9 April 2020 Updated 9 April 2020
by
Peter
We all know the Integer Autoincrement Primary Key. Works great, much software is doing it this way. It is fast. But it also has limitations.
An alternative for the Integer Autoincrement Primary Key is the UUID (Universally Unique IDentifier) Primary Key. A UUID is a 128-bit number. It can be represented by a string, for example:
05390f2b-48e8-45c7-8ae4-08272dc69122
or a hex string (the same as above ...
Read more
Read more
24 March 2020 Updated 25 March 2020
by
Peter
Flask is hot. Everyone loves Flask. I believe the main reason is that it is so easy to start with Flask. You create a virtual environment, copy-paste a few lines of code from some example, point your browser at 127.0.0.1:5000 and there is your page. Then you hack a little with a Jinja template and you get a beautiful page. You can even run Flask on a Raspberry Pi, isn't that wonderful? My main reason ...
Read more
Read more
10 March 2020 Updated 11 March 2020
by
Peter
The problem: a customer wants an application with a certain functionality and want this yesterday. What you do is look for a plug-and-play solution, libraries and/or extensions. You tell your customer that you can do it, customer is happy, you do it. For example, you take Wordpress, select and configure some plugins. Problem solved, or is it?
Yes, the problem is solved but for how long? After some ...
Read more
Read more
29 February 2020 Updated 29 February 2020
by
Peter
I never really checked if CSRF protection was working in my Flask application, this website. Is it enabled by default? From the Flask_WTF extension documentation:
Any view using FlaskForm to process the request is already getting CSRF protection.
And from the text of Miguel Grinberg's post 'Cookie Security for Flask Applications':
If you are handling your web forms with the Flask-WTF extension, ...
Read more
Read more
22 February 2020 Updated 22 February 2020
by
Peter
While working on comments system for the first time I bounced into the problem of having multiple WTForms forms on a single page. On every page there also is the search form but this is not a POST form. It is doing a GET. The comments system uses two forms:
Comment form
Comment reply form
The comment form is immediately below the content item, blog post or page, the comment reply form is initially ...
Read more
Read more
15 February 2020 Updated 18 February 2020
by
Peter
I hoped to tell you today that you could comment on the blog posts of this website now. That would have meant that I completed the first implementation of the comments system. Unfortunately I stumbled upon some problems, yes of course, I am a programmer, and one of them involved the TextAreaField.
I just wanted a simple extended version of the WTForm TextAreaField, just add a character counter field ...
Read more
Read more
8 February 2020 Updated 16 February 2020
by
Peter
Now that I have blog posts, pages and a contact form, I decided to implement the comments for the blog posts and pages. Not just flat comments but threaded comments, also called nested comments. Some months ago I read about this and I really liked Miguel Grinberg's article: Implementing User Comments with SQLAlchemy.
As often Miguel starts with defining the problem and some hard core theory and explaining ...
Read more
Read more
30 January 2020 Updated 30 January 2020
by
Peter
When you start with Flask you read a bit about the Application Context, TL;DR. Do not know about you but I certainly did not understand it fully. What is app, what is current_app, what is the difference, you just start programming your application. All the time in the background there is this weird buzz: what exactly is the Application Context ... Then at a certain moment when using a class you instantiated ...
Read more
Read more
24 January 2020 Updated 24 January 2020
by
Peter
When you sign up for this website you are assigned an avatar image. Of course you can change the avatar in 'your account' and this is done using an image picker. Many image pickers examples can be found on the internet. But this is a Flask site including WTForms and I want the image picker to be generated by the wonderful Jinja macro I am using, see also link below, ok, I modified it a bit. With this ...
Read more
Read more
13 January 2020 Updated 13 January 2020
by
Peter
Time for joy or crisis: running the OWASP Zed Attack Proxy (ZAP) application to check vulnerabilities of our web application. Developers often know there are weak points in their code, but there always is a date of delivery. So why not use a tool that list the well-known and important ones? This is my first time using ZAP so if are an expert you best stop reading here. In the links below there ...
Read more
Read more
Welcome
This website is not finished. I started it because I wanted to learn Python, ORM and the framework Flask. And as I wanted to deploy it to my ISPConfig3 (Nginx + Mariadb) webserver I also had to dive into Docker. Read more
Most viewed:
- Two Flask apps, frontend and admin, on one domain using DispatcherMiddleware
- Adding url_for() links to Jinja templates of a Flask multilanguage website
- Docker containers suddenly using 192.168.0.0/16 instead of 172.17.0.0/16: services lost
- Developing Ubuntu Touch apps with Python using pyOtherSide
- ISPConfig: running a Python Flask Docker container as a jailed Shell User
- Refining multilanguage: adding language fallback as an option