Mercurial > public > sg101
changeset 208:2022c0409296
Fix #76; use POST to get downloads to avoid having side-effects (updating hit count) on GETs.
| author | Brian Neal <bgneal@gmail.com> |
|---|---|
| date | Wed, 05 May 2010 03:12:15 +0000 |
| parents | 8bbefaa3e408 |
| children | 0e7c7231dea9 |
| files | gpp/downloads/views.py gpp/templates/downloads/download.html gpp/templates/downloads/navigation.html gpp/weblinks/views.py |
| diffstat | 4 files changed, 14 insertions(+), 3 deletions(-) [+] |
line wrap: on
line diff
--- a/gpp/downloads/views.py Mon May 03 02:59:48 2010 +0000 +++ b/gpp/downloads/views.py Wed May 05 03:12:15 2010 +0000 @@ -115,6 +115,7 @@ ####################################################################### @login_required +@require_POST def download(request, id): download = Download.public_objects.get(pk=id) if download is None: @@ -143,6 +144,7 @@ ####################################################################### @login_required +@require_POST def random_download(request): ids = Download.public_objects.values_list('id', flat=True) if not ids:
--- a/gpp/templates/downloads/download.html Mon May 03 02:59:48 2010 +0000 +++ b/gpp/templates/downloads/download.html Wed May 05 03:12:15 2010 +0000 @@ -1,10 +1,11 @@ {% load comment_tags %} {% get_comment_count for download as comment_count %} <dt> -<a href="{% url downloads-download download.id %}">{{ download.title }}</a> +{{ download.title }} </dt> <dd> {{ download.html|safe }} +<form action="{% url downloads-download download.id %}" method="post">{% csrf_token %} <table> <tr> <th>Added By:</th> @@ -14,12 +15,14 @@ </tr> <tr> <th>Category:</th><td>{{ download.category.title }}</td> - <th>Hits:</th><td>{{ download.hits }}</td> + <th>Downloads:</th><td>{{ download.hits }}</td> </tr> <tr> <th>Rating:</th><td><div class="rating" id="rating-{{ download.id }}">{{ download.average_score|floatformat }}</div></td> <th><img src="{{ MEDIA_URL }}icons/comments.png" alt="Comments" title="Comments" /> <a href="{% url downloads-details download.id %}">Comments</a>:</th><td>{{ comment_count }}</td> </tr> +<tr><td><input type="submit" value="Download Now" /></td></tr> </table> +</form> </dd>
--- a/gpp/templates/downloads/navigation.html Mon May 03 02:59:48 2010 +0000 +++ b/gpp/templates/downloads/navigation.html Wed May 05 03:12:15 2010 +0000 @@ -9,6 +9,10 @@ <li><a href="{% url downloads-new %}">New</a></li> <li><a href="{% url downloads-popular %}">Popular</a></li> <li><a href="{% url downloads-rating %}">Highest Rated</a></li> - <li><a href="{% url downloads-random %}">Random</a></li> <li><a href="{% url downloads-add %}">Add</a></li> </ul> +<center> + <form action="{% url downloads-random %}" method="post">{% csrf_token %} + <input type="submit" title="Download a file at random" value="Surprise Me!" /> + </form> +</center>
--- a/gpp/weblinks/views.py Mon May 03 02:59:48 2010 +0000 +++ b/gpp/weblinks/views.py Wed May 05 03:12:15 2010 +0000 @@ -140,12 +140,14 @@ ####################################################################### +@require_POST def visit(request, link_id): link = get_object_or_404(Link, pk = link_id) return _visit_link(request, link) ####################################################################### +@require_POST def random_link(request): ids = Link.public_objects.values_list('id', flat=True) if not ids: