innov
/
django1
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity
7,415 Commits 25 Branches 361 Tags 501 MiB
Commit Graph

133 Commits

Author SHA1 Message Date
Jacob Kaplan-Moss 9f8287a3f1 SECURITY ALERT: Corrected regular expressions for URL and email fields. 
Certain email addresses/URLs could trigger a catastrophic backtracking situation, causing 100% CPU and server overload. If deliberately triggered, this could be the basis of a denial-of-service attack.

This security vulnerability was disclosed in public, so we're skipping our
normal security release process to get the fix out as soon as possible.

This is a security related update. A full announcement, as well as backports for the 1.1.X and 1.0.X series will follow.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@11603 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-10-09 20:57:59 +00:00
Luke Plant 7c53c2618d Fixed #10968 - Form.errors should use Form.error_class. 
Thanks for report and initial patch, matehat.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@11498 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-09-11 10:47:40 +00:00
Luke Plant 49cf7f4a51 Fixed Widget.__init__() for Python 2.6 and greater. Refs #11703 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11496 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-09-11 09:08:07 +00:00
Luke Plant d18dace8eb Fixed #11703: Added missing Super calls to 2 widget classes. 
Thanks Rupe



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11491 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-09-10 16:30:41 +00:00
Luke Plant bdde46de63 Fixed #10950 - unused import. 
Thanks dc


