its really a "data" module	14:12
zzzeek_	i.e. dont just say "import mymodule"	14:13
nathan^	Yeah that's what it is	14:13
nathan^	k	14:13
nathan^	That makes sense	14:13
Chairos	hm.	14:15
Chairos	cache.clear() doesn't work in Pylons.	14:15
zzzeek_	i really wish someone would write a new container API	14:19
zzzeek_	theyre not very hard to write	14:19
Chairos	because cache is actually a CacheManager.	14:19
Chairos	Cache has the .clear()	14:19
* wiggy wonders why formencode is caching things		14:20
wiggy	validate is returning stuff that the user isn't submitting	14:20
wiggy	oh gah, formresult isn't even running since it isn't a POST but form_result on the controller is not reset	14:22
Chairos	zzzeek_: well, in my copious spare time... :D	14:22
pjenvey_	zzzeek_ - it looked like you were planning to cleanup myghtyutils and then i saw you make some changes in svn trunk	14:23
pjenvey_	didn't get very far?	14:24
pjenvey_	benbangert - and weren't you going to add a database backend to myghtyutils for sessions?	14:24
zzzeek_	id like to finish that yes	14:24
zzzeek_	but also, im sure someone could do a much better job overall	14:25
zzzeek_	dont have much time to work on it	14:25
benbangert	pjenvey_: no, I decided not to, cause its dumb	14:25
benbangert	well, at Pycon I was actually saying its retarded	14:25
benbangert	instead, I was going to put together a system using AuthKit and SA for db backed sessions	14:26
benbangert	since thats all you really need	14:26
benbangert	oh, and a few extra columns to the user table	14:26
ronchilla	benbangert: what does pylos use for session?	14:27
pjenvey_	why's that dumb?	14:28
benbangert	ronchilla: the default session storage is filesystem with Beaker (Which uses MyghtyUtils)	14:28
pjenvey_	you're saying you want to put the session data in a 'user' table that authkit knows about?	14:28
benbangert	pjenvey_: that is not dumb.... but putting a pickle thing into Beaker is dumb	14:28
benbangert	ie, 'dumb' storage	14:28
ronchilla	benbangert: thankx	14:28
benbangert	where you let someone just stash some random python object in a blob	14:28
*** marcin_ant has joined #pylons		14:28
benbangert	vs using the db to associate data properly	14:28
benbangert	cause if you have a database, you shouldn't need to go and stash random crap in an object that is pickled	14:29
benbangert	you'll have your proper User object loaded with its relations intact	14:29
*** bradmw has quit IRC		14:29
benbangert	so at Pycon, I was considering whether to implement such a "dumb" storage, where it just stashes pickled data (like Beaker does with the filesystem)	14:30
benbangert	and just call it RetardedStore	14:30
pjenvey_	well if you're using a session you obviously don't care about keeping relations intact	14:30
pjenvey_	it's for temporary storage	14:30
benbangert	and thats retarded ;)	14:30
benbangert	that should be in a cookie	14:30
pjenvey_	like maybe you're holding the data for page 1 of a multipage form	14:30
benbangert	then store it in the form	14:30
benbangert	or store it in a db table	14:31
Chairos	benbangert: can you tell me how to completely clear the pylons.cache?	14:31
pjenvey_	that's stupid	14:31
Chairos	pylons.cache.clear() doesn't work	14:31
pjenvey_	are you saying serialize a python object to a cookie	14:31
pjenvey_	you're stealing aaron schwartz horrible idea	14:31
benbangert	python object?	14:31
benbangert	what are you smoking?	14:31
benbangert	you said FORM	14:31
pjenvey_	a multipage form	14:31
benbangert	I say, keep the form elements as hidden form elements in the next page	14:31
benbangert	there is no python object	14:31
benbangert	its a form, its form data	14:32
benbangert	retain the form data in hidden fields for the next page	14:32
benbangert	then it'll even work with the Back button gasp	14:32
pjenvey_	putting it into a session is easier	14:32
pjenvey_	and i'm sure there's other examples	14:32
benbangert	session has Back issues	14:32
benbangert	if you really need to be dumping pickled crap out, make a PickleCol in your table	14:33
benbangert	So where's the prob?	14:33
pjenvey_	session is a dumb, simple object, having it handle that for you is easier	14:34
benbangert	and session is almost always mis-used	14:34
benbangert	because apparently its dumb-ness is contagious ;)	14:34
pjenvey_	and you don't always want database backed sessions, you only really want them if you have multiple front ends and what to have one centralized session store	14:34
pjenvey_	so it would only do that if you needed it	14:34
benbangert	people store random crap in it when they should use a cookie in most cases	14:34
benbangert	so you take db penalty hits for no reason	14:35
pjenvey_	'random crap' might be an object	14:35
benbangert	anyways, if someone wants to write that, power to them	14:35
benbangert	but I'm not	14:35
benbangert	there's issues serializing objects anyways, so maybe it'll work in the session, maybe it won't	14:36
pjenvey_	what issues	14:36
benbangert	when you want to handle any old random crap someone will want to stash, the only real solution is a Python object database	14:36
benbangert	objects don't always serialize	14:36
benbangert	not everything can be pickled	14:36
pjenvey_	well of course there's always that	14:37
pjenvey_	but most stuff can be	14:37
benbangert	so go write it ;)	14:37
benbangert	I'm just telling you why I'm not going to write it	14:37
aa_	well, you only need a dict of simple values don't you?	14:37
pjenvey_	well I was going to have someone write it once as a small project to learn python but then you said you were already in the process of writing it, remember?	14:37
pjenvey_	=p	14:37
benbangert	pjenvey_: I was working on a revamp, yea, but the more I did, the lamer it got	14:38
benbangert	pjenvey_: and when doing more research, the insane amount of times people mis-use sessions cropped up	14:38
benbangert	I mean, when it comes to db-backed sessions, your odds of doing stupid stuff goes up	14:39
benbangert	lots of people store user ID, and small tidbits of user data in a session	14:39
benbangert	so imagine, you have a 'dumb' db store, so first you load your session, get your user id, then go and load your user	14:40
benbangert	now you're taking even more db queries than you need to..... and its ridiculously common for this to happen with db dumb stores	14:40
benbangert	because people just treat the db session as the file one.... with no regard to the fact that they now have their actual data in the same place as the session....	14:41
benbangert	Do you want a multi-page form to keep hitting your db? Or would you prefer to use hidden form fields and not have to worry about easy ways to smack your db?	14:42
pjenvey_	there are times where you want to keep an object associated with a user's session that isn't in the state of being 'committed' yet. i.e. it's not 'committed' until a user goes through a process and finally clicks the 'commit' button. and if the user doesn't 'commit' it, it gets thrown away	14:43
pjenvey_	you shouldn't have to create a database table for this kind of data	14:43
benbangert	pjenvey_: in most every case I can think of, you'd want a table for it	14:44
pjenvey_	well you haven't thought about edge cases then	14:44
pjenvey_	you're prematurely optimizing	14:44
benbangert	I'd hate to design a system engineered solely for the edge case	14:44
steg	where would you put the Invalid object if you were re-displaying a toscawidget on a different page to where the validation is done?	14:45
steg	in the session?	14:45
benbangert	steg: anything from a form is form data, it came in as string data, its not an object	14:45
benbangert	pjenvey_: as I said, if you have an edge case and need to store random crap, make a PickleCol, its that easy	14:46
benbangert	pjenvey_: let the column save/load method handle that for you	14:46
steg	This is only tangentially related to the discussion you guys are having btw :)	14:46
steg	I'm asking because I need to be able to do something like this :)	14:46
benbangert	pjenvey_: Is there something wrong with writing 1 or 2 lines of code to encompass all the edge cases?	14:47
aa_	you can't pickle random crap you get from a form	14:47
aa_	that's insanity	14:47
steg	Form with widgets submits to another action/controller, I want to redirect back to the submission page and display errors	14:47
steg	I need to store state somewhere	14:47
aa_	I mean you really just can't ever ever do that	14:47
aa_	steg: cookie	14:47
benbangert	aa_: I'd assume its validated first	14:47
steg	Why a cookie?	14:48
steg	it makes sense to me to shove the Invalid object into the session	14:48
steg	In fact, I don't see any other sane place to put it	14:48
aa_	benbangert: validated as any blob of text?	14:48
benbangert	aa_: prolly depends on how its happening	14:49
aa_	yeah well, but please don't do that :)	14:49
benbangert	pjenvey_:if he still wants to learn Python, it'd be a nice challenge for him	14:49
benbangert	pjenvey_: but when I saw that I'd be making a solution that should really only be used for edge cases.... I just didn't want to make it	14:50
steg	I explained earlier what I was trying to do, I'll explain it quickly again if you guys don't mind	14:50
benbangert	Instead, I should be making it easier to store small temporary bits of data in a signed cookie, and some methods to make multi-page forms that use hidden fields easier to write (without requiring a session)	14:51
benbangert	People fall back to sessions for this stuff because its the "easy way"	14:51
benbangert	and easy wins over "best" almost every time	14:51
steg	I have a shopping cart handled by ShoppingCart controller. It has a .add() action that expects a POST with the product_id and the number to add.	14:51
steg	There are several different pages products can be added to this from, and each of these pages has a form that POSTs to the ShoppingCart.add action. So I do validation at ShoppingCart.add, but I want to redisplay any errors at the submission page	14:52
steg	I'd like to know if I'm being dumb :)	14:52
steg	or if that sounds reasonable	14:52
steg	it does necessitate redirecting and storing the Invalid object somewhere so it is available to the widget after the redirect	14:53
pjenvey_	sure, you're storing Product objects in your session	14:54
pjenvey_	possibly	14:54
steg	I'm only storing the Invalid object there. And also, and this is why it relates to what you guys were discussing, the form values :)	14:54
steg	so I can pass them to the widget for re-display	14:55
*** uche_ has joined #pylons		14:59
pjenvey_	I guess these guys would store those product objects in another db table or a signed cookie	15:04
pjenvey_	or a combination of the two	15:06
steg	hmm	15:07
pjenvey_	that sounds like a pain in the ass if you're not that concerned about the performance of the session lookups	15:08
pjenvey_	especially if you're ok with using the default file backed sessions now and would only consider database backed sessions in the future	15:09
steg	Yes, I'm going to use the session	15:09
steg	if it becomes a problem at some point I'll worry about it then :)	15:09
* steg goes to bed		15:10
pjenvey_	s/a pain in the ass/premature optimization/	15:11
steg	I might make some middleware to do this instead though... since I intend to redirect after all POST requests anyway... :)	15:12
steg	might be fun	15:13
steg	was thinking of doing something like this for toscawidgets anyway so that methods could be called directly on widgets	15:13
steg	(via ajax etc.)	15:13
steg	this is similar	15:13
steg	I'll have to think about it	15:15
steg	night :)	15:15
*** uche has quit IRC		15:16
*** fullpony has quit IRC		15:18
*** damjan has joined #pylons		15:21
* Chairos pokes benbangert.		15:21
*** rope has joined #pylons		15:30
steg	hmmph I think I should get rid of my habit of thinking aloud on IRC	15:36
Chairos	heh	15:36
* wiggy likes the habit		15:37
pjenvey_	speaking of thinking aloud on IRC, where's jesusphreak? =]	15:37
pjenvey_	haven't seen him around in a bit	15:37
pjenvey_	did he switch back to django?	15:37
Chairos	haven't seen him.	15:38
Chairos	check on reddit. :D	15:38
pjenvey_	maybe he switched to zope	15:38
steg	it is a bad habit because it means half-baked thoughts come out and I look like an idiot	15:38
steg	I'd rather look like an idiot based on my whole-baked thoughts :)	15:39
Chairos	heh	15:39
Chairos	pjenvey, do _you_ know anything about the pylons.cache object?	15:39
wiggy	nothing wrong with zope	15:39
steg	I saw him in #django the other day but he was arguing with them :)	15:39
Chairos	haha	15:40
* wiggy off to bed		15:40
pjenvey_	yea, where you saying it doesn't have clear()?	15:43
pjenvey_	were	15:43
Chairos	yeah	15:43
Chairos	I need to know how to invalidate the entire cache.	15:44
Chairos	all the cached results for all the keys in all the namespaces.	15:44
Chairos	knowing how to invalidate a single result for a single key in a single namespace might come in handy in the future, too.	15:44
benbangert	pjenvey_: its not premature optimization, its about good design	15:45
* Chairos is thinking about using memcache for sessions and cache.		15:45
benbangert	of course, in a lot of cluster db setups, you have a read-only db slave, and a write-master.... and there's lots of variations	15:47
benbangert	I'd feel sorry for anyone trying to write code to handle all the edge cases	15:47
benbangert	Better to write a db session toolkit	15:48
benbangert	So you could tweak it as needed for your particular case	15:48
Chairos	maybe I should post my cache question to the mailing list.	15:50
*** __pv has quit IRC		15:56
*** pobrien has quit IRC		15:56
*** creiht has quit IRC		15:57
pjenvey_	i guess we could add a clear() to cachemanager to call clear on all its caches	15:57
Chairos	I'm currently doing this:	15:58
Chairos	for ns in cache.caches.keys():	15:58
Chairos	cache.get_cache(ns).clear()	15:58
Chairos	except it doesn't actually work.	15:58
pjenvey_	yea i just saw some funkyness with that	15:58
* pjenvey_ >>> pylons.cache.get_cache('hi')['sup']		15:58
* pjenvey_ 'yo'		15:58
* pjenvey_ >>> pylons.cache.get_cache('hi').clear()		15:58
* pjenvey_ >>> pylons.cache.get_cache('hi')['sup']		15:58
* pjenvey_ 'yo'		15:58
pjenvey_	mr buggy cache i presume	15:59
pjenvey_	benbangert - database backed sessions work fine for many people	15:59
benbangert	pjenvey_: so have your friend write one	16:00
pjenvey_	session is an abstraction, if it gets the job done what the underlying behavior is isn't a big deal, even if you're considering it bad design	16:00
benbangert	session is an abstraction to deal with the fact that your user data is not in the same place as the session	16:01
benbangert	which is no longer true when the session is in a db	16:01
pjenvey_	i mean i agree some of the cases you bring up can be a stupid use of it, but i wouldn't worry about that until it actually becomes a big problem	16:01
benbangert	I'd rather make it easier to avoid the common misuses of a session	16:01
xorAxAx	like? :)	16:04
*** ianbicking is now known as ianb\|afk		16:04
vednis	all this argument over a matter of stored state :)	16:06
vednis	I agree that it would be nice to have built-in mechanisms for easily passing hidden field data around	16:11
vednis	or at least an example using webhelpers or something	16:12
*** kg has joined #pylons		16:12
vednis	and a pointer to an explanation of the tradeoffs would help newbies like me :)	16:14
ronchilla	benbangert: i've been following ur discussion of db backed sessions with pje....	16:17
ronchilla	benbangaret: i have a question for ya; where would you store a useres id in a webapp if not in a session?	16:17
benbangert	ronchilla: in the cookie of course	16:18
ronchilla	that assumes the user has cookies enabled...	16:19
benbangert	ronchilla: I'd actually store a session id, not a user id, and look up the user based on the session	16:19
ronchilla	agreed	16:19
benbangert	this might shock you, but Pylons sessions won't work without cookies ;)	16:19
benbangert	so I'm already working with that assumption	16:19
ronchilla	i noticed...	16:19
ronchilla	thats why i asked the question earlier...	16:19
benbangert	the only other place to store it would be in the URL, and that's pretty bad	16:19
benbangert	so if you don't use the URL, or a cookie. you have zero options afaik	16:20
ronchilla	agreed	16:20
ronchilla	hmmm\	16:20
ronchilla	ok, look at it this way	16:20
ronchilla	if you store the session id in a (signed) cookie you still need to hit the db every time u need bits of info about the user	16:21
ronchilla	why not simply use the session a repository of such bits?	16:21
ronchilla	if you look at it form that perspective then it doesnt matter if the session is saved on the fs or db	16:22
ronchilla	the session just becomes an ephemeral information repository	16:22
ronchilla	either ways data duplication remains irespective of the storage media	16:23
ronchilla	thats the bit i'm not sure i understand about your position on bd backed sessions...	16:23
Chairos	pjenvey: have you got any suggestions for me, or will I have to wait for the updated Beaker trunk?	16:28
*** rope has quit IRC		16:36
benbangert	ronchilla: so if you store the user id in a session (which a lot of people do), using db backed sessions means you have 2 db hits to retrieve a user instead of 1	16:36
benbangert	ronchilla: the whole thing we're talking about is db backed sessions, so yes, you will always hit the db once to get user info	16:37
benbangert	at least once that is	16:37
*** ctc_patrick has quit IRC		16:42
ronchilla	benbangaret: mabey i'm just slow today... but i cant see how it would result in two hits; (assuming the user_id example); you use the session id to query the db and get the user_id or whatever item requested - thats it. (i'm assuming that the session id is stored in a signed cookie which the framework can retrieve on each request b4 the controller (from which the session request is made) is called...)	16:48
benbangert	ronchilla: so with a dumb store, you store the user id in the session. but to get the user data, you have to use the user id and get the user info from the db	16:52
*** sloat has quit IRC		16:52
benbangert	ronchilla: one hit to load the session with the user id, another hit to load the user based on that id	16:53
*** efm has quit IRC		16:54
*** goibhniu has quit IRC		16:57
pjenvey_	Chairos - looks broken, you probably want to wait for trunk to be fixed	16:59
pjenvey_	or give us a patch to fix trunk	16:59
pjenvey_	i just wrote a test triggering it	16:59
benbangert	pylons trunk is broken? or is that the cache?	17:00
pjenvey_	beaker is	17:00
*** marcin_ant has quit IRC		17:01
ronchilla	benbangaret: thats would be true if the use for sessions involved authenticated users, think about a case where the use of the session is to trac stae information, in that case you could use hidden fields to pass information from one page to the other, but that aproach IMO also increases the attack profile of the application, to avoid this the application must treat every hidden field as tainted data and ideally should filter/validate such data before	17:01
ronchilla	use. Imagine the required overhead just to use that data and the potential for security holes..	17:01
benbangert	ronchilla: inherited FormEncode schema's makes multi-page validation pretty easy	17:01
benbangert	I think the consensus at this point is there's no silver bullet	17:02
ronchilla	true	17:02
benbangert	there's always edge cases, and there's tons of them in this case, they aren't really an 'edge'	17:02
*** zzzeek_ has quit IRC		17:03
*** elefth has quit IRC		17:03
ronchilla	ok	17:04
benbangert	we can think about cases all day long that break anything anyone will come up with ;)	17:04
ronchilla	yeah, thats true :)	17:04
*** elefth has joined #pylons		17:04
benbangert	if you don't want to validate the data every step, include another field that is a signature for the other ones	17:04
benbangert	that way you don't need to re-validate, but you can ensure it wasn't tainted	17:04
ronchilla	thought of that; but still doesnt remove the code bloat factor...	17:05
benbangert	why is that code bloat?	17:05
ronchilla	i'd have to have code to do the extra bit of checking...	17:05
benbangert	2 lines of code is bloat?	17:05
ronchilla	:)	17:05
benbangert	@secure_multipage on your action	17:06
ronchilla	2 lines of code in a 10, 100, 1000 functions is	17:06
benbangert	and inside the page, ${ h.secure_fields(c.formvars) }	17:06
benbangert	and bam, you no longer need to do the session saves and loads ;)	17:06
benbangert	so you haven't done code bloat	17:06
benbangert	you've replaced the session loading and saving code with 2 lines that retain state in the form securely	17:07
ronchilla	is secure_multipage a part of formencode?	17:07
benbangert	doesn't exist yet	17:07
ronchilla	lol	17:07
benbangert	that's what I want to write	17:07
benbangert	its what I've been saying for awhile today.... which is, I'd like to write some functions that make it easy to not need sessions for these things	17:08
benbangert	and that eliminates the common edge cases	17:08
ronchilla	what about the performace penalty of adding a decorator to an action	17:08
ronchilla	dont bother	17:08
benbangert	;)	17:08
ronchilla	i answered my own question	17:08
benbangert	yea, that extra function call will never hurt as much as session saving/loading :)	17:09
ronchilla	:)	17:09
benbangert	so if its really easy to store data in a cookie securely, and easy to securely retain information on multi-page forms.... I think that'd eliminate most of the common places where people use sessions (for non user-store stuff)	17:10
ronchilla	and waht abot the 4k cookie limit?	17:10
benbangert	what about it?	17:11
benbangert	don't store that much. ;)	17:11
ronchilla	:)	17:11
benbangert	there's always options	17:11
ronchilla	true	17:11
benbangert	maybe you want to store lots of objects, maybe you should be using ZODB	17:11
benbangert	or Schevo	17:11
ronchilla	sessions are definitley not for storing objects	17:12
ronchilla	although it can be tempting...	17:12
ronchilla	benbangaert: any ideas when pylons 0.95 will be out?	17:14
benbangert	I'm going to try and get out Routes tonight	17:14
benbangert	if Paste is fine as is (which I think it is), then Pylons 0.9.5 this week	17:15
ronchilla	that would be great!	17:15
*** benbangert has quit IRC		17:24
*** kg has quit IRC		17:38
*** btbytes___ has joined #pylons		17:42
*** btbytes___ is now known as btbytes		17:42
*** etrepum_ has joined #pylons		17:47
*** etrepum has quit IRC		17:47
*** triplah_ has joined #pylons		17:47
*** windle has joined #pylons		17:48
*** btbytes__ has quit IRC		17:50
*** fullpony has joined #pylons		17:55
matt_good	any suggestions for dealing with the permissions error pages with AuthKit	18:03
matt_good	depending on the ordering of the middleware I either get just plain pages with the AuthKit error and message	18:04
matt_good	or I get the nice Pylons page, but it doesn't display the reason	18:04
windle	hmm	18:07
windle	I thought there was a doc on customizing that?	18:07
*** btbytes___ has joined #pylons		18:13
matt_good	well, there's a section in the AuthKit Pylons integration doc on setting up an error_mapper	18:15
matt_good	but that's supposed to be unnecessary with Pylons 0.9.4	18:16
*** zzzeek_ has joined #pylons		18:17
*** btbytes has quit IRC		18:20
*** zzzeek_ has quit IRC		18:41
*** efm has joined #pylons		18:41
*** zzzeek_ has joined #pylons		18:42
*** creiht has joined #pylons		19:20
*** btbytes____ has joined #pylons		19:31
*** btbytes____ is now known as btbytes		19:31
*** btbytes___ has quit IRC		19:41
Chairos	is there a good way of having a middleware apply only to a controller?	19:43
Chairos	not the entire app	19:44
Chairos	I tried wrapping the controller class in it, but I got this exception: <type 'exceptions.TypeError'>: default __new__ takes no parameters	19:44
tanuki	Where's the documentation for h.url_for?	20:02
tanuki	I have this in my template: <% h.url_for(controller='account', id=c.creator, action='view') %>	20:03
tanuki	but it returns the same page it's on	20:03
*** btbytes____ has joined #pylons		20:24
*** creiht has quit IRC		20:35
Chairos	tanuki: http://routes.groovie.org/module-routes.html#url_for	20:40
*** btbytes has quit IRC		20:41
*** zzzeek_ has quit IRC		20:59
*** btbytes_____ has joined #pylons		21:02
*** btbytes_____ is now known as btbytes		21:03
*** fullpony has quit IRC		21:04
*** btbytes____ has quit IRC		21:20
tanuki	How do I select using a substring ("WHERE column LIKE '%substr%'") using SQLAlchemy? I've asked in #sqlalchemy but nobody's around	21:33
Chairos	see the first example here: http://www.sqlalchemy.org/docs/sqlconstruction.html#sql_whereclause_operators	21:36
*** btbytes has quit IRC		21:38
tanuki	But how does that combine with the model specification?	21:39
tanuki	... never mind, found it	21:46
tanuki	bah	21:46
*** cwells has joined #pylons		21:56
*** etrepum has joined #pylons		22:15
*** etrepum_ has quit IRC		22:15
Chairos	matt_good: http://mail.python.org/pipermail/distutils-sig/2007-April/007462.html	23:11
matt_good	Chairos: nice, I'll be sure to bookmark that	23:15
*** climbus has joined #pylons		23:25
*** kg has joined #pylons		23:29
*** windle has quit IRC		23:35
*** matt_good has quit IRC		23:40

Generated by irclog2html.py 2.4 by Marius Gedminas - find it at mg.pov.lt!