Mercurial > public > sg101

diff gpp/templates/bio/edit_elsewhere.html @ 194:6a5549c2efb5

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Implement #62, add support for CSRF protection.
author Brian Neal <bgneal@gmail.com>
date Sat, 03 Apr 2010 20:00:56 +0000
parents c7d75cdfea21
children daa2916f5b34
line wrap: on
line diff
--- a/gpp/templates/bio/edit_elsewhere.html	Sat Apr 03 02:15:04 2010 +0000
+++ b/gpp/templates/bio/edit_elsewhere.html	Sat Apr 03 20:00:56 2010 +0000
@@ -9,7 +9,7 @@
         <li>
         <img src="{{ MEDIA_URL }}elsewhere/{{ profile.icon_name }}" alt="{{ profile.name }}" />
             <a href="{{ profile.url }}" rel="me">{{ profile.name }}</a>
-            <form id="delete-network-{{ profile.id }}" method="post" action=".">
+            <form id="delete-network-{{ profile.id }}" method="post" action=".">{% csrf_token %}
                 <input type="hidden" name="delete_id" value="{{ profile.id }}" />
                 <input type="submit" name="delete-sn-form" value="Delete" class="button" />
             </form>
@@ -20,7 +20,7 @@
     <p>No social network profiles.</p>
 {% endif %}
 
-<form method="post" action=".">
+<form method="post" action=".">{% csrf_token %}
 <fieldset>
 <legend>Add a Social Network</legend>
     {{ sn_form.as_p }}
@@ -38,7 +38,7 @@
         <li>
         <img src="{{ MEDIA_URL }}elsewhere/{{ profile.icon_name }}" alt="{{ profile.name }}" />
             {{ profile.name }}: <a href="{{ profile.url }}">{{ profile.username }}</a>
-            <form id="delete-messenger-{{ profile.id }}" method="post" action=".">
+            <form id="delete-messenger-{{ profile.id }}" method="post" action=".">{% csrf_token %}
                 <input type="hidden" name="delete_id" value="{{ profile.id }}" />
                 <input type="submit" name="delete-im-form" value="Delete" class="button" />
             </form>
@@ -49,7 +49,7 @@
     <p>No instant messenger profiles.</p>
 {% endif %}
 
-<form method="post" action=".">
+<form method="post" action=".">{% csrf_token %}
 <fieldset>
 <legend>Add an Instant Messenger</legend>
     {{ im_form.as_p }}
@@ -64,7 +64,7 @@
         <li>
            <img src="{{ MEDIA_URL }}icons/world.png" alt="{{ profile.name }}" />
             <a href="{{ profile.url }}" rel="me">{{ profile.name }}</a>
-            <form id="delete-website-{{ profile.id }}" method="post" action=".">
+            <form id="delete-website-{{ profile.id }}" method="post" action=".">{% csrf_token %}
                 <input type="hidden" name="delete_id" value="{{ profile.id }}" />
                 <input type="submit" name="delete-w-form" value="Delete" class="button" />
             </form>
@@ -75,7 +75,7 @@
     <p>No website profiles.</p>
 {% endif %}
 
-<form method="post" action=".">
+<form method="post" action=".">{% csrf_token %}
 <fieldset>
 <legend>Add a Website</legend>
     {{ w_form.as_p }}