cannot concatenate 'str' and 'list' objects

Discussion in 'Python' started by Íéêüëáïò Êïýñáò, Sep 15, 2012.

  1. Hello,

    I recently changed webhost and in the new one iam getting this error you can see if you visit http://superhost.gr when program execution reaches the line:

    f = open( '../' + page )

    In the previous host i wasn't getting this error.

    page's contents is:

    page = form.getvalue('page')
    Íéêüëáïò Êïýñáò, Sep 15, 2012
    #1
    1. Advertising

  2. Sorry the problem appears when you try to input data botton down the page in the text area boxes and click submit.

    this is the error apperaing:

    A problem occurred in a Python script. Here is the sequence of function calls leading up to the error, in the order they occurred.

    /home/nikos/public_html/cgi-bin/counter.py in ()
    56 # I would suggest using some kind of verification function to check that the value of 'page' is OK, before opening the file.
    57
    58 f = open( '../' + page )
    59
    60 # read first line of the file
    f undefined, builtin open = <built-in function open>, page = ['index.html', 'index.html']
    <type 'exceptions.TypeError'>: cannot concatenate 'str' and 'list' objects
    args = ("cannot concatenate 'str' and 'list' objects",)
    message = "cannot concatenate 'str' and 'list' objects"
    Íéêüëáïò Êïýñáò, Sep 15, 2012
    #2
    1. Advertising

  3. On Sat, Sep 15, 2012 at 10:22 PM, Íéêüëáïò Êïýñáò <> wrote:
    > Hello,
    >
    > I recently changed webhost and in the new one iam getting this error you can see if you visit http://superhost.gr when program execution reaches theline:
    >
    > f = open( '../' + page )
    >
    > In the previous host i wasn't getting this error.
    >
    > page's contents is:
    >
    > page = form.getvalue('page')


    Well, clearly '../' is a string (str), and page must be a list. But
    without knowing your web framework it's hard to be sure what's going
    on.

    My guess is that form.getvalue() is returning a list of form elements
    with that name, so you have a list with one element in it. But check
    your documentation to be sure.

    Since this changed when you changed hosts, it may mean you now have a
    completely different framework. Possibly you can configure this.
    Alternatively, it may simply be a different version of the same
    system. It's hard to know just based on this, though.

    ChrisA
    Chris Angelico, Sep 15, 2012
    #3
  4. Ôç ÓÜââáôï, 15 Óåðôåìâñßïõ 2012 3:34:34 ì.ì. UTC+3, ï ÷ñÞóôçò Chris Angelico Ýãñáøå:
    > On Sat, Sep 15, 2012 at 10:22 PM, Íéêüëáïò Êïýñáò <> wrote:
    >
    > > Hello,

    >
    > >

    >
    > > I recently changed webhost and in the new one iam getting this error you can see if you visit http://superhost.gr when program execution reaches the line:

    >
    > >

    >
    > > f = open( '../' + page )

    >
    > >

    >
    > > In the previous host i wasn't getting this error.

    >
    > >

    >
    > > page's contents is:

    >
    > >

    >
    > > page = form.getvalue('page')

    >
    >
    >
    > Well, clearly '../' is a string (str), and page must be a list. But
    >
    > without knowing your web framework it's hard to be sure what's going
    >
    > on.
    >
    >
    >
    > My guess is that form.getvalue() is returning a list of form elements
    >
    > with that name, so you have a list with one element in it. But check
    >
    > your documentation to be sure.
    >
    >
    >
    > Since this changed when you changed hosts, it may mean you now have a
    >
    > completely different framework. Possibly you can configure this.
    >
    > Alternatively, it may simply be a different version of the same
    >
    > system. It's hard to know just based on this, though.
    >
    >
    >
    > ChrisA


    Iam not using frameworks just plain python code written in Notepad++

    Can you please tell me how to switch this line in order for this line to work?
    Íéêüëáïò Êïýñáò, Sep 15, 2012
    #4
  5. Ôç ÓÜââáôï, 15 Óåðôåìâñßïõ 2012 3:34:34 ì.ì. UTC+3, ï ÷ñÞóôçò Chris Angelico Ýãñáøå:
    > On Sat, Sep 15, 2012 at 10:22 PM, Íéêüëáïò Êïýñáò <> wrote:
    >
    > > Hello,

    >
    > >

    >
    > > I recently changed webhost and in the new one iam getting this error you can see if you visit http://superhost.gr when program execution reaches the line:

    >
    > >

    >
    > > f = open( '../' + page )

    >
    > >

    >
    > > In the previous host i wasn't getting this error.

    >
    > >

    >
    > > page's contents is:

    >
    > >

    >
    > > page = form.getvalue('page')

    >
    >
    >
    > Well, clearly '../' is a string (str), and page must be a list. But
    >
    > without knowing your web framework it's hard to be sure what's going
    >
    > on.
    >
    >
    >
    > My guess is that form.getvalue() is returning a list of form elements
    >
    > with that name, so you have a list with one element in it. But check
    >
    > your documentation to be sure.
    >
    >
    >
    > Since this changed when you changed hosts, it may mean you now have a
    >
    > completely different framework. Possibly you can configure this.
    >
    > Alternatively, it may simply be a different version of the same
    >
    > system. It's hard to know just based on this, though.
    >
    >
    >
    > ChrisA


    Iam not using frameworks just plain python code written in Notepad++

    Can you please tell me how to switch this line in order for this line to work?
    Íéêüëáïò Êïýñáò, Sep 15, 2012
    #5
  6. On Sat, Sep 15, 2012 at 11:28 PM, Íéêüëáïò Êïýñáò <> wrote:
    > Iam not using frameworks just plain python code written in Notepad++
    >
    > Can you please tell me how to switch this line in order for this line to work?


    f = open( '../' + page[0])

    will possibly work. But do try to understand what's happening, rather
    than simply solve the problem. You may find that something else has
    changed too.

    ChrisA
    Chris Angelico, Sep 15, 2012
    #6
  7. Ôç ÓÜââáôï, 15 Óåðôåìâñßïõ 2012 4:38:51 ì.ì. UTC+3, ï ÷ñÞóôçò Chris Angelico Ýãñáøå:
    > On Sat, Sep 15, 2012 at 11:28 PM, Íéêüëáïò Êïýñáò <> wrote:
    >
    > > Iam not using frameworks just plain python code written in Notepad++

    >
    > >

    >
    > > Can you please tell me how to switch this line in order for this line to work?

    >
    >
    >
    > f = open( '../' + page[0])
    >
    >
    >
    > will possibly work. But do try to understand what's happening, rather
    >
    > than simply solve the problem. You may find that something else has
    >
    > changed too.
    >
    >
    >
    > ChrisA


    i see you try to extract only the 1st element of the list, i tried that toobut it gives me now this weird message:

    if you visit my website http://superhost.gr
    Íéêüëáïò Êïýñáò, Sep 15, 2012
    #7
  8. Ôç ÓÜââáôï, 15 Óåðôåìâñßïõ 2012 4:38:51 ì.ì. UTC+3, ï ÷ñÞóôçò Chris Angelico Ýãñáøå:
    > On Sat, Sep 15, 2012 at 11:28 PM, Íéêüëáïò Êïýñáò <> wrote:
    >
    > > Iam not using frameworks just plain python code written in Notepad++

    >
    > >

    >
    > > Can you please tell me how to switch this line in order for this line to work?

    >
    >
    >
    > f = open( '../' + page[0])
    >
    >
    >
    > will possibly work. But do try to understand what's happening, rather
    >
    > than simply solve the problem. You may find that something else has
    >
    > changed too.
    >
    >
    >
    > ChrisA


    i see you try to extract only the 1st element of the list, i tried that toobut it gives me now this weird message:

    if you visit my website http://superhost.gr
    Íéêüëáïò Êïýñáò, Sep 15, 2012
    #8
  9. Íéêüëáïò Êïýñáò

    Roy Smith Guest

    In article <>,

    > i see you try to extract only the 1st element of the list, i tried that too
    > but it gives me now this weird message:
    >
    > if you visit my website http://superhost.gr


    Do you realize that the hosting service you're using (HostGator) is so
    mis-configured that it is exposing your source code and credentials to
    the entire world?

