summaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
authorTim Graham <timograham@gmail.com>2012-09-28 09:50:02 -0400
committerTim Graham <timograham@gmail.com>2012-09-28 17:36:53 -0400
commitfea0ca4334b8c35100c0ca1048f81b9b3573bc26 (patch)
tree97d1d5010686bd86e5b066d038901fc53f8d826d /docs
parent6c2faaceb0482267cec19da0ff432984028f9d0c (diff)
Fixed #12871 - Documented creation of a comment form for authenticated users; thanks shacker for patch.
Diffstat (limited to 'docs')
-rw-r--r--docs/ref/contrib/comments/index.txt50
1 files changed, 50 insertions, 0 deletions
diff --git a/docs/ref/contrib/comments/index.txt b/docs/ref/contrib/comments/index.txt
index 4b1dd96280..1c6ff7c7ed 100644
--- a/docs/ref/contrib/comments/index.txt
+++ b/docs/ref/contrib/comments/index.txt
@@ -254,6 +254,56 @@ you can include a hidden form input called ``next`` in your comment form. For ex
<input type="hidden" name="next" value="{% url 'my_comment_was_posted' %}" />
+Providing a comment form for authenticated users
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+If a user is already authenticated, it makes little sense to display the name,
+email, and URL fields, since these can already be retrieved from their login
+data and profile. In addition, some sites will only accept comments from
+authenticated users.
+
+To provide a comment form for authenticated users, you can manually provide the
+additional fields expected by the Django comments framework. For example,
+assuming comments are attached to the model "object"::
+
+ {% if user.is_authenticated %}
+ {% get_comment_form for object as form %}
+ <form action="{% comment_form_target %}" method="POST">
+ {% csrf_token %}
+ {{ form.comment }}
+ {{ form.honeypot }}
+ {{ form.content_type }}
+ {{ form.object_pk }}
+ {{ form.timestamp }}
+ {{ form.security_hash }}
+ <input type="hidden" name="next" value="{% url 'object_detail_view' object.id %}" />
+ <input type="submit" value="Add comment" id="id_submit" />
+ </form>
+ {% else %}
+ <p>Please <a href="{% url 'auth_login' %}">log in</a> to leave a comment.</p>
+ {% endif %}
+
+The honeypot, content_type, object_pk, timestamp, and security_hash fields are
+fields that would have been created automatically if you had simply used
+``{{ form }}`` in your template, and are referred to in `Notes on the comment
+form`_ below.
+
+Note that we do not need to specify the user to be associated with comments
+submitted by authenticated users. This is possible because the :doc:`Built-in
+Comment Models</ref/contrib/comments/models>` that come with Django associate
+comments with authenticated users by default.
+
+In this example, the honeypot field will still be visible to the user; you'll
+need to hide that field in your CSS::
+
+ #id_honeypot {
+ display: none;
+ }
+
+If you want to accept either anonymous or authenticated comments, replace the
+contents of the "else" clause above with a standard comment form and the right
+thing will happen whether a user is logged in or not.
+
.. _notes-on-the-comment-form:
Notes on the comment form