"show" then passes everything to the view "default/show.html". Consequently, the hash is self-identifying, allowing, for example, the algorithm to be changed without invalidating previous hashes. sets the log message on successful record read access. sets the label of the "delete" checkbox in "update" forms. As in the previous case, it performs validation of the input, but additionally, if the input passes validation, it also performs a database insert of the new record and stores in form.vars.id the unique "id" of the new record. This is not allowed by default, since the wiki model is defined only after the wiki interface is requested with the auth.wiki() method. Use (-1, -1) as minsize to bypass the image-size check. The difference is that this query is not sent to the database but it is converted to JavaScript and sent to the browser where it is executed when the user edits the form. In the case of files, the value is a cgi.FieldStorage, so it validates the length of the data in the file, which is the behavior one might intuitively expect. It allows packing the application without source code for distribution as closed source. By default, CRYPT uses random salt, such that each result is different. Note that you still have to call auth.wiki() in the controller or view in order to expose the wiki interface, since the resolve=False parameter instructs the auth object to just build the wiki model without any other interface setup. Static files are stored in the application's static subfolder (that's where they go when uploaded using the administrative interface). If you click on a web2py keyword, you are redirected to a documentation page about the keyword. If the page contains a single form, you can set formname=None and omit the hidden field in the view. Line 6 defines a format string for the table. So, IS_IN_SET can be followed by IS_INT_IN_RANGE (which converts the value to int) or IS_FLOAT_IN_RANGE (which converts the value to float). The edit page tells you what is inside the application. The same can be done for UPDATE/DELETE forms by breaking: In the case of a table including an "upload"-type field ("fieldname"), both process(dbio=False) and validate() deal with the storage of the uploaded file as if process(dbio=True), the default behavior. In the latter case, you would be checking only the set defined by the Set. So when we save the record we want to check for possible conflicts. You can use the env parameter of auth.wiki to expose functions to your wiki. In web2py migrations are automatic, but can be disabled for each table by passing migrate=False as the last argument of define_table. Any operation performed on a file via the admin interface (create, edit, delete) can be performed directly from the shell using your favorite editor. The administrative interface provides additional functionality that we briefly review here. You can extend oembed support by registering more services. This enforces selection of at least one choice. The minimum and maximum limits can be None, meaning no lower or upper limit, respectively. All tags in the form have names derived from the table and field name. It hides "blob" fields, since they are supposed to be handled differently, see More on uploads section in Chapter 6 for an example. It lists all installed applications on the left, while on the right side there are some special action forms. I have two controllers in it. The model must contain three tables: page, comment, and document. Every application has its own appadmin; therefore, appadmin itself can be modified without affecting other applications. The name of this link can be changed via the labels argument of the SQLFORM, for example: If you click on the link you get directed to: "list_records" is the specified action, with request.args(0) set to the name of the referencing table and request.vars.query set to the SQL query string. From now on, we will refer to this interface simply as appadmin. They are rendered as INPUT fields of type="file". appadmin replaces response.menu with its own menu, which provides links to the application's edit page in admin, the db (database administration) page, the state page, and the cache page. IS_NOT_IN_DB(a, b) is a special validator that checks that the value of a field b for a new record is not already in a. and you need a form to allow the visitor to modify this dictionary. The arguments of add_button are the value of the button (its text) and the url where to redirect to. Each file listed in the section corresponds to a file physically located in the subfolder. When using SQLite, if the database file does not exist, it is created. It also must be linked to a specific database. The layout file can be edited and replaced easily, since it mainly contains HTML code. If you click on any file name, you can see the contents of the file with syntax highlighting. written by Massimo Di Pierro in English, """ this controller returns a dictionary rendered by the view, """browser, edit all documents attached to a certain page""", "ajax('callback', ['keyword'], 'target');", """an ajax callback that returns a