    When I go to that URL, I get a page which includes the name of the CGI
    script you are running (/home/nikos/public_html/cgi-bin/counter.py). I
    can then do a GET on http://superhost.gr/~nikos/cgi-bin/counter.py, and
    can see your script source code, including the credentials to attach to
    your database:

    conn = MySQLdb.connect( db = 'nikos_tech', host = 'localhost', user =
    'nikos_nikos', passwd = <elided>)

    How to properly configure a web server is way beyond the scope of this
    mailing list, but you really need to do some research there to safeguard
    your own data.
    Roy Smith, Sep 15, 2012
    #9
  10. Íéêüëáïò Êïýñáò

    Peter Otten Guest

    Îικόλαος ΚοÏÏας wrote:

    > Τη Σάββατο, 15 ΣεπτεμβÏίου 2012 4:38:51 μ.μ. UTC+3, ο χÏήστης Chris
    > Angelico έγÏαψε:
    >> On Sat, Sep 15, 2012 at 11:28 PM, Îικόλαος ΚοÏÏας <>
    >> wrote:
    >>
    >> > Iam not using frameworks just plain python code written in Notepad++

    >>
    >> >

    >>
    >> > Can you please tell me how to switch this line in order for this line
    >> > to work?

    >>
    >>
    >>
    >> f = open( '../' + page[0])
    >>
    >>
    >>
    >> will possibly work. But do try to understand what's happening, rather
    >>
    >> than simply solve the problem. You may find that something else has
    >>
    >> changed too.
    >>
    >>
    >>
    >> ChrisA

    >
    > i see you try to extract only the 1st element of the list, i tried that
    > too but it gives me now this weird message:
    >
    > if you visit my website http://superhost.gr


    You seem to have encoding problems:

    >>> print '\xc4\xe5\xed \xf5\xf0\xdc\xf1\xf7\xe5\xe9

    \xf4\xdd\xf4\xef\xe9\xef \xe1\xf1\xf7\xe5\xdf\xef \xde
    \xea\xe1\xf4\xdc\xeb\xef\xe3\xef\xf2'.decode("iso-8859-7")
    Δεν υπάÏχει τέτοιο αÏχείο ή κατάλογος

    That doesn't look weird (I'd guess) for someone who knows Greek...

    Proceeding to

    http://superhost.gr/cgi-bin/counter.py?page=foo.html

    versus

    http://superhost.gr/cgi-bin/counter.py?page=foo.html&page=bar.html

    it turns out that you get a list as the page variable only in the latter
    case. So you might have provoked your initial problem by following a buggy
    url with a duplicate page argument.
    Peter Otten, Sep 15, 2012
    #10
  11. Ôç ÓÜââáôï, 15 Óåðôåìâñßïõ 2012 5:21:22 ì.ì. UTC+3, ï ÷ñÞóôçò Roy Smith Ýãñáøå:
    > In article <>,
    >
    >
    >
    > > i see you try to extract only the 1st element of the list, i tried thattoo

    >
    > > but it gives me now this weird message:

    >
    > >

    >
    > > if you visit my website http://superhost.gr

    >
    >
    >
    > Do you realize that the hosting service you're using (HostGator) is so
    >
    > mis-configured that it is exposing your source code and credentials to
    >
    > the entire world?
    >
    >
    >
    > When I go to that URL, I get a page which includes the name of the CGI
    >
    > script you are running (/home/nikos/public_html/cgi-bin/counter.py). I
    >
    > can then do a GET on http://superhost.gr/~nikos/cgi-bin/counter.py, and
    >
    > can see your script source code, including the credentials to attach to
    >
    > your database:
    >
    >
    >
    > conn = MySQLdb.connect( db = 'nikos_tech', host = 'localhost', user=
    >
    > 'nikos_nikos', passwd = <elided>)
    >
    >
    >
    > How to properly configure a web server is way beyond the scope of this
    >
    > mailing list, but you really need to do some research there to safeguard
    >
    > your own data.


