From 1872b814dbfd935182d3e0b8166fbb67053d85ee Mon Sep 17 00:00:00 2001 From: Adrien Dorsaz Date: Thu, 8 Aug 2013 08:03:30 +0200 Subject: Use django to protect forms (except create form, because of other work not commited) --- papillon/templates/edit.html | 1 + papillon/templates/editChoices.html | 1 + papillon/templates/editChoicesAdmin.html | 1 + papillon/templates/vote.html | 1 + 4 files changed, 4 insertions(+) diff --git a/papillon/templates/edit.html b/papillon/templates/edit.html index 647700d..19d621d 100644 --- a/papillon/templates/edit.html +++ b/papillon/templates/edit.html @@ -12,6 +12,7 @@ {% block content %}

{% trans "Edit poll" %}

+ {% csrf_token %} diff --git a/papillon/templates/editChoices.html b/papillon/templates/editChoices.html index 7e059a8..293f567 100644 --- a/papillon/templates/editChoices.html +++ b/papillon/templates/editChoices.html @@ -4,6 +4,7 @@

{% trans "New choice" %}

{%if form_new_choice.errors %}

{{form_new_choice.errors}}

{%endif%} + {% csrf_token %} {{form_new_choice.poll}} {{form_new_choice.order}}
diff --git a/papillon/templates/editChoicesAdmin.html b/papillon/templates/editChoicesAdmin.html index d296a16..78d3be5 100644 --- a/papillon/templates/editChoicesAdmin.html +++ b/papillon/templates/editChoicesAdmin.html @@ -28,6 +28,7 @@ {% for choice in choices %} + {% csrf_token %} {{choice.form.poll}}{{choice.form.order}} {%if not poll.dated_choices%}{%endif%} diff --git a/papillon/templates/vote.html b/papillon/templates/vote.html index 204f553..8861e6c 100644 --- a/papillon/templates/vote.html +++ b/papillon/templates/vote.html @@ -15,6 +15,7 @@ {% if not poll.open %}

{% trans "The current poll is closed."%}

{% endif %}

{{ poll.description|safe }}

+ {% csrf_token %}
+ / -
-- cgit v1.2.3