web2pyTM Enterprise Web Framework

Free and open source full-stack enterprise framework for agile development of secure database-driven web-based applications, written and programmable in Python. Created by Massimo Di Pierro. © 2007-2008.

Locations of visitors to this page
Order the book on Amazon or Download sample chapters
Who is using web2py?
Try web2py administrative interface here
Try this Reddit clone (written in web2py) running on Google App Engine

Features

  • No installation, no configuration, no dependencies. All in one package. You can run it off a USB drive
  • Runs on Windows, OSX, Unix/Linux, and Windows CE phones.
  • Allows development, debugging, testing, deployment, maintenance and administration, including database administration, via the provided web interface.
  • Enforces good Software Engineer practices, like the Model-View-Controller design, validation and self-submission of forms.
  • Strong on security. Prevents the most common types of vulnerabilities: Cross Site Scripting, Injection Flaws, and Malicious File Execution.
  • Talks HTML, XML, RSS, ATOM, AJAX, JSON, RTF, CSV, WIKI, XML-RPC, REST, Flash, etc.
  • Dynamically and transparently generates SQL queries for you for SQLite, MySQL, PostgreSQL, MSSQL, FireBird and Oracle. Even creates and alters tables for you when required. Performs automatic transactions.
  • Allows you to create apps easily, byte-code compile them, and distribute them in open or closed source under any license you like.
  • Faster then the competition, designed for small as well as large projects, includes the ability to upload/download/stream large files, internationalization support, distributed transactions, ...

A taste of web2py

Consider the following complete application which consists a model (which describes the data representation): db.py 
1.
2.
db=SQLDB('sqlite://images.db')
db.define_table('image',SQLField('file','upload'))
a controller (which describes the application logic and workflow): images_examples.py 
1.
2.
3.
4.
def index():
    form=SQLFORM(db.image)
    if form.accepts(request.vars,session): response.flash='image uploaded'
    return dict(form=form)
and a view (which describes the data presentation): images_examples/index.html: 
1.
2.
3.
{{extend 'layout.html'}}
<h1>Upload page</h1>
{{=form}}
What does it do?
  • Creates the database db in file 'images.db'
  • Creates the table 'image' which contains a field called 'file'. If the table exists but does not match the definition it is altered accordingly.
  • Creates a web-based database administrative interface for db.image
  • Creates a web page called index with upload form for db.image. Try it here
  • On upload the file is renamed in a secure way, saved, and the name of the file is stored in a new field db.image record.