This presentation shall address the web2py web framework, my favorite way to develop web apps.
web2py is a free, open-source web framework for agile development of secure database-driven web applications; it is written in Python and programmable in Python. web2py is a full-stack framework, meaning that it contains all the components you need to build fully functional web applications.
Ease of use is the primary goal for web2py. For us, this means reducing the learning and deployment time. This is why web2py is a full-stack framework without dependencies. It requires no installation and has no configuration files. Everything works out of the box, including a web server, database and a web-based IDE that gives access to all the main features.
I will show you why web2py can make you more productive by bringing the result of a reflection over the best ideas of the most popular MVC based web frameworks enforcing the best practices for a fast, scalable and secure web application with minimal effort. There will be a live demo where you can get a faster grasp on how does it work and how fun it can be.
For more: www.web2py.com
From the current offensive and defensive technique arsenal, memory analysis applied to volatile memory is far from being the most explored channel. It is more likely to hear about input validation attacks or attacks against the protocol & cryptography while keys, passphrases, credit card numbers and other precious artifacts are kept unsafely in memory. This analysis arises as a mine waiting to be explored since it is sustained by one of the most vulnerable and unavoidable resource to systems, memory. From Java to Stuxnex, as well as Windows but without forgetting the Cloud, I will try to show some scenarios where these techniques can be applied, its impact as a threat and bring an important and fun subject not just to those who work in forensics but also to penetration testers as myself. Finally, I will also try to show how can this be used for defensive technologies as tools for monitoring and protection in networks with systems in production.
From the current offensive and defensive technique arsenal, memory analysis applied to volatile memory is far from being the most explored channel. It is more likely to hear about input validation attacks or attacks against the protocol & cryptography while keys, passphrases, credit card numbers and other precious artifacts are kept unsafely in memory. This analysis arises as a mine waiting to be explored since it is sustained by one of the most vulnerable and unavoidable resource to systems, memory. From Java to Stuxnex, as well as Windows but without forgetting the Cloud, I will try to show some scenarios where these techniques can be applied, its impact as a threat and bring an important and fun subject not just to those who work in forensics but also to penetration testers as myself. Finally, I will also try to show how can this be used for defensive technologies as tools for monitoring and protection in networks with systems in production.
Just because Flask is a micro-framework doesn’t mean we still don’t want to have great AAA (authentication, authorization, and accounting), email services, simplified database access/migrations and form handling. Lets look at some of the most common libraries used to build the powerful simplicity of Flask into a full featured web application without having to reinvent the wheel each time.
Esse Minicurso foi realizado na Semcomp 18 do ICMC/USP São Carlos, introduzindo conceitos básicos de um servidor backend utilizando o microframework Flask utilizando a linguagem Python
The PHP 7 release is just around the corner, bringing some much-desired changes and improvements to the language. However, many developers simply aren't aware of what's coming. We'll remedy this by checking out the new "spaceship operator," demonstrating how static type hints produce clean code, and using anonymous classes to quickly implement interfaces on the fly. Attendees will also learn about breaking changes and "gotchas" to watch out for when making the upgrade and will receive pointers on getting started with PHP 7 today.
Datagrids with Symfony 2, Backbone and Backgrideugenio pombi
These are the slides of the code-centered presentation I did with Giorgio Cefaro at the Javascript UserGroup Roma and the PHP User Group Roma.
In this presentation we try to show many powerful features of symfony2 and its bundles to work as a backend system for single page applications.
On the client side we describe how we made a javascript editable grid using Backbone.js and its plugin for grids Backgrid.js.
BUILDING MODERN PYTHON WEB FRAMEWORKS USING FLASK WITH NEIL GREYCodeCore
How to get up and running in minutes with the lean, scalable, and easy to maintain Python web framework, Flask. Attendees will get to see how Flask acts as the sturdy glue between your database framework, front-end templates and operating system. Keep an eye out for tips/tricks using SQLite, Jinja2, and Werkzeug.
Neil is a software developer with a background in 3D graphics programming and management information systems. Presently he's working with Image Engine on feature-film visual effects projects like Teenage Mutant Ninja Turtles, Elysium, Fast & Furious. He's also a co-founder of ComboMash Entertainment, an independent game studio based in Vancouver.
PECL Picks - Extensions to make your life betterZendCon
One of the biggest strengths of PHP is its "glue" power. Take any C library and with a little magic and a compiler you have a fantastic extension. These extensions hide in PECL, but few people can tell the good from the unmaintained or just plain broken. Find the best extensions for your project, learn about PECL, and find out how to become a part of the PECL developer community.
An overview of the Django rapid application development framework. Topics include the history of the framework, an architectural overview, how to get started, and a brief comparison to Ruby on Rails.
Just because Flask is a micro-framework doesn’t mean we still don’t want to have great AAA (authentication, authorization, and accounting), email services, simplified database access/migrations and form handling. Lets look at some of the most common libraries used to build the powerful simplicity of Flask into a full featured web application without having to reinvent the wheel each time.
Esse Minicurso foi realizado na Semcomp 18 do ICMC/USP São Carlos, introduzindo conceitos básicos de um servidor backend utilizando o microframework Flask utilizando a linguagem Python
The PHP 7 release is just around the corner, bringing some much-desired changes and improvements to the language. However, many developers simply aren't aware of what's coming. We'll remedy this by checking out the new "spaceship operator," demonstrating how static type hints produce clean code, and using anonymous classes to quickly implement interfaces on the fly. Attendees will also learn about breaking changes and "gotchas" to watch out for when making the upgrade and will receive pointers on getting started with PHP 7 today.
Datagrids with Symfony 2, Backbone and Backgrideugenio pombi
These are the slides of the code-centered presentation I did with Giorgio Cefaro at the Javascript UserGroup Roma and the PHP User Group Roma.
In this presentation we try to show many powerful features of symfony2 and its bundles to work as a backend system for single page applications.
On the client side we describe how we made a javascript editable grid using Backbone.js and its plugin for grids Backgrid.js.
BUILDING MODERN PYTHON WEB FRAMEWORKS USING FLASK WITH NEIL GREYCodeCore
How to get up and running in minutes with the lean, scalable, and easy to maintain Python web framework, Flask. Attendees will get to see how Flask acts as the sturdy glue between your database framework, front-end templates and operating system. Keep an eye out for tips/tricks using SQLite, Jinja2, and Werkzeug.
Neil is a software developer with a background in 3D graphics programming and management information systems. Presently he's working with Image Engine on feature-film visual effects projects like Teenage Mutant Ninja Turtles, Elysium, Fast & Furious. He's also a co-founder of ComboMash Entertainment, an independent game studio based in Vancouver.
PECL Picks - Extensions to make your life betterZendCon
One of the biggest strengths of PHP is its "glue" power. Take any C library and with a little magic and a compiler you have a fantastic extension. These extensions hide in PECL, but few people can tell the good from the unmaintained or just plain broken. Find the best extensions for your project, learn about PECL, and find out how to become a part of the PECL developer community.
An overview of the Django rapid application development framework. Topics include the history of the framework, an architectural overview, how to get started, and a brief comparison to Ruby on Rails.
Plantillas para la creación de material docente accesible con herramientas of...Mireia Alcala
Plantillas para la creación de manuales o temarios, ejercicios o examenes y presentaciones que facilitan el acceso a personas con baja visión e implementan unas pequeñas mejoras para personas con dislexia
Palestra na semana global do empreendedorismo na Plug and work
https://eventioz.com.br/e/desenvolvendo-prototipos-de-startups-em-python
Esta palestra tem a proposta de apresentar a linguagem Python como solução para o desenvolvimento de protótipos e MVP para startups. Mostrar como empreendedores podem desenvolver seus próprios protótipos sem dependender da contratação de desenvolvedores profissionais e ter seu MVP funcionando em poucos dias com a ajuda de Python e seus web frameworks.
Presentació a càrrec de Mireia Alcalá, tècnica de Recursos d'Informació del CSUC, duta a terme el 10 de març de 2017 al "Seminario de gestión de datos de investigación" organitzat per la Unidad de Investigación y Transferencia Tecnológica. Gestión de la Investigación y Oficina de Proyectos Europeos (OPECT) i la Biblioteca de la Universidad Politécnica de Cartagena.
"If you talk, you don't listen;
if you don't listen, you're alone;
if you are alone, you aren't a leader;
if you aren't a leader, you don't leverage;
if you don't leverage you do not have impact!
conclusion: If you talk you do not have impact!"
This presentations does not teach you about Leadership, but gives you some small steps so you can become a better leader.
You cannot learn how to be a good Leader in just one presentation, or in one workshop, or in one week or even one month. Leadership is like Friendship we know when we have it, but not one knows how to get it. So the best approach is to to step-by-step!
A collection of insights about how to be a better leader gathered from experience, reflection, discussions and extensive reading.
Comments and Shares are welcomed!
The slides from my TEDxKids@Vilnius presentation on January 10th , 2015.
In this presentation I talk about how the didgeridoo saved my life after a series of events including bullying and deviant behavior and why I believe it is important to facilitate the access to different experiences in education.
Besides the talk I also lead a workshop with kids that resulted in a presentation in the end of the event.
You can see both videos at http://www.thewalkaboutfamily.com/2015/01/videos-from-tedxkidsvilnius/
Como produzir um artigo de referencia para a wikipedia (manuel de sousa)Manuel de Sousa
Intervenção sobre como produzir um artigo para a Wikipédia feita no dia 10 de Janeiro de 2011 no auditório da AEP, em Matosinhos, Portugal, integrada na apresentação do curso de "Recuperação Económica e Coesão Social", uma iniciativa do Centro de Informação Europeia Jacques Delors.
Code for Startup MVP (Ruby on Rails) Session 1Henry S
First Session on Learning to Code for Startup MVP's using Ruby on Rails.
This session covers the web architecture, Git/GitHub and makes a real rails app that is deployed to Heroku at the end.
Thanks,
Henry
Posons-nous et profitons de ce talk pour prendre un peu de hauteur sur l’état de l’industrie tech autour de la création d’API de persistence (CRUD).
D’où venons-nous, ou allons-nous ? Pourquoi le choix entre RPC, SOAP, REST et GraphQL n’est peut-être qu’un sujet de surface qui cache un problème bien plus profond…
Youtube: https://www.youtube.com/watch?v=IskE3m3VjRY
Python - A Comprehensive Programming LanguageTsungWei Hu
Python - A Comprehensive Programming Language, talk at
1. CSIE, Providence University, 2009/05/08
2. CSIE, National Taichung Institute of Technology, 2009/10/29
The web has changed! Users spend more time on mobile than on desktops and expect to have an amazing user experience on both. APIs are the heart of the new web as the central point of access data, encapsulating logic and providing the same data and same features for desktops and mobiles. In this workshop, Antonio will show you how to create complex APIs in an easy and quick way using API Platform built on Symfony.
SOLID Programming with Portable Class LibrariesVagif Abilov
Developers often don't pay attention to code portability until they need to target multiple platforms. However, large amount of non-portable code often hints about violation of clean code principles, so it is worth investigating which part of the source code base are platform-specific and for what reasons.
In this session we will give an overview of portable class libraries, show how to extract PCL components from a real-world application and go through typical challenges that are faced when writing portable code. We will present the original tool that analyzes assemblies for portability compliance and can be used as a guard to prevent mixing business logic with infrastructure-specific functionality. Finally we will demonstrate how PCLs help targeting platforms such as Windows Store, Android and iOS.
Lecture for CRIA-WT about JavaScript on the server. Explains why we prefer Node.js over PHP and shows the architecture, modules and a small demo application on https://github.com/rodmidde/cria-wt-demo/tree/master/NODE/SimpleMVC.
Survival Strategies for API Documentation: Presentation to Southwestern Ontar...Tom Johnson
This is a presentation I gave to the Southwestern Ontario STC chapter on API documentation on Feb 2, 2015. For more details, see my blog at http://idratherbewriting.com. You can listen to the recorded presentation here: http://youtu.be/I8rGe2w1sAo.
Save 10% off ANY FITC event with discount code 'slideshare'
See our upcoming events at www.fitc.ca
Node.js: The What, The How and The When
with Richard Nieuwenhuis
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
12. PHP?
Python is well designed, PHP is not:
Although it’s perfectly possible to write good
code in PHP,
it’s much easier to write great code in Python
from Why PHP Is Fun and Easy But Python Is Marriage
Material
13. Perl?
• LUKE: Is Perl better than Python?
• YODA: No... no... no. Quicker, easier, more seductive.
• LUKE: But how will I know why Python is better than Perl?
• YODA:You will know. . .
When your code you try to read six months from now.
14. Ruby?
Beautiful is better than ugly.
[...]
Although practicality beats purity.
from The Zen of Python
19. lessons learned (1/2)
• rapid turnaround
• secure by design
• web development is mostly about visual UI’s
• relies mostly on user interaction & feedback
• convention over configuration
• flexible as in hackable
20. lessons learned (2/2)
• fast and efficient but mostly scalable and stable
• different things come in different places
• plays well with others
• backward compatibility assured
• live community & support resources
• fun
21.
22. Welcome to the club!
founder: Massimo Di Pierro
main contributors: +80
users: +2000
25. why?
• easy to run, install and play with
• python based
• web IDE included
• web based database admin
• no dependencies, no configuration required
• multiple platform (GAE, EC2, Jython...)
26. why?
• Open source (LGPLv3 license)
• web2py applications have no license constraints
• web2py allows application bytecode compilation
• always backward compatible
• deployment-friendly...
27. deployment..
• always backward
compatible
• integrates well with web
servers (cgi, fcgi,
mod_python, mod_wsgi)
• error logging and
ticketing support
• Database Abstraction
Layer integrated
• integrated versioning
• integrated self-update
capability
• multiple caching
methods
• testing methods and
debug shell
28. what else?
• secure (against XSS, Injection flaws, RFI)
• SSL and multiple authentication methods
• enforces good Software Engineering practices (MVC,
Server-side form validation, postbacks...)
• Internationalization support
• HTML/XML, RSS/ATOM, RTF, PDF, JSON, AJAX
(includes jQuery), XML-RPC, CSV, REST, WIKI, Flash/
AMF, and Linked Data (RDF)
57. models
controllers
views
translations
static data
plugins & modules
appadmin
data
ways to extend your apps:
• modules are good way to import external
code
• plugins are applications subsets - a small
application “inside” your application
web2py app inside
58. models
controllers
views
translations
static data
plugins & modules
appadmin
data
web2py app inside
• databases (SQlite, MySQL, PostgreSQL,
Oracle, MSSQL, DB2, Firebird, MyBase,
Informix, Google App Engine)
• metadata for automatic migrations
• cache
61. • functions in controllers return dicts() into views
• controller methods are exposed to views with the
same name which is also used in the URL
• input validators (forms) are defined in the model as
integrity constraints (requires)
• DAL automatically creates the id field in your tables
• model code has full application scope
remember..
62. remember..
• you can use your editor of choice
• you can use DAL separately
• in controller functions you can redefine the target
view with response.view=”theme/myview.html”
• web2py shell is your friend
• recommended - start your files with:
# coding: utf8