From aharrin at luc.edu Mon Apr 2 16:20:34 2018 From: aharrin at luc.edu (Andrew Harrington) Date: Mon, 2 Apr 2018 16:20:34 -0400 Subject: [Edu-sig] Simplest webapps In-Reply-To: References: <4bee909c-1437-4ed9-57b7-ce2dd709e0d2@ut.ee> Message-ID: Bottle sound like it makes things very simple. I also have a chapter introducing server-side Python interaction in very simple cases. http://anh.cs.luc.edu/python/hands-on/3.1/handsonHtml/ch4.html It does come well after function introduction. Dr. Andrew N. Harrington Computer Science Department Graduate Program Director gpd at cs.luc.edu Loyola University Chicago 207 Doyle Center, 1052 W Loyola Ave. http://www.cs.luc.edu/~anh Phone: 773-508-3569 Dept. Fax: 773-508-3739 aharrin at luc.edu (as professor, not gpd role) On Sat, Mar 31, 2018 at 8:20 PM, Wes Turner wrote: > Web programming is fun but dangerous. > Things as simple as 'it reads a file off the disk and sends it to the > user' can unintentionally expose every readable file to whoever or whatever > can access localhost. > > ```python > os.path.join('here', '/etc/shadow') > path = 'here/' + '../../../../etc/shadow' > ``` > > All of the examples in this thread are susceptible to XSS (Cross Site > Scripting) and CSRF (Cross-site Request Forgery). Don't feel bad; many > college web programming courses teach dangerous methods, too. > > XSS: > ``` > x = """""" > return f'{x}' > """ > > Bottle has multiple templating engines which escape user-supplied input > (in order to maintain a separation between data and code). > > Like XSS, SQLi is also a 'code injection' issue. pypi:Records can use > SQLAlchemy. Django is a great framework with a built-in ORM that also > escapes SQL queries. > > CSRF: > - X posts an XSS to site A that POSTs to site B > - 100 users view site A > - [...] > > http://bottle-utils.readthedocs.io/en/latest/csrf.html > > https://bottlepy.org/docs/dev/tutorial.html#html-form-handling > > OWASP has a lot of information on WebSec: > > OWASP Top 10 > https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project > > The OWASP Vulnerable Web Applications Directory Project (VWAD) > https://github.com/OWASP/OWASP-VWAD > > Any program or user on the system can read and write to localhost. > > > On Saturday, March 31, 2018, Wes Turner wrote: > >> Bottle is a single file web microframework. >> >> https://github.com/bottlepy/bottle >> https://github.com/bottlepy/bottle/blob/master/bottle.py >> >> > Example: "Hello World" in a bottle >> >> ```python >> from bottle import route, run, template >> >> @route('/hello/') >> def index(name): >> return template('Hello {{name}}!', >> name=name) >> >> run(host='localhost', port=8080) >> ``` >> >> There are docs and every function is Ctrl-F'able within bottle.py. >> >> On Friday, March 30, 2018, kirby urner wrote: >> >>> >>> Very interesting. I note that free users are relegated to Python 2.7 >>> >>> Server modules can be Python 3.6 (outside the free version) >>> >>> Client stuff compiles to JavaScript and is approximately 2.7 >>> >>> That's a bit confusing maybe. I try to avoid 2.7 but that's not easy. >>> >>> In my Coding with Kids work, we use Codesters.com to teach Python, which >>> depends on Skulpt. Also 2.x ish. >>> >>> Kirby >>> >>> >>> >>> On Fri, Mar 30, 2018 at 11:49 AM, Jason Blum >>> wrote: >>> >>>> http://anvil.works/ is a pretty interesting approach to Python web >>>> applications. >>>> >>>> On Fri, Mar 30, 2018 at 2:05 PM, kirby urner >>>> wrote: >>>> >>>>> >>>>> Hi Aivar -- >>>>> >>>>> I think it's a fine idea to write simple Python scripts that write >>>>> HTML files, which you may then pull up in the browser. >>>>> >>>>> There's no need to put a server behind static web pages. So, for >>>>> example, I'll have my students write a page of bookmarks: >>>>> >>>>> # -*- coding: utf-8 -*- >>>>> """ >>>>> Created on Wed Nov 4 18:02:30 2015 >>>>> >>>>> @author: Kirby Urner >>>>> """ >>>>> >>>>> # tuple of tuples >>>>> bookmarks = ( >>>>> ("Anaconda.org", "http://anaconda.org"), >>>>> ("Python.org", "http://python.org"), >>>>> ("Python Docs", "https://docs.python.org/3/"), >>>>> ("Spaghetti Code", "http://c2.com/cgi/wiki?SpaghettiCode"), >>>>> ("Structured Programming", "http://c2.com/cgi/wiki?Struct >>>>> uredProgramming"), >>>>> ("Map of Languages", "http://archive.oreilly.com/pu >>>>> b/a/oreilly//news/languageposter_0504.html"), >>>>> ("XKCD", "http://xkcd.com"), >>>>> ) >>>>> >>>>> page = '''\ >>>>> >>>>> {} >>>>> ''' >>>>> >>>>> html = """\ >>>>> >>>>> >>>>> Bookmarks for Python >>>>> >>>>> >>>>>

Bookmarks

>>>>>
>>>>>
    >>>>> {} >>>>>
>>>>> >>>>> >>>>> """.lower() >>>>> >>>>> the_body = "" >>>>> for place, url in bookmarks: >>>>> the_body += "
  • {}
  • \n".format(url, place) >>>>> >>>>> webpage = open("links.html", "w") >>>>> print(page.format(html.format(the_body)), file=webpage) >>>>> webpage.close() >>>>> >>>>> All you need add to your example is using print() to save to a file, >>>>> so the browser has something to open. >>>>> >>>>> I would not call this a "web app" yet it's instructive in showing how >>>>> Python can write HTML files. >>>>> >>>>> Kirby >>>>> >>>>> >>>>> >>>>> On Wed, Mar 28, 2018 at 12:18 AM, Aivar Annamaa >>>>> wrote: >>>>> >>>>>> Hi! >>>>>> Let's say my students are able to write programs like this: >>>>>> >>>>>> name = input("name") >>>>>> >>>>>> if name == "Pete": >>>>>> greeting = "Hi" >>>>>> else: >>>>>> greeting = "Hello!" >>>>>> >>>>>> print(f""" >>>>>> >>>>>> >>>>>> {greeting} {name}! >>>>>> >>>>>> >>>>>> """) >>>>>> >>>>>> I'd like to allow them start writing web-apps without introducing >>>>>> functions first (most web-frameworks require functions). >>>>>> >>>>>> It occurred to me that it's not hard to create a wrapper, which >>>>>> presents this code as a web-app (input would be patched to look up >>>>>> GET or POST parameters with given name). >>>>>> >>>>>> This approach would allow simple debugging of the code on local >>>>>> machine and no extra libraries are required in this phase. >>>>>> >>>>>> Any opinions on this? Has this been tried before? >>>>>> >>>>>> best regards, >>>>>> Aivar >>>>>> >>>>>> _______________________________________________ >>>>>> Edu-sig mailing list >>>>>> Edu-sig at python.org >>>>>> https://mail.python.org/mailman/listinfo/edu-sig >>>>>> >>>>>> >>>>> >>>>> _______________________________________________ >>>>> Edu-sig mailing list >>>>> Edu-sig at python.org >>>>> https://mail.python.org/mailman/listinfo/edu-sig >>>>> >>>>> >>>> >>> -------------- next part -------------- An HTML attachment was scrubbed... URL: From carl at nextdayvideo.com Mon Apr 2 19:16:48 2018 From: carl at nextdayvideo.com (Carl Karsten) Date: Mon, 2 Apr 2018 18:16:48 -0500 Subject: [Edu-sig] Simplest webapps In-Reply-To: References: <4bee909c-1437-4ed9-57b7-ce2dd709e0d2@ut.ee> Message-ID: web2py was written by a college professor to teach web development on a tight schedule. he didn't like the existing ones that took too long to get a Hello World thing up and running. "pick a db engine" is not something that needs to be part of the 2 hours of class time this week. but, it is targeting web development, not Python. And I am pretty sure it wants functions and a few other stated requirements. The only reason I bring it up is it may be a better fit that any of the other proposed ideas, and its install really is: http://www.web2py.com/init/default/download "After download, unzip it and click on web2py.exe (windows) or web2py.app (osx). To run from source, type: python2.7 web2py.py" (I guess Linux users are good with "run from source") I can confirm it works, but I have never done anything real, but I know people who have, so I would not be afraid of it. OTOH, it may not be the solution you are looking for, and that's fine. On Mon, Apr 2, 2018 at 3:20 PM, Andrew Harrington wrote: > Bottle