I am designing a python web app, where people can have an email sent to them on a particular day. So a user puts in his emai and date in a form and it gets stored in my database.
My script would then search through the database looking for all records of todays date, retrive the email, sends them out and deletes the entry from the table.
Is it possible to have a setup, where the script starts up automatically at a give time, say 1 pm everyday, sends out the email and then quits? If I have a continuously running script, i might go over the CPU limit of my shared web hosting. Or is the effect negligible?
Ali
Is it possible to have a setup, where
the script starts up automatically at
a give time, say 1 pm everyday, sends
out the email and then quits?
It's surely possible in general, but it entirely depends on what your shared web hosting provider is offering you. For these purposes, you'd use some kind of cron in any version or variant of Unix, Google App Engine, and so on. But since you tell us nothing about your provider and what services it offers you, we can't guess whether it makes such functionality available at all, or in what form.
(Incidentally: this isn't really a programming question, so, if you want to post more details and get help, you might have better luck at serverfault.com, the companion site to stackoverflow.com that deals with system administration questions).
Related
I will keep it short.
Can someone please point me in the right direction in:
How to authenticate users in native applications written in Python?
I know in web there are sessions, but I can't think of a way to implement authentication, that will 'live' for some time and on expiry I can logout the user?
EDIT:
I am referring to desktop type of apps, I am fairly happy with the implementation for Web based development in Twisted
EDIT 2
The application I am thinking about will not authenticate against a server, but a self-contained application, an example the idea is a Cash Register/Point of Sale (my idea is kinda different, but parts of the functionality is the same), in which I need to authenticate the cashier, so I can log the transactions processed by him/her, print name on receipt and etc. All will be based in one single machine, no server communication or anything
It’s not entirely clear what kind of security you are expecting.
In general, if the end user has physical access to the machine and a screwdriver, you’re pretty much screwed—they can do whatever they want on that machine.
If you take hardware security as a given, but want to ensure software security, then you’re going to have to do server communication within the machine’s boundaries. You have to separate the server and the client, and run the server in a security context that is inaccessible to the user. The server will then do both the authentication and whatever operations need authentication (printing out receipts etc.). For example, under a Unix-like OS, you would run a daemon under a dedicated system user or under root; on Windows, you would have a system service running as LOCAL SERVICE or whatever that’s called. In this way, the operating system’s built-in security features will ensure (given proper maintenance, like timely application of security hotfixes) that the user cannot influence the behavior of the software that does the sensitive operations. The protocol between the client and the server can be anything, and you can do authentication in much the same way as in HTTP—indeed, you may even use HTTP itself.
Finally, if you’re certain that your users will not be tampering with your system at all—e.g. because they lack the technical skills, or are being watched by CCTV cameras—you can forget all that stuff and go with Puciek’s answer.
You seem to be very confused and fixated on "sessions" for some reasons, maybe because your background is in the web apps?
Any-who you don't need "sessions" because with desktop application you have no trouble telling who is using the software without needing some elaborate tools. You don't need server, you don't need authentication tools, you don't need anything - just store that user within your single application. That is all really - a variable within your application called "user" and maybe some interface at the boot to pick one from available users.
And if you need it to last between boots, just save it in a file and read from it.
If you're using Unix, rely on the fact that it's a multi user system. That is, the user has already logged in using his own credentials, so you don't need to do anything, just use its home directory to store the data, taking care to block other users from accessing it by using permissions. You can improve this to provide encryption too. For global application data, you can specify a "manager" user or group, with its own directory, where the application can write.
All this might be possible on Windows systems too.
I'm trying to build a django app that can monitor and interact with a remote database (to interact with the database in a basic way - just performing a look-up and only sometimes making a little change in the remote data), it also has to sometimes store the remote data to its own database.
The website which sits on the remote database is a community website, and anyone without an account is allowed to post on the website's forums. I want the app to be able to check the database every now and then to see for any updates in the discussions. The site gets at least 100 posts an hour and since anyone is allowed to post on the forums without an account, it occasionally gets spammed, but unfortunately the CMS that is being used does not have a good anti-spam system set up.
Only way that I can think of at the moment is to make a python file, and in that file I can import MySQLdb. I can connect to the remote database (mysql) server and select all the posts that have been made in the last X minutes. Using a function that calculates the probability of a post being a spam or not, I can again talk to the remote database and flag the candidates to be not displayed on the website. I can have this file run "every now and then" using cron.
The problem here is a lack of control. I want to have a user interface that can show all the spam candidates on a single webpage and have an "unflag" button to make accidentally flagged posts to be shown on that website again. This means that I'll probably be better off writing a django web app than to write a single python script that simply just flags spam candidates.
How would I have a django app or perhaps a function within that app (which can perform all actions that the stand-alone python script as described above can perform) to run automatically every now then (say every minute)?
Maybe you should try django-celery?
I am working on a project for work that requires me to pull information from a logfile and send a notification anytime it finds a the specific information. For example the exact issue I am working on is I am needing to create a python script that will look into may /var/log/auth.log (FreeBSD system) and pull any invalid SSH login attempts, then proceed to email me and another co-worker anytime there is an offense.
I've been looking all over for a few days now and have had minimal success any help would be greatly appreciated.
I think what you're really after is a daemon like fail2ban, which is specifically designed to examine log files for intrusion attempts.
From the fail2ban wiki:
Fail2ban scans log files (e.g. /var/log/apache/error_log) and bans IPs
that show the malicious signs -- too many password failures, seeking
for exploits, etc. Generally Fail2Ban then used to update firewall
rules to reject the IP addresses for a specified amount of time,
although any arbitrary other action (e.g. sending an email, or
ejecting CD-ROM tray) could also be configured. Out of the box
Fail2Ban comes with filters for various services (apache, curier, ssh,
etc).
This would probably work better than any solution you baked yourself.
That said, if you did want to roll your own, the naive way to implement periodic checking of a file is simply to read it every five minutes and see if it's changed.
The smarter way is to use the operating system's file monitoring service, which hooks into the filesystem driver and notifies you as soon as the file changes. This has the dual benefits that your code will take less CPU time, and it will respond immediately whenever the file changes.
On Linux the service is called inotify. BSD and Windows have an equivalent feature.
You could run a cron job every few minutes that checks for changes in that file. If there are any changes, it will email you, by using, for example, smtplib. Here is an example of smtplib usage with sendgrid: http://docs.sendgrid.com/documentation/get-started/integrate/examples/python-email-example-using-smtp/
How do you find out if a file was modified?
You keep a copy of the file as it looked in the previous script run, and compare that to the current contents
You check the file's last modification time.
This is just a general idea that can be tweaked, and all the 'ingredients' can be found on google, so you should be able to implement it by googling yourself.
Hope this helps.
As a rough idea for a cron job:
with open('/var/log/auth.log') as auth:
for line in auth:
if 'blahblah' in line:
# send email
You'll want to check out the email module for emailing details. You'll also want a way to keep track of what's already been scanned, so you don't end up sending duplicate emails.
I am attempting to create an online estimate scheduler for my company. I am creating a database full of times for a one week period. There will be associated check boxes with these database entries and if a user selects a date and time I plan to drop the specified time from the database and then send an email to my account with their provided information as well as the time. I want the database to automatically reset each 7 days so that all times are available for that week. I am having a couple of issues....
I am using mySQL and python for the scripting. I can not figure out how to mail to myself, and I do not know how to periodically reset the database without my intervention. If you guys could shed any light on this it would be greatly appreciated. Thanks for the help guys!
E-mail could be taken care of using the smtplib and email modules. These two example links may help: Example1, Example2.
As far as "periodically" doing things, you'll find that cron is an amazing utility. It allows you to schedule things to happen on a recurring basis. In your case, you would develop a small script that would do the "reset" that you want and schedule it in cron to run weekly. Some good example docs are found here.
If you're running on windows instead, look into the Windows scheduler to do the same thing.
before anything, I wanna you to Know that I'm a Complete Newbie
in these things about developing "paid" webapps. I have been reading some posts
about how to integrate Paypal's IPN with Google App Engine, and I have some questions
about the topic, the thing is like this:
I want to use a paypal's Subscribe button in my webapp (wich is developed with GAE's Python base)
so the users can subscribe to the premium version if they don't want to use the free one anymore...
I was reading that paypal can help me to manage this thing about the users control via IPN but
I have to setup that in my GAE App and I don't know how... For example:
Where the notification URL has to point to in paypal's profile configuration?
I believe it has to point to a python script in my app but I'm not sure... If
that is true, What does this python script has to have?
Then, after that's finished, How can I make paypal create
usernames and passwords for my users in order to keep non premium users out of the
"premium features"?? I don't want links to something, I need explanations on how
to implement a "Paypal Subscriptions service" inside a Python based app on GAE
in order to offer a "premium service" and a free one,
Thanks, hope you can help
To make a short answer (as I'm not exactly sure what's the scope of your question).
It's not paypal's job to maintain your data model. You need to create a database entry with your users.
For an example of that, look Google's documentation at
http://code.google.com/appengine/docs/python/gettingstarted/usingusers.html
and, more importantly, http://code.google.com/appengine/docs/python/gettingstarted/usingdatastore.html
So you could create, for example, data model of this sort:
class Users(db.Model):
gae_user_object = db.UserProperty()
premium_member = db.BooleanProperty(default=False)
(of course, since you want to track subscriptions, this would be way too limited but you can get the idea).
and make the script called by Paypal trigger a function to change the value of *premium_member*...
Yes, paypal instant payment notification will call your app (you can specify somewhere in Paypal interface what uri, so you can choose what to map it to, preferably using your https appspot subdomain). Your app will need to store what paypal just sent and, before officializing anything, call Paypal servers back with the parameters that were just sent to know if the first was truly made by Paypal and not someone else.
To see a working example of that, check http://blog.awarelabs.com/2008/paypal-ipn-python-code/ and http://groups.google.com/group/google-appengine-python/browse_thread/thread/d76701e774e308be, even if both these example sucks (it will probably work, but don't use them as is in production as you'll notably end up with real bad error management).