summaryrefslogtreecommitdiff
path: root/django/contrib
diff options
context:
space:
mode:
authorRobin Munn <robin.munn@gmail.com>2007-01-31 23:43:09 +0000
committerRobin Munn <robin.munn@gmail.com>2007-01-31 23:43:09 +0000
commitfe361e678a46dc4c717c79c2f12b3ba32293b81a (patch)
tree8f42488e7d95244bab3db7b2bf934e006940521a /django/contrib
parent122426e7453ed638a0c5be7e8b925adcddea3889 (diff)
Merged revisions 4186 to 4454 from trunk.
git-svn-id: http://code.djangoproject.com/svn/django/branches/sqlalchemy@4455 bcc190cf-cafb-0310-a4f2-bffc1f526a37
Diffstat (limited to 'django/contrib')
-rw-r--r--django/contrib/admin/templates/admin/auth/user/change_password.html52
-rw-r--r--django/contrib/admin/templates/admin/base.html5
-rw-r--r--django/contrib/admin/templates/admin/change_form.html2
-rw-r--r--django/contrib/admin/templates/admin/change_list.html2
-rw-r--r--django/contrib/admin/templatetags/admin_list.py14
-rw-r--r--django/contrib/admin/urls.py2
-rw-r--r--django/contrib/admin/views/auth.py41
-rw-r--r--django/contrib/admin/views/main.py10
-rw-r--r--django/contrib/admin/views/template.py10
-rw-r--r--django/contrib/auth/forms.py43
-rw-r--r--django/contrib/auth/models.py2
-rw-r--r--django/contrib/auth/views.py8
-rw-r--r--django/contrib/comments/views/comments.py32
-rw-r--r--django/contrib/contenttypes/models.py14
-rw-r--r--django/contrib/csrf/middleware.py2
-rw-r--r--django/contrib/formtools/preview.py13
-rw-r--r--django/contrib/sessions/middleware.py3
17 files changed, 192 insertions, 63 deletions
diff --git a/django/contrib/admin/templates/admin/auth/user/change_password.html b/django/contrib/admin/templates/admin/auth/user/change_password.html
new file mode 100644
index 0000000000..3d359ecf8f
--- /dev/null
+++ b/django/contrib/admin/templates/admin/auth/user/change_password.html
@@ -0,0 +1,52 @@
+{% extends "admin/base_site.html" %}
+{% load i18n admin_modify adminmedia %}
+{% block extrahead %}{{ block.super }}
+<script type="text/javascript" src="../../../../jsi18n/"></script>
+{% for js in javascript_imports %}{% include_admin_script js %}{% endfor %}
+{% endblock %}
+{% block stylesheet %}{% admin_media_prefix %}css/forms.css{% endblock %}
+{% block bodyclass %}{{ opts.app_label }}-{{ opts.object_name.lower }} change-form{% endblock %}
+{% block userlinks %}<a href="../../../../doc/">{% trans 'Documentation' %}</a> / <a href="../../../password_change/">{% trans 'Change password' %}</a> / <a href="../../../logout/">{% trans 'Log out' %}</a>{% endblock %}
+{% block breadcrumbs %}{% if not is_popup %}
+<div class="breadcrumbs">
+ <a href="../../../../">{% trans "Home" %}</a> &rsaquo;
+ <a href="../../">{{ opts.verbose_name_plural|capfirst|escape }}</a> &rsaquo;
+ <a href="../">{{ original|truncatewords:"18"|escape }}</a> &rsaquo;
+ {% trans 'Change password' %}
+</div>
+{% endif %}{% endblock %}
+{% block content %}<div id="content-main">
+<form action="{{ form_url }}" method="post" id="{{ opts.module_name }}_form">{% block form_top %}{% endblock %}
+<div>
+{% if is_popup %}<input type="hidden" name="_popup" value="1" />{% endif %}
+{% if form.error_dict %}
+ <p class="errornote">
+ {% blocktrans count form.error_dict.items|length as counter %}Please correct the error below.{% plural %}Please correct the errors below.{% endblocktrans %}
+ </p>
+{% endif %}
+
+<p>{% blocktrans with original.username|escape as username %}Enter a new password for the user <strong>{{ username }}</strong>.{% endblocktrans %}</p>
+
+<fieldset class="module aligned">
+
+<div class="form-row">
+ {{ form.password1.html_error_list }}
+ <label for="id_password1" class="required">{% trans 'Password' %}:</label> {{ form.password1 }}
+</div>
+
+<div class="form-row">
+ {{ form.password2.html_error_list }}
+ <label for="id_password2" class="required">{% trans 'Password (again)' %}:</label> {{ form.password2 }}
+ <p class="help">{% trans 'Enter the same password as above, for verification.' %}</p>
+</div>
+
+</fieldset>
+
+<div class="submit-row">
+<input type="submit" value="{% trans 'Change password' %}" class="default" />
+</div>
+
+<script type="text/javascript">document.getElementById("{{ first_form_field_id }}").focus();</script>
+</div>
+</form></div>
+{% endblock %}
diff --git a/django/contrib/admin/templates/admin/base.html b/django/contrib/admin/templates/admin/base.html
index b63604b268..d3e8c96b91 100644
--- a/django/contrib/admin/templates/admin/base.html
+++ b/django/contrib/admin/templates/admin/base.html
@@ -38,7 +38,10 @@
<div id="content" class="{% block coltype %}colM{% endblock %}">
{% block pretitle %}{% endblock %}
{% block content_title %}{% if title %}<h1>{{ title|escape }}</h1>{% endif %}{% endblock %}
- {% block content %}{{ content }}{% endblock %}
+ {% block content %}
+ {% block object-tools %}{% endblock %}
+ {{ content }}
+ {% endblock %}
{% block sidebar %}{% endblock %}
<br class="clear" />
</div>
diff --git a/django/contrib/admin/templates/admin/change_form.html b/django/contrib/admin/templates/admin/change_form.html
index b1fdc5ebdb..7e7b639139 100644
--- a/django/contrib/admin/templates/admin/change_form.html
+++ b/django/contrib/admin/templates/admin/change_form.html
@@ -16,11 +16,13 @@
</div>
{% endif %}{% endblock %}
{% block content %}<div id="content-main">
+{% block object-tools %}
{% if change %}{% if not is_popup %}
<ul class="object-tools"><li><a href="history/" class="historylink">{% trans "History" %}</a></li>
{% if has_absolute_url %}<li><a href="../../../r/{{ content_type_id }}/{{ object_id }}/" class="viewsitelink">{% trans "View on site" %}</a></li>{% endif%}
</ul>
{% endif %}{% endif %}
+{% endblock %}
<form {% if has_file_field %}enctype="multipart/form-data" {% endif %}action="{{ form_url }}" method="post" id="{{ opts.module_name }}_form">{% block form_top %}{% endblock %}
<div>
{% if is_popup %}<input type="hidden" name="_popup" value="1" />{% endif %}
diff --git a/django/contrib/admin/templates/admin/change_list.html b/django/contrib/admin/templates/admin/change_list.html
index bd2304bd52..f50a73c934 100644
--- a/django/contrib/admin/templates/admin/change_list.html
+++ b/django/contrib/admin/templates/admin/change_list.html
@@ -7,9 +7,11 @@
{% block coltype %}flex{% endblock %}
{% block content %}
<div id="content-main">
+{% block object-tools %}
{% if has_add_permission %}
<ul class="object-tools"><li><a href="add/{% if is_popup %}?_popup=1{% endif %}" class="addlink">{% blocktrans with cl.opts.verbose_name|escape as name %}Add {{ name }}{% endblocktrans %}</a></li></ul>
{% endif %}
+{% endblock %}
<div class="module{% if cl.has_filters %} filtered{% endif %}" id="changelist">
{% block search %}{% search_form cl %}{% endblock %}
{% block date_hierarchy %}{% date_hierarchy cl %}{% endblock %}
diff --git a/django/contrib/admin/templatetags/admin_list.py b/django/contrib/admin/templatetags/admin_list.py
index 832b3562cd..3c0c6f0ac2 100644
--- a/django/contrib/admin/templatetags/admin_list.py
+++ b/django/contrib/admin/templatetags/admin_list.py
@@ -101,6 +101,10 @@ def result_headers(cl):
"url": cl.get_query_string({ORDER_VAR: i, ORDER_TYPE_VAR: new_order_type}),
"class_attrib": (th_classes and ' class="%s"' % ' '.join(th_classes) or '')}
+def _boolean_icon(field_val):
+ BOOLEAN_MAPPING = {True: 'yes', False: 'no', None: 'unknown'}
+ return '<img src="%simg/admin/icon-%s.gif" alt="%s" />' % (settings.ADMIN_MEDIA_PREFIX, BOOLEAN_MAPPING[field_val], field_val)
+
def items_for_result(cl, result):
first = True
pk = cl.lookup_opts.pk.attname
@@ -114,9 +118,14 @@ def items_for_result(cl, result):
try:
attr = getattr(result, field_name)
allow_tags = getattr(attr, 'allow_tags', False)
+ boolean = getattr(attr, 'boolean', False)
if callable(attr):
attr = attr()
- result_repr = str(attr)
+ if boolean:
+ allow_tags = True
+ result_repr = _boolean_icon(attr)
+ else:
+ result_repr = str(attr)
except (AttributeError, ObjectDoesNotExist):
result_repr = EMPTY_CHANGELIST_VALUE
else:
@@ -147,8 +156,7 @@ def items_for_result(cl, result):
row_class = ' class="nowrap"'
# Booleans are special: We use images.
elif isinstance(f, models.BooleanField) or isinstance(f, models.NullBooleanField):
- BOOLEAN_MAPPING = {True: 'yes', False: 'no', None: 'unknown'}
- result_repr = '<img src="%simg/admin/icon-%s.gif" alt="%s" />' % (settings.ADMIN_MEDIA_PREFIX, BOOLEAN_MAPPING[field_val], field_val)
+ result_repr = _boolean_icon(field_val)
# FloatFields are special: Zero-pad the decimals.
elif isinstance(f, models.FloatField):
if field_val is not None:
diff --git a/django/contrib/admin/urls.py b/django/contrib/admin/urls.py
index aaf9841e45..508bb3a1ca 100644
--- a/django/contrib/admin/urls.py
+++ b/django/contrib/admin/urls.py
@@ -29,6 +29,8 @@ urlpatterns = patterns('',
# "Add user" -- a special-case view
('^auth/user/add/$', 'django.contrib.admin.views.auth.user_add_stage'),
+ # "Change user password" -- another special-case view
+ ('^auth/user/(\d+)/password/$', 'django.contrib.admin.views.auth.user_change_password'),
# Add/change/delete/history
('^([^/]+)/([^/]+)/$', 'django.contrib.admin.views.main.change_list'),
diff --git a/django/contrib/admin/views/auth.py b/django/contrib/admin/views/auth.py
index 03876bb4ac..bea1f8533c 100644
--- a/django/contrib/admin/views/auth.py
+++ b/django/contrib/admin/views/auth.py
@@ -1,10 +1,11 @@
from django.contrib.admin.views.decorators import staff_member_required
-from django.contrib.auth.forms import UserCreationForm
+from django.contrib.auth.forms import UserCreationForm, AdminPasswordChangeForm
from django.contrib.auth.models import User
from django.core.exceptions import PermissionDenied
-from django import forms, template
-from django.shortcuts import render_to_response
+from django import oldforms, template
+from django.shortcuts import render_to_response, get_object_or_404
from django.http import HttpResponseRedirect
+from django.utils.html import escape
def user_add_stage(request):
if not request.user.has_perm('auth.change_user'):
@@ -24,7 +25,7 @@ def user_add_stage(request):
return HttpResponseRedirect('../%s/' % new_user.id)
else:
errors = new_data = {}
- form = forms.FormWrapper(manipulator, new_data, errors)
+ form = oldforms.FormWrapper(manipulator, new_data, errors)
return render_to_response('admin/auth/user/add_form.html', {
'title': _('Add user'),
'form': form,
@@ -42,3 +43,35 @@ def user_add_stage(request):
'username_help_text': User._meta.get_field('username').help_text,
}, context_instance=template.RequestContext(request))
user_add_stage = staff_member_required(user_add_stage)
+
+def user_change_password(request, id):
+ if not request.user.has_perm('auth.change_user'):
+ raise PermissionDenied
+ user = get_object_or_404(User, pk=id)
+ manipulator = AdminPasswordChangeForm(user)
+ if request.method == 'POST':
+ new_data = request.POST.copy()
+ errors = manipulator.get_validation_errors(new_data)
+ if not errors:
+ new_user = manipulator.save(new_data)
+ msg = _('Password changed successfully.')
+ request.user.message_set.create(message=msg)
+ return HttpResponseRedirect('..')
+ else:
+ errors = new_data = {}
+ form = oldforms.FormWrapper(manipulator, new_data, errors)
+ return render_to_response('admin/auth/user/change_password.html', {
+ 'title': _('Change password: %s') % escape(user.username),
+ 'form': form,
+ 'is_popup': request.REQUEST.has_key('_popup'),
+ 'add': True,
+ 'change': False,
+ 'has_delete_permission': False,
+ 'has_change_permission': True,
+ 'has_absolute_url': False,
+ 'first_form_field_id': 'id_password1',
+ 'opts': User._meta,
+ 'original': user,
+ 'show_save': True,
+ }, context_instance=template.RequestContext(request))
+user_change_password = staff_member_required(user_change_password)
diff --git a/django/contrib/admin/views/main.py b/django/contrib/admin/views/main.py
index c9cff0e374..282038e205 100644
--- a/django/contrib/admin/views/main.py
+++ b/django/contrib/admin/views/main.py
@@ -1,4 +1,4 @@
-from django import forms, template
+from django import oldforms, template
from django.conf import settings
from django.contrib.admin.filterspecs import FilterSpec
from django.contrib.admin.views.decorators import staff_member_required
@@ -46,8 +46,8 @@ def quote(s):
"""
Ensure that primary key values do not confuse the admin URLs by escaping
any '/', '_' and ':' characters. Similar to urllib.quote, except that the
- quoting is slightly different so that it doesn't get autoamtically
- unquoted by the web browser.
+ quoting is slightly different so that it doesn't get automatically
+ unquoted by the Web browser.
"""
if type(s) != type(''):
return s
@@ -283,7 +283,7 @@ def add_stage(request, app_label, model_name, show_delete=False, form_url='', po
errors = {}
# Populate the FormWrapper.
- form = forms.FormWrapper(manipulator, new_data, errors)
+ form = oldforms.FormWrapper(manipulator, new_data, errors)
c = template.RequestContext(request, {
'title': _('Add %s') % opts.verbose_name,
@@ -374,7 +374,7 @@ def change_stage(request, app_label, model_name, object_id):
errors = {}
# Populate the FormWrapper.
- form = forms.FormWrapper(manipulator, new_data, errors)
+ form = oldforms.FormWrapper(manipulator, new_data, errors)
form.original = manipulator.original_object
form.order_objects = []
diff --git a/django/contrib/admin/views/template.py b/django/contrib/admin/views/template.py
index 93d110b045..a3b4538b10 100644
--- a/django/contrib/admin/views/template.py
+++ b/django/contrib/admin/views/template.py
@@ -1,6 +1,6 @@
from django.contrib.admin.views.decorators import staff_member_required
from django.core import validators
-from django import template, forms
+from django import template, oldforms
from django.template import loader
from django.shortcuts import render_to_response
from django.contrib.sites.models import Site
@@ -25,17 +25,17 @@ def template_validator(request):
request.user.message_set.create(message='The template is valid.')
return render_to_response('admin/template_validator.html', {
'title': 'Template validator',
- 'form': forms.FormWrapper(manipulator, new_data, errors),
+ 'form': oldforms.FormWrapper(manipulator, new_data, errors),
}, context_instance=template.RequestContext(request))
template_validator = staff_member_required(template_validator)
-class TemplateValidator(forms.Manipulator):
+class TemplateValidator(oldforms.Manipulator):
def __init__(self, settings_modules):
self.settings_modules = settings_modules
site_list = Site.objects.in_bulk(settings_modules.keys()).values()
self.fields = (
- forms.SelectField('site', is_required=True, choices=[(s.id, s.name) for s in site_list]),
- forms.LargeTextField('template', is_required=True, rows=25, validator_list=[self.isValidTemplate]),
+ oldforms.SelectField('site', is_required=True, choices=[(s.id, s.name) for s in site_list]),
+ oldforms.LargeTextField('template', is_required=True, rows=25, validator_list=[self.isValidTemplate]),
)
def isValidTemplate(self, field_data, all_data):
diff --git a/django/contrib/auth/forms.py b/django/contrib/auth/forms.py
index 24c69cb73e..7700ec7d7a 100644
--- a/django/contrib/auth/forms.py
+++ b/django/contrib/auth/forms.py
@@ -3,16 +3,16 @@ from django.contrib.auth import authenticate
from django.contrib.sites.models import Site
from django.template import Context, loader
from django.core import validators
-from django import forms
+from django import oldforms
-class UserCreationForm(forms.Manipulator):
+class UserCreationForm(oldforms.Manipulator):
"A form that creates a user, with no privileges, from the given username and password."