sound like it makes things very simple. > I also have a chapter introducing server-side Python interaction in very > simple cases. > http://anh.cs.luc.edu/python/hands-on/3.1/handsonHtml/ch4.html > It does come well after function introduction. > > Dr. Andrew N. Harrington > Computer Science Department > Graduate Program Director gpd at cs.luc.edu > Loyola University Chicago > 207 Doyle Center, 1052 W Loyola Ave. > http://www.cs.luc.edu/~anh > Phone: 773-508-3569 > Dept. Fax: 773-508-3739 > aharrin at luc.edu (as professor, not gpd role) > > On Sat, Mar 31, 2018 at 8:20 PM, Wes Turner wrote: >> >> Web programming is fun but dangerous. >> Things as simple as 'it reads a file off the disk and sends it to the >> user' can unintentionally expose every readable file to whoever or whatever >> can access localhost. >> >> ```python >> os.path.join('here', '/etc/shadow') >> path = 'here/' + '../../../../etc/shadow' >> ``` >> >> All of the examples in this thread are susceptible to XSS (Cross Site >> Scripting) and CSRF (Cross-site Request Forgery). Don't feel bad; many >> college web programming courses teach dangerous methods, too. >> >> XSS: >> ``` >> x = """""" >> return f'{x}' >> """ >> >> Bottle has multiple templating engines which escape user-supplied input >> (in order to maintain a separation between data and code). >> >> Like XSS, SQLi is also a 'code injection' issue. pypi:Records can use >> SQLAlchemy. Django is a great framework with a built-in ORM that also >> escapes SQL queries. >> >> CSRF: >> - X posts an XSS to site A that POSTs to site B >> - 100 users view site A >> - [...] >> >> http://bottle-utils.readthedocs.io/en/latest/csrf.html >> >> https://bottlepy.org/docs/dev/tutorial.html#html-form-handling >> >> OWASP has a lot of information on WebSec: >> >> OWASP Top 10 >> https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project >> >> The OWASP Vulnerable Web Applications Directory Project (VWAD) >> https://github.com/OWASP/OWASP-VWAD >> >> Any program or user on the system can read and write to localhost. >> >> >> On Saturday, March 31, 2018, Wes Turner wrote: >>> >>> Bottle is a single file web microframework. >>> >>> https://github.com/bottlepy/bottle >>> https://github.com/bottlepy/bottle/blob/master/bottle.py >>> >>> > Example: "Hello World" in a bottle >>> >>> ```python >>> from bottle import route, run, template >>> >>> @route('/hello/') >>> def index(name): >>> return template('Hello {{name}}!', >>> name=name) >>> >>> run(host='localhost', port=8080) >>> ``` >>> >>> There are docs and every function is Ctrl-F'able within bottle.py. >>> >>> On Friday, March 30, 2018, kirby urner wrote: >>>> >>>> >>>> Very interesting. I note that free users are relegated to Python 2.7 >>>> >>>> Server modules can be Python 3.6 (outside the free version) >>>> >>>> Client stuff compiles to JavaScript and is approximately 2.7 >>>> >>>> That's a bit confusing maybe. I try to avoid 2.7 but that's not easy. >>>> >>>> In my Coding with Kids work, we use Codesters.com to teach Python, which >>>> depends on Skulpt. Also 2.x ish. >>>> >>>> Kirby >>>> >>>> >>>> >>>> On Fri, Mar 30, 2018 at 11:49 AM, Jason Blum >>>> wrote: >>>>> >>>>> http://anvil.works/ is a pretty interesting approach to Python web >>>>> applications. >>>>> >>>>> On Fri, Mar 30, 2018 at 2:05 PM, kirby urner >>>>> wrote: >>>>>> >>>>>> >>>>>> Hi Aivar -- >>>>>> >>>>>> I think it's a fine idea to write simple Python scripts that write >>>>>> HTML files, which you may then pull up in the browser. >>>>>> >>>>>> There's no need to put a server behind static web pages. So, for >>>>>> example, I'll have my students write a page of bookmarks: >>>>>> >>>>>> # -*- coding: utf-8 -*- >>>>>> """ >>>>>> Created on Wed Nov 4 18:02:30 2015 >>>>>> >>>>>> @author: Kirby Urner >>>>>> """ >>>>>> >>>>>> # tuple of tuples >>>>>> bookmarks = ( >>>>>> ("Anaconda.org", "http://anaconda.org"), >>>>>> ("Python.org", "http://python.org"), >>>>>> ("Python Docs", "https://docs.python.org/3/"), >>>>>> ("Spaghetti Code", "http://c2.com/cgi/wiki?SpaghettiCode"), >>>>>> ("Structured Programming", >>>>>> "http://c2.com/cgi/wiki?StructuredProgramming"), >>>>>> ("Map of Languages", >>>>>> "http://archive.oreilly.com/pub/a/oreilly//news/languageposter_0504.html"), >>>>>> ("XKCD", "http://xkcd.com"), >>>>>> ) >>>>>> >>>>>> page = '''\ >>>>>> >>>>>> {} >>>>>> ''' >>>>>> >>>>>> html = """\ >>>>>> >>>>>> >>>>>> Bookmarks for Python >>>>>> >>>>>> >>>>>>

    Bookmarks

    >>>>>>
    >>>>>>
      >>>>>> {} >>>>>>
    >>>>>> >>>>>> >>>>>> """.lower() >>>>>> >>>>>> the_body = "" >>>>>> for place, url in bookmarks: >>>>>> the_body += "
  • {}
  • \n".format(url, place) >>>>>> >>>>>> webpage = open("links.html", "w") >>>>>> print(page.format(html.format(the_body)), file=webpage) >>>>>> webpage.close() >>>>>> >>>>>> All you need add to your example is using print() to save to a file, >>>>>> so the browser has something to open. >>>>>> >>>>>> I would not call this a "web app" yet it's instructive in showing how >>>>>> Python can write HTML files. >>>>>> >>>>>> Kirby >>>>>> >>>>>> >>>>>> >>>>>> On Wed, Mar 28, 2018 at 12:18 AM, Aivar Annamaa >>>>>> wrote: >>>>>>> >>>>>>> Hi! >>>>>>> >>>>>>> Let's say my students are able to write programs like this: >>>>>>> >>>>>>> name = input("name") >>>>>>> >>>>>>> if name == "Pete": >>>>>>> greeting = "Hi" >>>>>>> else: >>>>>>> greeting = "Hello!" >>>>>>> >>>>>>> print(f""" >>>>>>> >>>>>>> >>>>>>> {greeting} {name}! >>>>>>> >>>>>>> >>>>>>> """) >>>>>>> >>>>>>> I'd like to allow them start writing web-apps without introducing >>>>>>> functions first (most web-frameworks require functions). >>>>>>> >>>>>>> It occurred to me that it's not hard to create a wrapper, which >>>>>>> presents this code as a web-app (input would be patched to look up GET or >>>>>>> POST parameters with given name). >>>>>>> >>>>>>> This approach would allow simple debugging of the code on local >>>>>>> machine and no extra libraries are required in this phase. >>>>>>> >>>>>>> Any opinions on this? Has this been tried before? >>>>>>> >>>>>>> best regards, >>>>>>> Aivar >>>>>>> >>>>>>> >>>>>>> _______________________________________________ >>>>>>> Edu-sig mailing list >>>>>>> Edu-sig at python.org >>>>>>> https://mail.python.org/mailman/listinfo/edu-sig >>>>>>> >>>>>> >>>>>> >>>>>> _______________________________________________ >>>>>> Edu-sig mailing list >>>>>> Edu-sig at python.org >>>>>> https://mail.python.org/mailman/listinfo/edu-sig >>>>>> >>>>> >>>> > > > _______________________________________________ > Edu-sig mailing list > Edu-sig at python.org > https://mail.python.org/mailman/listinfo/edu-sig > From aivar.annamaa at ut.ee Tue Apr 3 17:39:59 2018 From: aivar.annamaa at ut.ee (Aivar Annamaa) Date: Wed, 4 Apr 2018 00:39:59 +0300 Subject: [Edu-sig] Simplest webapps In-Reply-To: References: <4bee909c-1437-4ed9-57b7-ce2dd709e0d2@ut.ee> Message-ID: Big thank you to everybody for the pointers! I have now lot to test and think about. best regards, Aivar 03.04.2018 02:16 Carl Karsten kirjutas: > web2py was written by a college professor to teach web development on > a tight schedule. he didn't like the existing ones that took too long > to get a Hello World thing up and running. "pick a db engine" is not > something that needs to be part of the 2 hours of class time this > week. > > but, it is targeting web development, not Python. And I am pretty sure > it wants functions and a few other stated requirements. The only > reason I bring it up is it may be a better fit that any of the other > proposed ideas, and its install really is: > > http://www.web2py.com/init/default/download > "After download, unzip it and click on web2py.exe (windows) or > web2py.app (osx). To run from source, type: python2.7 web2py.py" (I > guess Linux users are good with "run