    I cant beleive that my source code can be seen form ANYONE this easily!!!!

    I moved to HostGaot because i heard there were the best in the hosting business.....
    Íéêüëáïò Êïýñáò, Sep 15, 2012
    #11
  12. On Sun, Sep 16, 2012 at 12:44 AM, Íéêüëáïò Êïýñáò <> wrote:
    > Ôç ÓÜââáôï, 15 Óåðôåìâñßïõ 2012 5:21:22 ì.ì. UTC+3, ï ÷ñÞóôçò Roy Smith Ýãñáøå:
    >> Do you realize that the hosting service you're using (HostGator) is so
    >> mis-configured that it is exposing your source code and credentials to
    >> the entire world?

    >
    > I cant beleive that my source code can be seen form ANYONE this easily!!!!
    >
    > I moved to HostGaot because i heard there were the best in the hosting business.....


    It's probably a simple misconfiguration that can be easily fixed. If
    you don't yourself understand it, talk to HostGator support;
    presumably you're paying them money for hosting, so they should be
    both able and willing to help you sort that out.

    I would recommend that you change your database password as soon as
    that's done, lest someone "seize the day" and take control of your
    database.

    ChrisA
    Chris Angelico, Sep 15, 2012
    #12
  13. in my case an .htaccess file gives redirects all html requests to /cgi-bin/counter.py by also provide as an argument to the counter.py script the initical html file request

    RewriteEngine On
    RewriteCond %{REQUEST_FILENAME} -f
    RewriteRule ^/?(.+\.html) /cgi-bin/counter.py?page=$1 [L,PT,QSA]

    so the latter you mentioned its not the case for me.
    But iam wondering why this doesnt work on this server while on my previous host did.....
    Íéêüëáïò Êïýñáò, Sep 15, 2012
    #13
  14. in my case an .htaccess file gives redirects all html requests to /cgi-bin/counter.py by also provide as an argument to the counter.py script the initical html file request

    RewriteEngine On
    RewriteCond %{REQUEST_FILENAME} -f
    RewriteRule ^/?(.+\.html) /cgi-bin/counter.py?page=$1 [L,PT,QSA]

    so the latter you mentioned its not the case for me.
    But iam wondering why this doesnt work on this server while on my previous host did.....
    Íéêüëáïò Êïýñáò, Sep 15, 2012
    #14
  15. On Sun, Sep 16, 2012 at 12:51 AM, Íéêüëáïò Êïýñáò <> wrote:
    > in my case an .htaccess file gives redirects all html requests to /cgi-bin/counter.py by also provide as an argument to the counter.py script the initical html file request
    >
    > RewriteEngine On
    > RewriteCond %{REQUEST_FILENAME} -f
    > RewriteRule ^/?(.+\.html) /cgi-bin/counter.py?page=$1 [L,PT,QSA]
    >
    > so the latter you mentioned its not the case for me.
    > But iam wondering why this doesnt work on this server while on my previous host did.....


    Okay, now we're getting to a possible difference. Check if this is
    properly working; perhaps HostGator don't let you use the rewrite
    engine in .htaccess. Make sure your .htaccess is in the right
    directory, too. I just tried a quick check and was greeted with a 404
    page, so the rule you describe isn't active.

    ChrisA
    Chris Angelico, Sep 15, 2012
    #15
  16. Thank i will do that, ill inform the support right away!
    Íéêüëáïò Êïýñáò, Sep 15, 2012
    #16
  17. The .htaccess file works with HostGator because the page was working all day rediecting all html requests fine to the counter.py script.

    Only when i tried to post data to the text area boxes this problem made its appearance.
    Íéêüëáïò Êïýñáò, Sep 15, 2012
    #17
  18. Íéêüëáïò Êïýñáò

    Roy Smith Guest

    In article <>,
    Íéêüëáïò Êïýñáò <> wrote:

    > I cant beleive that my source code can be seen form ANYONE this easily!!!!


    Which is why I pointed it out. I mean no disrespect, but you appear to
    be in over your head. That's fine (we're all in over our heads at some
    point, that's how we learn new things), but once you're running a server
    on the Internet, the consequences of your actions become much more
    severe.

    > I moved to HostGaot because i heard there were the best in the hosting
    > business.....


    The hosting business means different things to different people. At one
    end, there's places like WordPress and Tumblr which hide all the details
    and let you pour content into a blog with some control over styling. At
    the other end, there's places like AWS, Rackspace, etc, which give you a
    raw (virtual) machine, and you're free to do anything you want on it.

    In between, there's paces like HostGator, which give you a slice of a
    shared host, and you're free to install cgi scripts under the control of
    Apache. How much you get to play with the Apache configuration probably
    varies wildly from provider to provider. It looks like HostGator either
    has things mis-configured to allow your /cgi-bin directory to be
    visible, or allows you the ability to configure those things yourself,
    and you mis-configured it.
    Roy Smith, Sep 15, 2012
    #18
  19. Íéêüëáïò Êïýñáò, Sep 15, 2012
    #19
  20. On Sun, Sep 16, 2012 at 1:06 AM, Íéêüëáïò Êïýñáò <> wrote:
    > Previous webhost has the same flaw as well, look:
    >
    > http://www.errorweb.gr/~nikos/cgi-bin/
    >
    > giving away all my scripts.
    >
    > Webhost misconfiguration in both hosts!


    And when I look at the scripts, I see things that do not fill me with
    confidence. You appear to be reinventing the wheel, and making it
    hexagonal in the process. That's not to say you shouldn't tinker with
    wheel design now and then, but as Roy said, the consequences get quite
    severe once you're hosting a web site to the world.

    I've been guilty of the same sorts of issues myself. I was poking at
    some old code today (code that dates back a few years to when I was
    new to PHP and didn't know of any other way to make a dynamic web site
    other than CGI) and found some pretty ridiculous coding bloopers.
    Stuff that didn't stop the site's primary functionality from working,
    but it sure isn't what I'd call good code. Some day I'll rewrite it
    all... some day I'll have time available... anyway.

    Your counter.py appears to be doing what most people do after the fact
    with log-file analysis. It's usually a lot better to simply parse
    Apache's log files to find out how many people view your pages, rather
    than maintaining the statistics. This has a race condition in it:

    # update existing visitor record if same pin and same host found
    try:
    cursor.execute( '''UPDATE visitors SET hits = hits + 1, agent = %s,
    date = %s WHERE pin = %s AND host = %s''', (agent, date, pin, host))
    except MySQLdb.Error, e:
    print ( "Error %d: %s" % (e.args[0], e.args[1]) )

    # insert new visitor record if above update did not affect a row
    if cursor.rowcount == 0:
    cursor.execute( '''INSERT INTO visitors(pin, host, hits, agent,
    date) VALUES(%s, %s, %s, %s, %s)''', (pin, host, 1, agent, date) )


    If two page loads simultaneously execute this code, they'll both fail
    to update, and then both attempt to insert.

    Also, it's extremely insecure to simply print your database errors.
    Emit them to a separate log file that only you have access to, and
    monitor that log while you're developing. Once you're done developing,
    switch to an alert system if you can, because SQL errors should never
    occur (obviously don't alert if there are specific errors that you
    intend to cause and catch).

    See if you can replace the whole mess of CGI scripts with flat HTML
    files and AWStats. You'll have much more flexibility in hosting
    company choice, less risk of security breaches, and much MUCH easier
    management.

    ChrisA
    Chris Angelico, Sep 15, 2012
    #20
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. David
    Replies:
    2
    Views:
    476
    Thomas G. Marshall
    Aug 3, 2003
  2. Replies:
    9
    Views:
    8,186
  3. maestro
    Replies:
    1
    Views:
    302
    Chris
    Aug 11, 2008
  4. abdulet
    Replies:
    2
    Views:
    538
    abdulet
    Oct 23, 2009
  5. Carlos

    Concatenate/De-Concatenate

    Carlos, Oct 12, 2012, in forum: VHDL
    Replies:
    10
    Views:
    877
Loading...

Share This Page