def __init__(self):
self.fields = (
- forms.TextField(field_name='username', length=30, maxlength=30, is_required=True,
+ oldforms.TextField(field_name='username', length=30, maxlength=30, is_required=True,
validator_list=[validators.isAlphaNumeric, self.isValidUsername]),
- forms.PasswordField(field_name='password1', length=30, maxlength=60, is_required=True),
- forms.PasswordField(field_name='password2', length=30, maxlength=60, is_required=True,
+ oldforms.PasswordField(field_name='password1', length=30, maxlength=60, is_required=True),
+ oldforms.PasswordField(field_name='password2', length=30, maxlength=60, is_required=True,
validator_list=[validators.AlwaysMatchesOtherField('password1', _("The two password fields didn't match."))]),
)
@@ -27,7 +27,7 @@ class UserCreationForm(forms.Manipulator):
"Creates the user."
return User.objects.create_user(new_data['username'], '', new_data['password1'])
-class AuthenticationForm(forms.Manipulator):
+class AuthenticationForm(oldforms.Manipulator):
"""
Base class for authenticating users. Extend this to get a form that accepts
username/password logins.
@@ -41,9 +41,9 @@ class AuthenticationForm(forms.Manipulator):
"""
self.request = request
self.fields = [
- forms.TextField(field_name="username", length=15, maxlength=30, is_required=True,
+ oldforms.TextField(field_name="username", length=15, maxlength=30, is_required=True,
validator_list=[self.isValidUser, self.hasCookiesEnabled]),
- forms.PasswordField(field_name="password", length=15, maxlength=30, is_required=True),
+ oldforms.PasswordField(field_name="password", length=15, maxlength=30, is_required=True),
]
self.user_cache = None
@@ -68,11 +68,11 @@ class AuthenticationForm(forms.Manipulator):
def get_user(self):
return self.user_cache
-class PasswordResetForm(forms.Manipulator):
+class PasswordResetForm(oldforms.Manipulator):
"A form that lets a user request a password reset"
def __init__(self):
self.fields = (
- forms.EmailField(field_name="email", length=40, is_required=True,
+ oldforms.EmailField(field_name="email", length=40, is_required=True,
validator_list=[self.isValidUserEmail]),
)
@@ -105,16 +105,16 @@ class PasswordResetForm(forms.Manipulator):
}
send_mail('Password reset on %s' % site_name, t.render(Context(c)), None, [self.user_cache.email])
-class PasswordChangeForm(forms.Manipulator):
+class PasswordChangeForm(oldforms.Manipulator):
"A form that lets a user change his password."
def __init__(self, user):
self.user = user
self.fields = (
- forms.PasswordField(field_name="old_password", length=30, maxlength=30, is_required=True,
+ oldforms.PasswordField(field_name="old_password", length=30, maxlength=30, is_required=True,
validator_list=[self.isValidOldPassword]),
- forms.PasswordField(field_name="new_password1", length=30, maxlength=30, is_required=True,
+ oldforms.PasswordField(field_name="new_password1", length=30, maxlength=30, is_required=True,
validator_list=[validators.AlwaysMatchesOtherField('new_password2', _("The two 'new password' fields didn't match."))]),
- forms.PasswordField(field_name="new_password2", length=30, maxlength=30, is_required=True),
+ oldforms.PasswordField(field_name="new_password2", length=30, maxlength=30, is_required=True),
)
def isValidOldPassword(self, new_data, all_data):
@@ -126,3 +126,18 @@ class PasswordChangeForm(forms.Manipulator):
"Saves the new password."
self.user.set_password(new_data['new_password1'])
self.user.save()
+
+class AdminPasswordChangeForm(oldforms.Manipulator):
+ "A form used to change the password of a user in the admin interface."
+ def __init__(self, user):
+ self.user = user
+ self.fields = (
+ oldforms.PasswordField(field_name='password1', length=30, maxlength=60, is_required=True),
+ oldforms.PasswordField(field_name='password2', length=30, maxlength=60, is_required=True,
+ validator_list=[validators.AlwaysMatchesOtherField('password1', _("The two password fields didn't match."))]),
+ )
+
+ def save(self, new_data):
+ "Saves the new password."
+ self.user.set_password(new_data['password1'])
+ self.user.save()
diff --git a/django/contrib/auth/models.py b/django/contrib/auth/models.py
index 58cc07efa9..4f4f0b7538 100644
--- a/django/contrib/auth/models.py
+++ b/django/contrib/auth/models.py
@@ -91,7 +91,7 @@ class User(models.Model):
first_name = models.CharField(_('first name'), maxlength=30, blank=True)
last_name = models.CharField(_('last name'), maxlength=30, blank=True)
email = models.EmailField(_('e-mail address'), blank=True)
- password = models.CharField(_('password'), maxlength=128, help_text=_("Use '[algo]$[salt]$[hexdigest]'"))
+ password = models.CharField(_('password'), maxlength=128, help_text=_("Use '[algo]$[salt]$[hexdigest]' or use the <a href=\"password/\">change password form</a>."))
is_staff = models.BooleanField(_('staff status'), default=False, help_text=_("Designates whether the user can log into this admin site."))
is_active = models.BooleanField(_('active'), default=True, help_text=_("Designates whether this user can log into the Django admin. Unselect this instead of deleting accounts."))
is_superuser = models.BooleanField(_('superuser status'), default=False, help_text=_("Designates that this user has all permissions without explicitly assigning them."))
diff --git a/django/contrib/auth/views.py b/django/contrib/auth/views.py
index 6882755787..fda17b91fb 100644
--- a/django/contrib/auth/views.py
+++ b/django/contrib/auth/views.py
@@ -1,6 +1,6 @@
from django.contrib.auth.forms import AuthenticationForm
from django.contrib.auth.forms import PasswordResetForm, PasswordChangeForm
-from django import forms
+from django import oldforms
from django.shortcuts import render_to_response
from django.template import RequestContext
from django.contrib.sites.models import Site
@@ -26,7 +26,7 @@ def login(request, template_name='registration/login.html'):
errors = {}
request.session.set_test_cookie()
return render_to_response(template_name, {
- 'form': forms.FormWrapper(manipulator, request.POST, errors),
+ 'form': oldforms.FormWrapper(manipulator, request.POST, errors),
REDIRECT_FIELD_NAME: redirect_to,
'site_name': Site.objects.get_current().name,
}, context_instance=RequestContext(request))
@@ -62,7 +62,7 @@ def password_reset(request, is_admin_site=False, template_name='registration/pas
else:
form.save(email_template_name=email_template_name)
return HttpResponseRedirect('%sdone/' % request.path)
- return render_to_response(template_name, {'form': forms.FormWrapper(form, new_data, errors)},
+ return render_to_response(template_name, {'form': oldforms.FormWrapper(form, new_data, errors)},
context_instance=RequestContext(request))
def password_reset_done(request, template_name='registration/password_reset_done.html'):
@@ -77,7 +77,7 @@ def password_change(request, template_name='registration/password_change_form.ht
if not errors:
form.save(new_data)
return HttpResponseRedirect('%sdone/' % request.path)
- return render_to_response(template_name, {'form': forms.FormWrapper(form, new_data, errors)},
+ return render_to_response(template_name, {'form': oldforms.FormWrapper(form, new_data, errors)},
context_instance=RequestContext(request))
password_change = login_required(password_change)
diff --git a/django/contrib/comments/views/comments.py b/django/contrib/comments/views/comments.py
index 3640da90fe..12330afe41 100644
--- a/django/contrib/comments/views/comments.py
+++ b/django/contrib/comments/views/comments.py
@@ -1,5 +1,5 @@
from django.core import validators
-from django import forms
+from django import oldforms
from django.core.mail import mail_admins, mail_managers
from django.http import Http404
from django.core.exceptions import ObjectDoesNotExist
@@ -28,37 +28,37 @@ class PublicCommentManipulator(AuthenticationForm):
else:
return []
self.fields.extend([
- forms.LargeTextField(field_name="comment", maxlength=3000, is_required=True,
+ oldforms.LargeTextField(field_name="comment", maxlength=3000, is_required=True,
validator_list=[self.hasNoProfanities]),
- forms.RadioSelectField(field_name="rating1", choices=choices,
+ oldforms.RadioSelectField(field_name="rating1", choices=choices,
is_required=ratings_required and num_rating_choices > 0,
validator_list=get_validator_list(1),
),
- forms.RadioSelectField(field_name="rating2", choices=choices,
+ oldforms.RadioSelectField(field_name="rating2", choices=choices,
is_required=ratings_required and num_rating_choices > 1,
validator_list=get_validator_list(2),
),
- forms.RadioSelectField(field_name="rating3", choices=choices,
+ oldforms.RadioSelectField(field_name="rating3", choices=choices,
is_required=ratings_required and num_rating_choices > 2,
validator_list=get_validator_list(3),
),
- forms.RadioSelectField(field_name="rating4", choices=choices,
+ oldforms.RadioSelectField(field_name="rating4", choices=choices,
is_required=ratings_required and num_rating_choices > 3,
validator_list=get_validator_list(4),
),
- forms.RadioSelectField(field_name="rating5", choices=choices,
+ oldforms.RadioSelectField(field_name="rating5", choices=choices,
is_required=ratings_required and num_rating_choices > 4,
validator_list=get_validator_list(5),
),
- forms.RadioSelectField(field_name="rating6", choices=choices,
+ oldforms.RadioSelectField(field_name="rating6", choices=choices,
is_required=ratings_required and num_rating_choices > 5,
validator_list=get_validator_list(6),
),
- forms.RadioSelectField(field_name="rating7", choices=choices,
+ oldforms.RadioSelectField(field_name="rating7", choices=choices,
is_required=ratings_required and num_rating_choices > 6,
validator_list=get_validator_list(7),
),
- forms.RadioSelectField(field_name="rating8", choices=choices,
+ oldforms.RadioSelectField(field_name="rating8", choices=choices,
is_required=ratings_required and num_rating_choices > 7,
validator_list=get_validator_list(8),
),
@@ -117,13 +117,13 @@ class PublicCommentManipulator(AuthenticationForm):
mail_managers("Comment posted by sketchy user (%s)" % self.user_cache.username, c.get_as_text())
return c
-class PublicFreeCommentManipulator(forms.Manipulator):
+class PublicFreeCommentManipulator(oldforms.Manipulator):
"Manipulator that handles public free (unregistered) comments"
def __init__(self):
self.fields = (
- forms.TextField(field_name="person_name", maxlength=50, is_required=True,
+ oldforms.TextField(field_name="person_name", maxlength=50, is_required=True,
validator_list=[self.hasNoProfanities]),
- forms.LargeTextField(field_name="comment", maxlength=3000, is_required=True,
+ oldforms.LargeTextField(field_name="comment", maxlength=3000, is_required=True,
validator_list=[self.hasNoProfanities]),
)
@@ -221,9 +221,9 @@ def post_comment(request):
from django.contrib.auth import login
login(request, manipulator.get_user())
if errors or request.POST.has_key('preview'):
- class CommentFormWrapper(forms.FormWrapper):
+ class CommentFormWrapper(oldforms.FormWrapper):
def __init__(self, manipulator, new_data, errors, rating_choices):
- forms.FormWrapper.__init__(self, manipulator, new_data, errors)
+ oldforms.FormWrapper.__init__(self, manipulator, new_data, errors)
self.rating_choices = rating_choices
def ratings(self):
field_list = [self['rating%d' % (i+1)] for i in range(len(rating_choices))]
@@ -302,7 +302,7 @@ def post_free_comment(request):
comment = errors and '' or manipulator.get_comment(new_data)
return render_to_response('comments/free_preview.html', {
'comment': comment,
- 'comment_form': forms.FormWrapper(manipulator, new_data, errors),
+ 'comment_form': oldforms.FormWrapper(manipulator, new_data, errors),
'options': options,
'target': target,
'hash': security_hash,
diff --git a/django/contrib/contenttypes/models.py b/django/contrib/contenttypes/models.py
index a95748a9a1..3384134cb2 100644
--- a/django/contrib/contenttypes/models.py
+++ b/django/contrib/contenttypes/models.py
@@ -1,6 +1,7 @@
from django.db import models
from django.utils.translation import gettext_lazy as _
+CONTENT_TYPE_CACHE = {}
class ContentTypeManager(models.Manager):
def get_for_model(self, model):
"""
@@ -8,10 +9,15 @@ class ContentTypeManager(models.Manager):
ContentType if necessary.
"""
opts = model._meta
- # The str() is needed around opts.verbose_name because it's a
- # django.utils.functional.__proxy__ object.