from source") > > I can confirm it works, but I have never done anything real, but I > know people who have, so I would not be afraid of it. > > OTOH, it may not be the solution you are looking for, and that's fine. > > > > > > > > On Mon, Apr 2, 2018 at 3:20 PM, Andrew Harrington wrote: >> Bottle sound like it makes things very simple. >> I also have a chapter introducing server-side Python interaction in very >> simple cases. >> http://anh.cs.luc.edu/python/hands-on/3.1/handsonHtml/ch4.html >> It does come well after function introduction. >> >> Dr. Andrew N. Harrington >> Computer Science Department >> Graduate Program Director gpd at cs.luc.edu >> Loyola University Chicago >> 207 Doyle Center, 1052 W Loyola Ave. >> http://www.cs.luc.edu/~anh >> Phone: 773-508-3569 >> Dept. Fax: 773-508-3739 >> aharrin at luc.edu (as professor, not gpd role) >> >> On Sat, Mar 31, 2018 at 8:20 PM, Wes Turner wrote: >>> Web programming is fun but dangerous. >>> Things as simple as 'it reads a file off the disk and sends it to the >>> user' can unintentionally expose every readable file to whoever or whatever >>> can access localhost. >>> >>> ```python >>> os.path.join('here', '/etc/shadow') >>> path = 'here/' + '../../../../etc/shadow' >>> ``` >>> >>> All of the examples in this thread are susceptible to XSS (Cross Site >>> Scripting) and CSRF (Cross-site Request Forgery). Don't feel bad; many >>> college web programming courses teach dangerous methods, too. >>> >>> XSS: >>> ``` >>> x = """""" >>> return f'{x}' >>> """ >>> >>> Bottle has multiple templating engines which escape user-supplied input >>> (in order to maintain a separation between data and code). >>> >>> Like XSS, SQLi is also a 'code injection' issue. pypi:Records can use >>> SQLAlchemy. Django is a great framework with a built-in ORM that also >>> escapes SQL queries. >>> >>> CSRF: >>> - X posts an XSS to site A that POSTs to site B >>> - 100 users view site A >>> - [...] >>> >>> http://bottle-utils.readthedocs.io/en/latest/csrf.html >>> >>> https://bottlepy.org/docs/dev/tutorial.html#html-form-handling >>> >>> OWASP has a lot of information on WebSec: >>> >>> OWASP Top 10 >>> https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project >>> >>> The OWASP Vulnerable Web Applications Directory Project (VWAD) >>> https://github.com/OWASP/OWASP-VWAD >>> >>> Any program or user on the system can read and write to localhost. >>> >>> >>> On Saturday, March 31, 2018, Wes Turner wrote: >>>> Bottle is a single file web microframework. >>>> >>>> https://github.com/bottlepy/bottle >>>> https://github.com/bottlepy/bottle/blob/master/bottle.py >>>> >>>>> Example: "Hello World" in a bottle >>>> ```python >>>> from bottle import route, run, template >>>> >>>> @route('/hello/') >>>> def index(name): >>>> return template('Hello {{name}}!', >>>> name=name) >>>> >>>> run(host='localhost', port=8080) >>>> ``` >>>> >>>> There are docs and every function is Ctrl-F'able within bottle.py. >>>> >>>> On Friday, March 30, 2018, kirby urner wrote: >>>>> >>>>> Very interesting. I note that free users are relegated to Python 2.7 >>>>> >>>>> Server modules can be Python 3.6 (outside the free version) >>>>> >>>>> Client stuff compiles to JavaScript and is approximately 2.7 >>>>> >>>>> That's a bit confusing maybe. I try to avoid 2.7 but that's not easy. >>>>> >>>>> In my Coding with Kids work, we use Codesters.com to teach Python, which >>>>> depends on Skulpt. Also 2.x ish. >>>>> >>>>> Kirby >>>>> >>>>> >>>>> >>>>> On Fri, Mar 30, 2018 at 11:49 AM, Jason Blum >>>>> wrote: >>>>>> http://anvil.works/ is a pretty interesting approach to Python web >>>>>> applications. >>>>>> >>>>>> On Fri, Mar 30, 2018 at 2:05 PM, kirby urner >>>>>> wrote: >>>>>>> >>>>>>> Hi Aivar -- >>>>>>> >>>>>>> I think it's a fine idea to write simple Python scripts that write >>>>>>> HTML files, which you may then pull up in the browser. >>>>>>> >>>>>>> There's