mozilla
/
spark
зеркало из
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Modified boost2_confirm to require a POST request.

This commit is contained in:
sork 2011-02-20 01:03:17 +01:00
Родитель e191d1c887
Коммит ddc6398746
6 изменённых файлов: 28 добавлений и 21 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

2
apps/mobile/templates/mobile/boost_step2.html
Просмотреть файл

@ -21,7 +21,7 @@
{{ csrf() }}
<fieldset id="identifier" class="section">
<div class="input-wrapper">
<input tabindex="1" type="text" name="identifier" value="{{ form.identifier.data }}" placeholder="Username or Email address" required>
<input tabindex="1" type="text" name="identifier" value="{{ form.identifier.data }}" placeholder="Username or Email address">
</div>
{{ form.identifier.errors|safe }}
</fieldset>

6
apps/mobile/templates/mobile/boost_step2_found.html
Просмотреть файл

@ -20,8 +20,12 @@
{{ parent }}
</p>
</div>
<form action="{{ url('mobile.boost2_confirm') }}" method="POST">
{{ csrf() }}
<input type="hidden" name="parent" value="{{ parent }}">
<div class="buttons-wrapper">
<div class="button left-button"><a href="{{ url('mobile.home') }}">{{ _('Maybe later') }}</a></div>
<div class="button right-button"><a href="{{ url('mobile.boost2_confirm')|urlparams(parent=parent) }}">{{ _('Complete') }}</a></div>
<button ontouchstart="" class="right-button" type="submit">{{ _('Complete') }}</button>
</div>
</form>
{% endblock %}

22
apps/mobile/views.py
Просмотреть файл

@ -1,15 +1,17 @@
from spark.urlresolvers import reverse
from django.http import HttpResponseRedirect
import jingo
from spark.urlresolvers import reverse
from spark.decorators import post_required
from users.models import User
from .forms import BoostStep2Form
from .decorators import login_required, logout_required
def home(request):
if request.user.is_authenticated():
return jingo.render(request, 'mobile/myspark.html', {})
@ -33,8 +35,12 @@ def boost2(request):
if request.method == 'POST':
form = BoostStep2Form(request.user, request.POST)
if form.is_valid():
if form.parent_username:
return jingo.render(request, 'mobile/boost_step2_found.html',
{'parent': form.parent_username})
else: # User just checked the checkbox
return HttpResponseRedirect(reverse('mobile.home'))
else:
form = BoostStep2Form(request.user)
@ -42,17 +48,15 @@ def boost2(request):
@login_required
@post_required
def boost2_confirm(request):
""" Boost your Spark step 2/2 completion. """
parent = None
username = request.GET.get('parent')
username = request.POST.get('parent')
if username:
parent = User.objects.filter(username=username)
if parent:
parent_user = User.objects.filter(username=username)
if parent_user:
return HttpResponseRedirect(reverse('mobile.home'))
else:
return jingo.render(request, 'spark/handlers/mobile/400.html', status=400)

4
apps/spark/decorators.py
Просмотреть файл

@ -4,7 +4,7 @@ from functools import wraps
from django.conf import settings
from django.contrib.auth import REDIRECT_FIELD_NAME
from django.http import HttpResponse, HttpResponseForbidden, HttpResponseRedirect, HttpResponseBadRequest
from django.http import HttpResponse, HttpResponseForbidden, HttpResponseRedirect, HttpResponseBadRequest, HttpResponseNotAllowed
from django.utils.decorators import available_attrs
from django.utils.http import urlquote
@ -97,7 +97,7 @@ def post_required(f):
@wraps(f)
def wrapper(request, *args, **kw):
if request.method != 'POST':
return http.HttpResponseNotAllowed(['POST'])
return HttpResponseNotAllowed(['POST'])
else:
return f(request, *args, **kw)
return wrapper

3
apps/spark/templates/spark/handlers/mobile/400.html
Просмотреть файл

@ -1,6 +1,5 @@
{% extends "mobile/page.html" %}
{% set title = _('Spark! Boost your Spark') %}
{% set body_id = 'boost' %}
{% set title = _('Spark! Error') %}
{% set pagetitle = _('Oops, your request was unsuccessful') %}
{% set message = _("We couldn't perform your request. Perhaps because the action is no longer applicable or you tried to perform an invalid action.") %}