- ct, created = self.model._default_manager.get_or_create(app_label=opts.app_label,
- model=opts.object_name.lower(), defaults={'name': str(opts.verbose_name)})
+ key = (opts.app_label, opts.object_name.lower())
+ try:
+ ct = CONTENT_TYPE_CACHE[key]
+ except KeyError:
+ # The str() is needed around opts.verbose_name because it's a
+ # django.utils.functional.__proxy__ object.
+ ct, created = self.model._default_manager.get_or_create(app_label=key[0],
+ model=key[1], defaults={'name': str(opts.verbose_name)})
+ CONTENT_TYPE_CACHE[key] = ct
return ct
class ContentType(models.Model):
diff --git a/django/contrib/csrf/middleware.py b/django/contrib/csrf/middleware.py
index f6f78867dc..93a9484ca6 100644
--- a/django/contrib/csrf/middleware.py
+++ b/django/contrib/csrf/middleware.py
@@ -11,7 +11,7 @@ import md5
import re
import itertools
-_ERROR_MSG = "<h1>403 Forbidden</h1><p>Cross Site Request Forgery detected. Request aborted.</p>"
+_ERROR_MSG = '<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><body><h1>403 Forbidden</h1><p>Cross Site Request Forgery detected. Request aborted.</p></body></html>'
_POST_FORM_RE = \
re.compile(r'(<form\W[^>]*\bmethod=(\'|"|)POST(\'|"|)\b[^>]*>)', re.IGNORECASE)
diff --git a/django/contrib/formtools/preview.py b/django/contrib/formtools/preview.py
index 9a9371b5f8..daecba7928 100644
--- a/django/contrib/formtools/preview.py
+++ b/django/contrib/formtools/preview.py
@@ -48,6 +48,7 @@ from django.conf import settings
from django.core.exceptions import ImproperlyConfigured
from django.http import Http404
from django.shortcuts import render_to_response
+from django.template.context import RequestContext
import cPickle as pickle
import md5
@@ -91,7 +92,9 @@ class FormPreview(object):
def preview_get(self, request):
"Displays the form"
f = self.form(auto_id=AUTO_ID)
- return render_to_response(self.form_template, {'form': f, 'stage_field': self.unused_name('stage'), 'state': self.state})
+ return render_to_response(self.form_template,
+ {'form': f, 'stage_field': self.unused_name('stage'), 'state': self.state},
+ context_instance=RequestContext(request))
def preview_post(self, request):
"Validates the POST data. If valid, displays the preview page. Else, redisplays form."
@@ -100,9 +103,9 @@ class FormPreview(object):
if f.is_valid():
context['hash_field'] = self.unused_name('hash')
context['hash_value'] = self.security_hash(request, f)
- return render_to_response(self.preview_template, context)
+ return render_to_response(self.preview_template, context, context_instance=RequestContext(request))
else:
- return render_to_response(self.form_template, context)
+ return render_to_response(self.form_template, context, context_instance=RequestContext(request))
def post_post(self, request):
"Validates the POST data. If valid, calls done(). Else, redisplays form."
@@ -112,7 +115,9 @@ class FormPreview(object):
return self.failed_hash(request) # Security hash failed.
return self.done(request, f.clean_data)
else:
- return render_to_response(self.form_template, {'form': f, 'stage_field': self.unused_name('stage'), 'state': self.state})
+ return render_to_response(self.form_template,
+ {'form': f, 'stage_field': self.unused_name('stage'), 'state': self.state},
+ context_instance=RequestContext(request))
# METHODS SUBCLASSES MIGHT OVERRIDE IF APPROPRIATE ########################
diff --git a/django/contrib/sessions/middleware.py b/django/contrib/sessions/middleware.py
index 2337ad8a61..728caa7e19 100644
--- a/django/contrib/sessions/middleware.py
+++ b/django/contrib/sessions/middleware.py
@@ -1,5 +1,6 @@
from django.conf import settings
from django.contrib.sessions.models import Session
+from django.core.exceptions import SuspiciousOperation
from django.utils.cache import patch_vary_headers
import datetime
@@ -55,7 +56,7 @@ class SessionWrapper(object):
s = Session.objects.get(session_key=self.session_key,
expire_date__gt=datetime.datetime.now())
self._session_cache = s.get_decoded()
- except Session.DoesNotExist:
+ except (Session.DoesNotExist, SuspiciousOperation):
self._session_cache = {}
# Set the session_key to None to force creation of a new
# key, for extra security.
generated by cgit v1.3 (git 2.53.0) at 2026-05-02 05:03:52 +0000