no need to put a server behind static web pages. So, for >>>>>>> example, I'll have my students write a page of bookmarks: >>>>>>> >>>>>>> # -*- coding: utf-8 -*- >>>>>>> """ >>>>>>> Created on Wed Nov 4 18:02:30 2015 >>>>>>> >>>>>>> @author: Kirby Urner >>>>>>> """ >>>>>>> >>>>>>> # tuple of tuples >>>>>>> bookmarks = ( >>>>>>> ("Anaconda.org", "http://anaconda.org"), >>>>>>> ("Python.org", "http://python.org"), >>>>>>> ("Python Docs", "https://docs.python.org/3/"), >>>>>>> ("Spaghetti Code", "http://c2.com/cgi/wiki?SpaghettiCode"), >>>>>>> ("Structured Programming", >>>>>>> "http://c2.com/cgi/wiki?StructuredProgramming"), >>>>>>> ("Map of Languages", >>>>>>> "http://archive.oreilly.com/pub/a/oreilly//news/languageposter_0504.html"), >>>>>>> ("XKCD", "http://xkcd.com"), >>>>>>> ) >>>>>>> >>>>>>> page = '''\ >>>>>>> >>>>>>> {} >>>>>>> ''' >>>>>>> >>>>>>> html = """\ >>>>>>> >>>>>>> >>>>>>> Bookmarks for Python >>>>>>> >>>>>>> >>>>>>>

    Bookmarks

    >>>>>>>
    >>>>>>>
      >>>>>>> {} >>>>>>>
    >>>>>>> >>>>>>> >>>>>>> """.lower() >>>>>>> >>>>>>> the_body = "" >>>>>>> for place, url in bookmarks: >>>>>>> the_body += "
  • {}
  • \n".format(url, place) >>>>>>> >>>>>>> webpage = open("links.html", "w") >>>>>>> print(page.format(html.format(the_body)), file=webpage) >>>>>>> webpage.close() >>>>>>> >>>>>>> All you need add to your example is using print() to save to a file, >>>>>>> so the browser has something to open. >>>>>>> >>>>>>> I would not call this a "web app" yet it's instructive in showing how >>>>>>> Python can write HTML files. >>>>>>> >>>>>>> Kirby >>>>>>> >>>>>>> >>>>>>> >>>>>>> On Wed, Mar 28, 2018 at 12:18 AM, Aivar Annamaa >>>>>>> wrote: >>>>>>>> Hi! >>>>>>>> >>>>>>>> Let's say my students are able to write programs like this: >>>>>>>> >>>>>>>> name = input("name") >>>>>>>> >>>>>>>> if name == "Pete": >>>>>>>> greeting = "Hi" >>>>>>>> else: >>>>>>>> greeting = "Hello!" >>>>>>>> >>>>>>>> print(f""" >>>>>>>> >>>>>>>> >>>>>>>> {greeting} {name}! >>>>>>>> >>>>>>>> >>>>>>>> """) >>>>>>>> >>>>>>>> I'd like to allow them start writing web-apps without introducing >>>>>>>> functions first (most web-frameworks require functions). >>>>>>>> >>>>>>>> It occurred to me that it's not hard to create a wrapper, which >>>>>>>> presents this code as a web-app (input would be patched to look up GET or >>>>>>>> POST parameters with given name). >>>>>>>> >>>>>>>> This approach would allow simple debugging of the code on local >>>>>>>> machine and no extra libraries are required in this phase. >>>>>>>> >>>>>>>> Any opinions on this? Has this been tried before? >>>>>>>> >>>>>>>> best regards, >>>>>>>> Aivar >>>>>>>> >>>>>>>> >>>>>>>> _______________________________________________ >>>>>>>> Edu-sig mailing list >>>>>>>> Edu-sig at python.org >>>>>>>> https://mail.python.org/mailman/listinfo/edu-sig >>>>>>>> >>>>>>> >>>>>>> _______________________________________________ >>>>>>> Edu-sig mailing list >>>>>>> Edu-sig at python.org >>>>>>> https://mail.python.org/mailman/listinfo/edu-sig >>>>>>> >> >> _______________________________________________ >> Edu-sig mailing list >> Edu-sig at python.org >> https://mail.python.org/mailman/listinfo/edu-sig >> > _______________________________________________ > Edu-sig mailing list > Edu-sig at python.org > https://mail.python.org/mailman/listinfo/edu-sig From kirby.urner at gmail.com Tue Apr 3 17:59:19 2018 From: kirby.urner at gmail.com (kirby urner) Date: Tue, 3 Apr 2018 14:59:19 -0700 Subject: [Edu-sig] Simplest webapps In-Reply-To: References: <4bee909c-1437-4ed9-57b7-ce2dd709e0d2@ut.ee> Message-ID: On Mon, Apr 2, 2018 at 4:16 PM, Carl Karsten wrote: ?... ? > http://www.web2py.com/init/default/download > "After download, unzip it and click on web2py.exe (windows) or > web2py.app (osx). To run from source, type: python2.7 web2py.py" (I > guess Linux users are good with "run from source") > > ?I