Mercurial > public > sg101
comparison gpp/templates/messages/view.html @ 194:6a5549c2efb5
Implement #62, add support for CSRF protection.
| author | Brian Neal <bgneal@gmail.com> |
|---|---|
| date | Sat, 03 Apr 2010 20:00:56 +0000 |
| parents | 7ad1f3e77cd9 |
| children | daa2916f5b34 |
comparison
equal
deleted
inserted
replaced
| 193:fa7d82bfb100 | 194:6a5549c2efb5 |
|---|---|
| 19 <div class="message-signature"> | 19 <div class="message-signature"> |
| 20 {{ msg.sender.get_profile.signature_html|safe }} | 20 {{ msg.sender.get_profile.signature_html|safe }} |
| 21 </div> | 21 </div> |
| 22 {% endif %} | 22 {% endif %} |
| 23 {% if is_deleted %} | 23 {% if is_deleted %} |
| 24 <form action="{% url messages-undelete msg.id %}" method="post"> | 24 <form action="{% url messages-undelete msg.id %}" method="post">{% csrf_token %} |
| 25 {% if box %}<input type="hidden" name="box" value="{{ box }}" />{% endif %} | 25 {% if box %}<input type="hidden" name="box" value="{{ box }}" />{% endif %} |
| 26 <input type="submit" value="Undelete" /> | 26 <input type="submit" value="Undelete" /> |
| 27 </form> | 27 </form> |
| 28 {% else %} | 28 {% else %} |
| 29 <a href="{% url messages-reply msg.id %}{% if box %}?box={{ box }}{% endif %}">Reply</a> | | 29 <a href="{% url messages-reply msg.id %}{% if box %}?box={{ box }}{% endif %}">Reply</a> | |
| 30 <form action="{% url messages-delete msg.id %}" method="post" class="messages-button"> | 30 <form action="{% url messages-delete msg.id %}" method="post" class="messages-button">{% csrf_token %} |
| 31 {% if box %}<input type="hidden" name="box" value="{{ box }}" />{% endif %} | 31 {% if box %}<input type="hidden" name="box" value="{{ box }}" />{% endif %} |
| 32 <input type="submit" value="Delete" /> | 32 <input type="submit" value="Delete" /> |
| 33 </form> | 33 </form> |
| 34 {% endif %} | 34 {% endif %} |
| 35 {% endblock %} | 35 {% endblock %} |