git-svn-id: http://code.djangoproject.com/svn/django/trunk@11485 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-09-10 15:27:44 +00:00
Russell Keith-Magee 7ecb8b08b3 Fixed #10922 -- Corrected handling of POST data to ensure that the right objects are updated on save when the ordering field is editable. Thanks to Alex Gaynor, Karen Tracy, and Will Hardy for their contributions to this patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11160 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-07-03 03:05:17 +00:00
Gary Wilson Jr 419747d1c8 Fixed a few Python 2.3 incompatibilities that were causing test failures. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10863 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-05-29 05:23:50 +00:00
Karen Tracey 8c8625bde3 Fixed #11149 -- Don't call save_form_data on file-type fields multiple times when saving a model form. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10826 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-05-19 23:13:33 +00:00
Russell Keith-Magee a00be66311 Fixed #11120 -- Corrected handling of inlines attached to inherited classes, broken by r10756. Thanks to George Song and Michael Strickland for the simultaneous reports. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10787 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-05-15 12:44:51 +00:00
Jacob Kaplan-Moss e508bfd27f Fixed #10992: fixed a bug saving inlines with custom primary key fields. Thanks, Zain. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10777 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-05-14 02:23:53 +00:00
Russell Keith-Magee 7215ffe8a4 Fixed #10243, #11043 -- Corrected handling of formsets over a ForeignKey that uses to_field, and by extension, fixed the admin for handling fields of that type. Thanks to apollo13 for the initial patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10756 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-05-13 14:04:29 +00:00
Malcolm Tredinnick fe971ec66f Changed r10668 to not falsely error out when using generic inlines. 
The bug was picked up by the tests already, but only if run against a
backend that supports referential integrity.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@10732 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-05-10 21:09:38 +00:00
Russell Keith-Magee 5663258de1 Fixed #10792 -- Ensured that ModelChoiceFields don't provide an empty option when the underlying field has blank=False and there is a default value available. Thanks to carljm for the report and patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10729 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-05-10 07:44:27 +00:00
Jacob Kaplan-Moss 614d881450 Fixed #10750: respect comment=False in inline formsets. Thanks, Koen Biermans. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10706 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-05-08 09:59:46 +00:00
Russell Keith-Magee f259494f82 Fixed #9493 -- Corrected error handling of formsets that violate unique constraints across the component forms. Thanks to Alex Gaynor for the patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10682 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-05-07 12:17:52 +00:00
Russell Keith-Magee eb81d5acb3 Fixed #10893 -- Corrected a problem with using list_editable in the admin when the model has a manual primary key. Thanks to Alex Gaynor for the patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10681 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-05-07 11:56:10 +00:00
Russell Keith-Magee f6cca736a0 Fixed #9609 -- Modified the clean method of(Null)Boolean field to accept '1' and '0' as valid inputs. Thanks to psagers for the patch. 
This is required to support the use of non-default form widgets such as RadioSelect when the data comes from MySQL, which uses 1/0 to represent booleans.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@10660 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-05-02 14:52:34 +00:00
Russell Keith-Magee 17958fa7a9 Fixed #10134 -- Added unique_for_[date|day|month|year] validation to ModelForm handling. Thanks to Alex Gaynor for the patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10646 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-30 13:47:39 +00:00
Russell Keith-Magee 2ba9df2f41 Fixed #10082 -- Modified BaseFormSet so that ordering checks work when the formset is empty. Thanks to Petr Marhoun for the report and test case, and bmathieu for the fix. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10643 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-28 14:17:18 +00:00
Russell Keith-Magee 6312de0279 Fixed #10288 -- Corrected _has_changed handling of DateTimeInput, DateInput, TimeInput, and SplitDateTimeWidget when a custom date/time format is in use. Thanks to Koen Biermans for the report and patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10641 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-28 13:19:30 +00:00
Jacob Kaplan-Moss 9ea2198fd1 Fixed #10163: add an artificial ordering to querysets used by formsets, thus ensuring that POSTed data "lines up" correctly every time. Thanks to Karen Tracey for pointing in the right direction here. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10625 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-22 22:16:42 +00:00
Jacob Kaplan-Moss 6c15b5db60 Fixed #10208: `ModelAdmin` now respects the `exclude` and `field` atributes of custom `ModelForm`s. Thanks, Alex Gaynor. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10619 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-22 15:48:51 +00:00
Jacob Kaplan-Moss ccc8e104ee Fixed #10799: fixed the use of list_editable with model inheritance and custom one-to-one parent links. Thanks, Alex Gaynor. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10590 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-18 21:03:29 +00:00
Jacob Kaplan-Moss 1e4ad6f118 Fixed #10002: inline file uploads now correctly display prior data. Thanks, dgouldin. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10588 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-18 20:29:55 +00:00
Jacob Kaplan-Moss 002e3fd9e4 Fixed #9124: fixed `SelectDateWidget` with `required=False`. Thanks, Bernd Schlapsi. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10584 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-18 17:35:53 +00:00
Jacob Kaplan-Moss 41260fb931 Fixed #10156: `ModelMultipleChoiceField.clean` now does a single query instead of O(N). Thanks, Alex Gaynor. Also, I ported a few more doctests to unittests. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10582 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-18 15:51:11 +00:00
Russell Keith-Magee 419ed44436 Fixed #10363 -- Modified ModelForm handling to ensure that excluded fields can't be saved onto the model. Thanks to jgoldberg for the report, an Alex Gaynor for the fix. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10575 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-16 14:26:08 +00:00
Russell Keith-Magee 6590061a00 Fixed #9948 -- Corrected URLField validation to match RFC1035 (URL analog of #9890). Thanks to kratorius for the report and fix. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10574 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-16 14:25:18 +00:00