see it also runs under Python 3.5/3.6 http://www.web2py.com/init/default/what ?Great. Handsome website too! I have a hard time recommending 2.7-based tools to any newcomers to Python, echoing Guido: https://youtu.be/GudJlbK4TY8 Kirby -------------- next part -------------- An HTML attachment was scrubbed... URL: From jurgis at akl.lt Mon Apr 9 18:04:29 2018 From: jurgis at akl.lt (Jurgis Pralgauskis) Date: Tue, 10 Apr 2018 01:04:29 +0300 Subject: [Edu-sig] Simplest webapps In-Reply-To: References: <4bee909c-1437-4ed9-57b7-ce2dd709e0d2@ut.ee> Message-ID: I made a small adapter for web2py to be used nearly as PHP for beginners :) web2py templates have the code-html mix with full Python syntax enabled (just indentation is ignored with html, so "pass" is used to end logical block). so with my example you can programm just templates (views) https://jurgisvcs.pythonanywhere.com/web2py_tutor/lesson_PHP_alike/ ps.: error messages if syntax is messed in template might be hard to track (compared to PHP) On Wed, Apr 4, 2018 at 12:59 AM, kirby urner wrote: > > > On Mon, Apr 2, 2018 at 4:16 PM, Carl Karsten > wrote: > > ?... > ? > >> http://www.web2py.com/init/default/download >> "After download, unzip it and click on web2py.exe (windows) or >> web2py.app (osx). To run from source, type: python2.7 web2py.py" (I >> guess Linux users are good with "run from source") >> >> > ?I see it also runs under Python 3.5/3.6 > > http://www.web2py.com/init/default/what > > ?Great. Handsome website too! > > I have a hard time recommending 2.7-based tools to any newcomers to > Python, echoing Guido: https://youtu.be/GudJlbK4TY8 > > Kirby > > > _______________________________________________ > Edu-sig mailing list > Edu-sig at python.org > https://mail.python.org/mailman/listinfo/edu-sig > > -- Jurgis Pralgauskis tel: 8-616 77613; Don't worry, be happy and make things better ;) http://kompiuterija.pasimokom.lt -------------- next part -------------- An HTML attachment was scrubbed... URL: From kirby.urner at gmail.com Mon Apr 23 22:36:00 2018 From: kirby.urner at gmail.com (kirby urner) Date: Mon, 23 Apr 2018 19:36:00 -0700 Subject: [Edu-sig] Using real world functions to teach arg passing Message-ID: I'm becoming increasingly aware that the flood of new Python users we're enjoying has everything to do with articles such as this one in Atlantic Monthly last month: https://www.theatlantic.com/science/archive/2018/04/the- scientific-paper-is-obsolete/556676/ I've appended a couple quotes from it. I enjoyed another perspective on the "Mathematica versus Open Source" face-off (Python's ecosystem in particular) in my joining what had been a Mathematica-focused company (Netmath) that then morphed into a Python teaching company (the O'Reilly School of Tech.). I joined after the Netmath chapter, but the purchased company was still working to make Mathematica a more popular front end by developing a product named Hilbert. https://www.cnet.com/news/oreilly-taking-mathematica-online/ Hilbert did the job it was supposed to, and we offered some calculus, but that's not where the market turned out to be. People were flooding into Python, still are. These days I'm all about what the article talks about: Jupyter Notebooks and the various tools it works with. Here's my latest thinking: When first introducing argument passing to functions, along with defining function parameters, using * and ** in particular (as scatter-gatherers) that's the right time to start using some of these fancy 3rd party packages like matplotlib and numpy, for your examples. Your average Python student is like a grad student in physics or statistics. They have lots of STEM skills and just want to get on with it efficiently, without getting side-tracked into investing a huge number of hours in a computer language (approximately the same user profile Guido encountered at Stichting Mathematisch Centrum -- ABC