def post_comment(request, *args, **kwargs):
data = request.POST.copy()
if request.user.is_authenticated():
if not request.user.get_full_name() == request.POST['name']:
# name field spoofed!
data['name'] = request.user.get_full_name() or request.user.username
if not request.user.email == request.POST['email']:
# email field spoofed!
data['email'] = request.user.email
if not data.get('url', '') and request.user.get_profile().website:
data["url"] = request.user.get_profile().website
request.POST = data
return django_post_comment(request, *args, **kwargs)
def post_comment(request):
jsonobject = {}
if request.method == "POST":
data = request.POST.copy()
verification_code = data.get("verification")
object_pk = data.get("object_pk")
verified = False
try:
#Uppfaert. Spurning geymd i stigull/templates/comments/forms.html
if verification_code == 'geirfugl':
verified = True
except:
verified = False
if not verified:
jsonobject['succeeded'] = False
return JSONResponse(object = jsonobject)
django_post_comment(request) #TODO: Better validation!
ctype = data.get("content_type")
if ctype is None or object_pk is None:
jsonobject['succeeded'] = False
else:
try:
model = models.get_model(*ctype.split(".", 1))
object = model._default_manager.get(pk=object_pk)
except TypeError:
jsonobject['succeeded'] = False
else:
jsonobject['succeeded'] = True
jsonobject['comments'] = render_to_string('comments/list_of_comments.html', {'object': object, 'user': request.user })
else:
jsonobject['succeeded'] = False
return JSONResponse(object = jsonobject)