Russell Keith-Magee 48b459a83e Fixed #9890 -- Modified the regex validation for email addresses to match RFC822/1035. Thanks to ozgur for the report, and kratorius for the patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10573 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-16 14:24:27 +00:00
Malcolm Tredinnick 3bd384aa62 Fixed #10645 -- Added some robustness around some admin and modelform params. 
Fieldset dictionary names, search fields and unique_together attribute
names all have to be convertible to strings (that has always been true).
If somebody passes in a unicode object, Python barfs because Django uses
those values as keyword argument names and function calls require
parameter names to be str objects. We now convert thing to strs
automatically.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@10510 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-11 07:41:59 +00:00
Jacob Kaplan-Moss 9e9a2b88e8 Fixed #10038: make `BaseModelFormSet.save_existing_objects` use `Form.has_changed()` instead of looking at `changed_data` directly. Thanks, karihre. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10495 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-10 18:42:24 +00:00
Jacob Kaplan-Moss 95f5e4a8da Fixed #10774: accessing form media types in templates (i.e. ``{{ form.media.js }}``) now works. Thanks, tarequeh and Alex Gaynor. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10489 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-10 17:07:25 +00:00
Jacob Kaplan-Moss a64a61bf4a Fixed #8422: FilePathField now respects required=False. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10447 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-08 18:53:55 +00:00
Jacob Kaplan-Moss 8f7aa84def Fixed #9651: fixed save_as with inline forms. Thanks, kmike and Mnewman. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10353 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-02 00:01:15 +00:00
Jacob Kaplan-Moss 6474092e9a Fixed a bug introduced by [10316]. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10319 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-01 14:45:39 +00:00
Jacob Kaplan-Moss da0c6908e8 Fixed #9473: FormWizard now works with NullBooleanFields. As a bonus, we now have the beginnings of a test suite for FormWizard. Thanks, Keith Bussell. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10316 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-04-01 14:13:43 +00:00
Joseph Kocherhans 15becf23a9 Forms in model formsets and inline formsets can now be deleted even if they don't validate. Related to #9587. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10283 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-03-31 19:55:20 +00:00
Joseph Kocherhans 62353e8fe7 Fixed #9863. A ForeignKey with editable=False to the parent in an inline no longer raises an exception. Thanks to keithb for the test case and Alex Gaynor for the patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10239 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-03-31 00:03:34 +00:00
Jacob Kaplan-Moss 5c321780c2 Fixed #8746: Check data in raw_id_fields more closely. Thanks, dgouldin 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10233 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-03-30 23:00:36 +00:00
Joseph Kocherhans fea6c73538 Fixed #10149. FileFields in a form now validate max_length. Based on a patch by Massimo Scamarcia. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10227 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-03-30 22:52:16 +00:00
Joseph Kocherhans 08056572e8 Fixed #9587. Formset.is_valid() now returns True if an invalid form is marked for deletion. Thanks for the test and intial patch, kratorius. 
Note that this leaves the form and formset errors alone. Those forms still have errors, it's just that it doesn't matter that they're invalid in the context of the formset and deletion.
Also fixed #9665 while I was in there. Thanks, mark_hildreth.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@10206 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-03-30 19:36:19 +00:00
Joseph Kocherhans 9face54bb7 Fixed #9284. Fixed #8813. BaseModelFormSet now calls ModelForm.save(). 
This is backwards-incompatible if you were doing things to 'initial' in BaseModelFormSet.__init__, or if you relied on the internal _total_form_count or _initial_form_count attributes of BaseFormSet. Those attributes are now public methods.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@10190 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-03-30 15:58:52 +00:00
Karen Tracey 14b160957e Fixed #8962 -- Consistently support format and input_format in the various (individual, combined, split) date and time form fields and widgets. 
Many thanks to Tai Lee for doing all the work here.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@10115 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-03-22 16:13:06 +00:00
Jacob Kaplan-Moss f66853bcca Fixed `BaseFormSet.is_multipart()` so that it doesn't bomb when called on an empty formset. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10073 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-03-17 19:23:23 +00:00
Russell Keith-Magee cf7a3fa7f0 Fixed #10512 -- Corrected the handling of extra fields on a ModelForm. Thanks to Alex Gaynor for the patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10070 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-03-17 10:30:17 +00:00
Russell Keith-Magee 7be4b9a4c0 Fixed #8164 -- Fields on a ModelForm are now ordered in the order specified in the fields attribute of the ModelForm's Meta class. Thanks to Alex Gaynor for the patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10062 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-03-15 05:05:26 +00:00
Russell Keith-Magee 3c8568a7dc Fixed #10271, #10281 -- Fixed the handling multiple inline models that share a common base class and have the link to the inline parent on the base class. Includes modifications that allow the equivalent handling for GenericFields. Thanks to Idan Gazit, Antti Kaihola (akaihola), and Alex Gaynor for their work on this patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10017 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-03-10 11:19:26 +00:00
Karen Tracey 81ae2afdec Fixed 10075: Allowed saving of inline-edited models that use multi-table inheritance. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9809 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-02-03 14:02:09 +00:00
Karen Tracey 795c229ae9 Fixed #10069 -- Fixed the model form unique validation code to not proceed with using, for example, RelatedObjects returned by get_field_by_name as though they were model Fields. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9777 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-01-19 19:37:31 +00:00
Gary Wilson Jr f0d44e44bd Fixed #9882 -- Added `alters_data = True` to `BaseModelForm.save` method, thanks dc. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9678 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2008-12-23 05:50:51 +00:00