def post_comment(request, *args, **kwargs): data = request.POST.copy() if request.user.is_authenticated(): if not request.user.get_full_name() == request.POST['name']: # name field spoofed! data['name'] = request.user.get_full_name() or request.user.username if not request.user.email == request.POST['email']: # email field spoofed! data['email'] = request.user.email if not data.get('url', '') and request.user.get_profile().website: data["url"] = request.user.get_profile().website request.POST = data return django_post_comment(request, *args, **kwargs)
def post_comment(request): jsonobject = {} if request.method == "POST": data = request.POST.copy() verification_code = data.get("verification") object_pk = data.get("object_pk") verified = False try: #Uppfaert. Spurning geymd i stigull/templates/comments/forms.html if verification_code == 'geirfugl': verified = True except: verified = False if not verified: jsonobject['succeeded'] = False return JSONResponse(object = jsonobject) django_post_comment(request) #TODO: Better validation! ctype = data.get("content_type") if ctype is None or object_pk is None: jsonobject['succeeded'] = False else: try: model = models.get_model(*ctype.split(".", 1)) object = model._default_manager.get(pk=object_pk) except TypeError: jsonobject['succeeded'] = False else: jsonobject['succeeded'] = True jsonobject['comments'] = render_to_string('comments/list_of_comments.html', {'object': object, 'user': request.user }) else: jsonobject['succeeded'] = False return JSONResponse(object = jsonobject)