users -- i.e. the language attracts those for whom it was designed). If you get to such as numpy.random.random and matplotlib.pyplot.hist right away (with the appropriate abbreviations), that's like fresh air, oxygen, what they've come for in the first place, so why delay? Sure it's fine to show a couple functions like this for starters: def F(*args, **kwargs): print(args, kwargs) ... but then visit the docs and start showing actual function signatures of the Pyladies and such are *really* using. Build a dict of arguments and pass it with **. """ Three ways to say the same thing """ import numpy as np import matplotlib.pyplot as plt from inspect import signature # some data x = np.arange(0,10) y = np.random.randint(0, 5, size=10) plt.subplot(311) plt.plot(x, y, 'go--', linewidth=2, markersize=12) plt.subplot(312) plt.plot(x, y, color='green', marker='o', linestyle='dashed', linewidth=2, markersize=12) plt.subplot(313) params = {'color':'green', 'marker':'o', 'linestyle':'dashed', 'linewidth':2, 'markersize':12} print(signature(plt.plot)) plt.plot(*(x,y), **params) Side topic: some Python instructors think "keyword arguments and parameters" is a bit confusing given we also have what're called the "Python keywords" (in keyword.kwlist -- except not async or await for some reason, even in 3.6, I guess because local to a namespace?). They prefer "named arguments". However that suggests positional arguments are "unnamed" which isn't quite right either. If there's no *args to scoop up positionals first, dicts work to populate 'em, by name: In [147]: def F(x, y, *, z): ...: print(x, y, z) In [148]: kwargs = {'y':10, 'x':'A', 'z':100} In [149]: F(**kwargs) A 10 100 Even though we don't typically build dicts simply for the sole purpose of passing named arguments in our matplotlib or numpy tutorials, I think we should do that more in classes where core Python is still a focus. In other words, don't "save the best for last". Start using the best right from the top, to teach Python basics. Everyone can relate to a histogram or two, perhaps drawn at random from some normal distribution. Or plot real data why not? Keep it topical in some way. [ The data don't have to be dismal either (so much of stats tries to be "meaningful" in ways I consider less important than using a realistically complicated API). ] I'm working on moving in this direction for my courses in May. In June, I'm hoping to teach high school and middle schoolers how to use Jupyter Notebooks in the context of introducing what I call Martian Math. If you've been on this listserv for awhile, you know it's a pet topic of mine. We'll be using Anaconda on Windows. Kirby PS: I won't be making it to Cleveland this year, but I'm vicariously a participant in living close to where This is the Bus -- a Pythonista-modified school bus ala Ken Kesey that will feature in one of the Cleveland Pycon talks -- is starting from. Here's its picture, with more next to it if you click in Flickr: https://flic.kr/p/JcUt3E >From Atlantic Monthly: Python became a de facto standard for scientific computing because open-source developers like P?rez happened to build useful tools for it; and open-source developers have flocked to Python because it happens to be the de facto standard for scientific computing. Programming-language communities, like any social network, thrive?or die?on the strength of these feedback loops. ... "I think what they have is acceptance from the scientific community as a tool that is considered to be universal,? Theodore Gray says of P?rez?s group. ?And that?s the thing that Mathematica never really so far has achieved.? There are now 1.3 million of these notebooks hosted publicly on Github. They?re in use at Google, Bloomberg, and NASA; by musicians, teachers, and AI researchers; and in ?almost every country on Earth.? -------------- next part -------------- An HTML attachment was scrubbed... URL: