Fixed #8653: make formtools' security hash more rubust. Silly that I didn't think of this before; thanks to bthomas for providing the obvious fix.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@8715 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-29 19:15:34 +00:00 · 2008-08-29 19:15:34 +00:00 · 2ca8cf3628
parent 71076ae299
commit 2ca8cf3628
1 changed files with 1 additions and 12 deletions
--- a/django/contrib/formtools/utils.py
+++ b/django/contrib/formtools/utils.py
@ -15,19 +15,8 @@ def security_hash(request, form, *args):
        order, pickles the result with the SECRET_KEY setting, then takes an md5
        hash of that.
        """
-        # Ensure that the hash does not change when a BooleanField's bound
-        # data is a string `False' or a boolean False.
-        # Rather than re-coding this special behaviour here, we
-        # create a dummy BooleanField and call its clean method to get a
-        # boolean True or False verdict that is consistent with
-        # BooleanField.clean()
-        dummy_bool = BooleanField(required=False)
-        def _cleaned_data(bf):
-            if isinstance(bf.field, BooleanField):
-                return dummy_bool.clean(bf.data)
-            return bf.data
        
-        data = [(bf.name, _cleaned_data(bf) or '') for bf in form]
+        data = [(bf.name, bf.field.clean(bf.data) or '') for bf in form]
        data.extend(args)
        data.append(settings.SECRET_KEY)