Handling File Uploads With Flask

October 6, 2021 Leave a comment

A common feature in web applications is to let users upload files to the server. The HTTP protocol documents the mechanism for a client to upload a file in RFC 1867, and our favorite web framework Flask fully supports it, but there are many implementation details that fall outside of the formal specification that are unclear for many developers. Things such as where to store uploaded files, how to use them afterwards, or how to protect the server against malicious file uploads generate a lot of confusion and uncertainty.

In this article I’m going to show you how to implement a robust file upload feature for your Flask server that is compatible with the standard file upload support in your web browser as well as the cool JavaScript-based upload widgets


Categories: flask, python

Logging in Python like a PRO

September 23, 2021 Leave a comment

Beyond exception handling, there’s something else I see people struggling with, which is logging.

Most people don’t know what to log, so they decide to log anything thinking it might be better than nothing, and end up creating just noise. Noise is a piece of information that doesn’t help you or your team understand what’s going on or resolving a problem.

Furthermore, I feel people are uncertain about how to use log levels, and so they default to logger.info everywhere (when not using print statements).

Lastly, people seem clueless on how to config logging in python, they have no idea what are handlers, filters, formatters, etc.

My goal here is to clarify what good logging is, and how you should implement it. I’ll try to give meaningful examples, and provide you a flexible rule of thumb that should be used when logging for ANY application you’re ever going to build.


Categories: python Tags:

Checking data format

September 16, 2021 Leave a comment

Problem: When doing bulk inserts, if the data format is wrong I get errors. Below commands are a way to check that I have the correct format

mydb=> select 68,216.00::integer;
(1 row)

mydb=> SELECT ‘2020/09/22′::date;
(1 row)

mydb=> SELECT ’22/09/2020′::date;
ERROR: date/time field value out of range: “22/09/2020”
LINE 1: SELECT ’22/09/2020’::date;
HINT: Perhaps you need a different “datestyle” setting.

Categories: postgresql Tags:

Awk One-liners explained

September 14, 2021 Leave a comment

I needed to print the line immediately before a line that matches “/regex/” (but not the line that matches itself).


awk '/regex/ { print x }; { x=$0 }'

How it works:

This one-liner always saves the current line in the variable “x”. When it reads in the next line, the previous line is still available in the “x” variable. If that line matches “/regex/”, it prints out the variable x, and as a result, the previous line gets printed.

The website below has more awk one-liners as well as explanations as to how/why they work.


Categories: awk

Insert with Select

September 7, 2021 Leave a comment

One of the most pleasant aspects of working with Postgres is coming across features that save me lots of typing. Whenever I see repetitive SQL queries, I now tend to assume there is a feature available that will help me out.

One such feature is INSERT using a SELECT, and beyond that, using the output of a SELECT statement in place of VALUES.


Categories: Interesting, postgresql

How to Use Reprepro for a Secure Package Repository on Ubuntu 14.04

September 2, 2021 Leave a comment

Introduction to Packages and Repositories
We’ve all been there – needing a program – and what do we do? Most of us just apt-get install postfix and presto! We magically have Postfix installed.

It isn’t really magic, though. The package manager apt-get searches for, downloads, and installs the package for you. This is highly convenient, but what if apt-get can’t find the program you need on its standard list of repositories? Thankfully, apt-get allows users to specify custom download locations (called repositories).

In this tutorial, we will walk through setting up your own secure repository and making it public for others to use. We will be creating the repository on a Ubuntu 14.04 LTS Droplet, and testing the download from another Droplet with the same distribution.

To get the most out of this guide, make sure to check out our tutorial for managing packages with apt-get.

Two Ubuntu 14.04 LTS Droplets

By the end of the guide you will have:

* Prepared and published a repository signing key
* Set up a repository with Reprepro, the repository manager
* Made the repository public with the web server Nginx
* Added the repository on another server


Categories: debian, Interesting Tags: ,

Automate Remote SSH Control of Computers with Expect Scripts

September 1, 2021 Leave a comment

How to Combine Expect & Bash Scripts
Full Tutorial: https://nulb.app/x6vub
Subscribe to Null Byte: https://goo.gl/J6wEnH
Kody’s Twitter: https://twitter.com/KodyKinzie

Cyber Weapons Lab, Episode 210

Bash scripts are the normal way to get into automation. However, they have their limitations. In this episode of Cyber Weapons Lab, we’ll look at those limitations and learn about an alternative called expect scripts. Which, can be useful when we need to respond to variables, such as when you log in via SSH.

To learn more, check out the article on Null Byte’s site: https://nulb.app/x6vub

Automate tasks with Bash scripts: https://youtu.be/PPQ8m8xQAs8
Automate recon with Bash scripts: https://youtu.be/keK99avGLvQ

Follow Null Byte on:
Twitter: https://twitter.com/nullbyte
Flipboard: https://flip.it/3.Gf_0
Website: https://null-byte.com
Vimeo: https://vimeo.com/channels/nullbyte

Categories: bash Tags:

How to automate shell scripts with expect command

August 31, 2021 Leave a comment
Categories: bash Tags:

What is the difference between apt-get and apt?

August 24, 2021 Leave a comment


Like many other Ubuntu users, you may have wondered – What is the difference between apt-get and apt? Or perhaps – When to use apt-get and when apt?

To answer these questions, you first need to understand when and why these command-line interfaces were created. Then, you can compare them side-by-side to see why to use one over the other.

In this tutorial, you will learn the difference between apt and apt-get.


Categories: Interesting

A Complete Guide to UUIDs in PostgreSQL

August 23, 2021 Leave a comment

In summary, primary keys uniquely identify rows in a table.

You can create a primary key in a couple of different ways, including by making a composite primary key.

If you want to use UUIDs, you’ll need to install uuid-ossp in postgres and then include your UUID version in your CREATE TABLE command.

There are pros and cons to UUIDs — they’re very good for security, especially if your ids are in your URLS, but if your database is huge, they can slow it down in comparison to auto-incremented ids.

But can you put a price tag on being unique? Go forth and be the proud owners of a 128 digit number that no one else in the world has! (probably)

Selecting a primary key can be a big decision, but choosing a SQL client doesn’t have to be. Arctype is the free, collaborative sql editor that makes it easier to work with your databases.


More reading