I have a little Flask app (Python3) that is starting to get a little more complicated so I decided to switch from SQLite to Postgresql. I knew this would throw a few issues for me but my codebase has decent test coverage so I was confident I could iron out any wrinkles before pushing to production.
In particular, anywhere I entered a password, I had to encode (password.encode('utf-8')).
(As an aside, timezones was the other area I had some issues. I ultimately ended up removing timezones from any date I was using.)
But there's just one last bug I can't figure out. To test that passwords are updated I have the following test:
self.assertTrue(bcrypt.check_password_hash(
user.password, new_password
))
That should check the current password (which looks like a bytes sting when I print it) against the new_password. But I get an error saying ValueError: Invalid salt
I'd love to know how to fix this but I'd also love someone to explain what's going on here.
So it turns out the problem was the way I was saving the password. In this particular instance I should have saved the password like so:
user.password = bcrypt.generate_password_hash(
request.form['password']
).decode('utf-8')
db.session.commit()
Now the test above works.
Related
I'm working on a web app in Rust. I'm using Tokio Postgres, Rocket and Tera (this may be relevant).
I'm using the following to connect to my DB which doesn't fail in either case.
(sql_cli, connection) = match tokio_postgres::connect("postgresql://postgres:*my_password*#localhost:8127/*AppName*", NoTls).await{
Ok((sql_cli, connection)) => (sql_cli, connection),
Err(e) => return Err(Redirect::to(uri!(error_display(MyError::new("Failed to make SQLClient").details)))),
};
My query is as follows. I keep my queries in a separate file (I'm self taught and find that easier).
let query= sql_cli.query(mycharactersquery::get_characters(user_id).as_str(), &[]).await.unwrap();
The get characters is as follows. It takes a user ID and should return the characters that they have made in the past.
pub fn get_characters(user_id: i16) -> String {
format!("SELECT * FROM player_characters WHERE user_id = {} ORDER BY char_id ASC;", user_id)
}
In my main file, I have one GET which is /mycharacters/<user_id> which works. This GET returns an HTML file. I have another GET which is /<user_id> which returns a Tera template. The first works fine and loads the characters, the second doesn't: it just loads indefinitely. I initially thought this was to do my lack of familiarity with Tera.
After some troubleshooting, I put some printouts in my code, the one before and after the SQL call work in /mycharacters/<user_id>, but only the one before writes to the terminal in /<user_id>. This makes me think that Tera isn't the issue as it isn't making it past the SQL call.
I've found exactly where it is going wrong, but I don't know why as it isn't giving an error.
Could someone please let me know if there is something obvious that I am missing or provide some assistance?
P.S. The database only has 3 columns, so an actual timeout isn't the cause.
I expected both of these SQL calls to function as I am connected to my database properly and the call is copied from the working call.
This is the config file
baseURL = "https://.github.io/"
languageCode = "en-us"
title = "Title"
theme="hugo-PaperMod"
[[params=]]
[[homeInfoParams=]]
Title= "Hi there wave"
Content= "Can be Info, links, about..."
[[socialIcons=]]
- name= "github"
url= "<link>"
- name= "<platform 2>"
url= "<link2>"
This is the error on the powershell
ERROR 2021/08/15 17:40:30 "C:\Users\user\Desktop\blog\webapp\config.toml:5:9": unmarshal failed: toml: expected character U+005D
Rebuilt in 1 ms
I'm a total beginner in this area its most likely a basic thing but i can't figure it out.
TLDR; Take the equals signs out of your config's toml.
P.s. Their are no equals signs in the [[]] statements.
Some advice:
If your code doesn't work, verify your code (validate)-
https://www.toml-lint.com/
If you don't understand the language syntax when the validator gives you errors, check your specific misunderstanding in that language (that linter will give you more data).
https://github.com/toml-lang/toml
As it's hugo and they have pre-built config files for you to review, review what other people have done that does work:
https://gohugo.io/getting-started/configuration/#readout
https://themes.gohugo.io/
Additional, when looking at your question and the wider sphere:
Why do you say annoying error? English isn't my first language. But it's telling you that your toml is miswritten so it can't parse it. The more accurate information you give the more accurate information you will get back from others in the field.
So, a better example would be (and this is an idea):
"HUGO Config.toml errors, uncertain of correct syntax"
I'm trying to analyze how postgreSQL parse a query, and after some postgreSQL source code tracing with embedding printf() here and there, I've known that the query will be parsed into raw parse tree with raw_parser, which located in file parser.c.
The strange thing is, I've already embedded a printf() dummy in the raw_parser, and after re-installing the postgreSQL and execute a query, my printf() dummy is not printed to the screen!
Can anybody please help me, where I went wrong?
Thanks in advance :D
if you use printf(stderr, "...."), then you can find result in server log. Don't forget - you are not work with server directly. For debugging purposes there are a elog function - it's like printf for client application:
elog(NOTICE, "some text");
a format string is same like printf's format - but you must to remember, PostgreSQL uses a different formats than glibc - so you can to show only integer or float variables. String variables uses different format than is C zero finished string.
For our website, we set up the account activation email with the following tutorial (in cakephp):
http://www.jonnyreeves.co.uk/2008/06/cakephp-activating-user-account-via-email/
On our live site, it seems that the activation works for the most part, however some people are receiving the following error when clicking on the activation email link to activate their account:
Error: The requested address '/users/activate/36/10a1a794' was not found on this server.
This is odd to me because the link looks fine: "users" controller, "activate" action, user_id = 36, and hash code = 0a1a794. Not sure why this error is happening. One thing I read is to clear the files in the cache folder and that didn't seem to change anything. Please help thanks!
The activation hash has limited validity(same day).
So if send the activation email on 1st of any month, it will be valid till 11:59pm of 1st. The link wont work after 12:00am(technically 2nd of the month).
Hope that helps.
Yes, that's what Josh R said, the hash is computed for the same day and this is a VERY bad idea.
You should either stop hashing the date or validate against two values: one for today's date, one for yesterday's date.
Also, a recommendation: don't just go there and copy the files, try to learn something from it and please, do it your way. You'll learn a lot more.
I'm in a web scripting class, and honestly and unfortunately, it has come second to my networking and design and analysis classes. Because of this I find I encounter problems that may be mundane but can't find the solution to it easily.
I am writing a CGI form that is supposed to work with a MySQL DB. I can insert and delete into the DB just fine. My problem comes when querying the DB.
My code compiles fine and I don't get errors when trying to "display" the info in the DB through the browser but the data and text doesn't in fact display. The code in question is here:
print br, 'test';
my $dbh = DBI->connect("DBI:mysql:austinc4", "*******", "*******", {RaiseError => 1} );
my $usersstatement = "select * from users";
my $projstatment = "select * from projects";
# Get the handle
my $userinfo = $dbh->query($usersstatement);
my $projinfo = $dbh->query($projstatement);
# Fetch rows
while (#userrow = $userinfo->fetchrow()) {
print $userrow[0], br;
}
print 'end';
This code is in an if statement that is surrounded by the print header, start_html, form, /form, end_html. I was just trying to debug and find out what was happening and printed the statements test and end. It prints out test but doesn't print out end. It also doesn't print out the data in my DB, which happens to come before I print out end.
What I believe I am doing is:
Connecting to my DB
Forming a string the contains the command/request to the DB
Getting a handle for my query I perform on the DB
Fetching a row from my handle
Printing the first field in the row I fetched from my table
But I don't see why my data wouldn't print out as well as the end text. I looked in DB and it does in fact contain data in the DB and the table that I am trying to get data from.
This one has got me stumped, so I appreciate any help. Thanks again. =)
Solution:
I was using a that wasn't supported by the modules I was including. This leads me to another question. How can I detect errors like this? My program does in fact compile correctly and the webpage doesn't "break". Aside from me double checking that all the methods I do use are valid, do I just see something like text not being displayed and assume that an error like this occurred?
Upon reading the comments, the reason your program is broken is because query() does not execute an SQL query. Therefore you are probably calling an undefined subroutine unless this is a wrapper you have defined elsewhere.
Here is my original posting of helpful hints, which still apply:
I hope you have use CGI, use DBI, etc... and use CGI::Carp and use strict;
Look in /var/log/apache2/access.log or error.log for the bugs
Realize that the first thing a CGI script prints MUST be a valid header or the web server and browser become unhappy and often nothing else displays.
Because of #3 print the header first BEFORE you do anything, especially before you connect to the database where the script may die or print something else because otherwise the errors or other messages will be emitted before the header.
If you still don't see an error go back to #2.
CGIs that use CGI.pm can be run from a command line in a terminal session without going through the webserver. This is also a good way to debug.