[Zope] cookie Crumbler problem

Joshua Newman josh at jnew.org
Thu Mar 25 18:26:32 EST 2004


>>>>> "Chris" == Chris Withers <lists at simplistix.co.uk> writes:

    >> When I don't try to change the properties from the python
    >> script I can see and print the variables (prop and propval)
    >> perfectly.  But it is as if the manageAddProperties('prop',
    >> prop) wrecks access to the variables.

Whoops that was pretty unclear.

    Chris> Take a step back. What are you trying to do? What
    Chris> tracebacks are you getting? What are the revelent lines of
    Chris> code that you've written?

I'm trying to process a form to change properties.  If a user is
authenticated when at the form, all is smooth.  When a user is
anonymous and submits the cookie authentication in the middle of the
transaction seems cause an error.

    >> Error Type: KeyError Error Value: 'prop'
    Chris> What's the traceback to go with the above?

Traceback (innermost last):
  Module ZPublisher.Publish, line 100, in publish
  Module ZPublisher.mapply, line 88, in mapply
  Module ZPublisher.Publish, line 40, in call_object
  Module Shared.DC.Scripts.Bindings, line 306, in __call__
  Module Shared.DC.Scripts.Bindings, line 343, in _bindAndExec
  Module Products.PythonScripts.PythonScript, line 318, in _exec
  Module None, line 3, in editCalendarProperty
   - <PythonScript at /masonicmed/dailySchedule/editCalendarProperty>
   - Line 3
  Module AccessControl.ZopeGuards, line 67, in guarded_getitem
  Module ZPublisher.HTTPRequest, line 1214, in __getitem__
KeyError: 'propval'

Code for form: (in html without the end brackets)

input name="prop" type="hidden" value="<dtml-var prop>"
textarea name="propval" rows="15" cols="65" wrap="hard"
/textarea

and the python code :

REQUEST = context.REQUEST
propval = (REQUEST['propval'])
prop = (REQUEST['prop'])
if ( context.index_html.hasProperty(REQUEST['prop']) ):
   context.index_html.manage_changeProperties({ REQUEST['prop'] : propval })
else:
   context.index_html.manage_addProperty(REQUEST['prop'], propval, 'text')
return REQUEST.RESPONSE.redirect(REQUEST['URL1'])

What's interesting is that it works when a user is already
authenticated and makes it to the edit form.  It fails only when the
form is arrived at by an anonymous user and has to authenticate in the
middle of the form submission when the python script requires
privileges in order to change properties.

I'm using Cookie crumbler (newest version).  And I've tried making the
individual pages secured but the same problem occurs.  When the form
is secured it disables the passed variables needed to use the form.
And when the python script is secured the same problem happens as above.

Thanks for the willingness to take a look at this.
j
 




More information about the Zope mailing list