Commit Graph

1233 Commits

Author SHA1 Message Date
Donald Stufft f2a0be6151 Fix a missing " character in the password documentation 2013-03-26 15:26:20 -04:00
Donald Stufft 25f2acfed0 Fixed #20138 -- Added BCryptSHA256PasswordHasher
BCryptSHA256PasswordHasher pre-hashes the users password using
SHA256 to prevent the 72 byte truncation inherient in the BCrypt
algorithm.
2013-03-26 13:26:57 -04:00
Ramiro Morales ccf8d81113 Fixed docs reST warning. 2013-03-25 21:56:52 -03:00
Aymeric Augustin ae417dd4d5 Added release notes for 4b31a6a9.
Thanks Florian for reporting this omission.
2013-03-24 13:13:19 +01:00
Claude Paroz f670cce9f5 Fixed #20119 -- Fixed typo in auth docs
Thanks vinyll for the report.
2013-03-23 20:00:18 +01:00
Claude Paroz 76aecfbc4b Fixed #9055 -- Standardized behaviour of parameter escaping in db cursors
Previously, depending on the database backend or the cursor type,
you'd need to double the percent signs in the query before passing
it to cursor.execute. Now cursor.execute consistently need percent
doubling whenever params argument is not None (placeholder substitution
will happen).
Thanks Thomas Güttler for the report and Walter Doekes for his work
on the patch.
2013-03-23 17:11:10 +01:00
Tim Graham 93cffc3b37 Added missing markup to docs. 2013-03-22 13:50:07 -04:00
Tim Graham f7795e968d Fixed #17935 - Clarified intro of topics/files.txt.
Thanks guettli for the suggestion.
2013-03-22 06:01:51 -04:00
Andrew Gorcester f9ab543720 Fixed #20084 -- Provided option to validate formset max_num on server.
This is provided as a new "validate_max" formset_factory option defaulting to
False, since the non-validating behavior of max_num is longstanding, and there
is certainly code relying on it. (In fact, even the Django admin relies on it
for the case where there are more existing inlines than the given max_num). It
may be that at some point we want to deprecate validate_max=False and
eventually remove the option, but this commit takes no steps in that direction.

This also fixes the DoS-prevention absolute_max enforcement so that it causes a
form validation error rather than an IndexError, and ensures that absolute_max
is always 1000 more than max_num, to prevent surprising changes in behavior
with max_num close to absolute_max.

Lastly, this commit fixes the previous inconsistency between a regular formset
and a model formset in the precedence of max_num and initial data. Previously
in a regular formset, if the provided initial data was longer than max_num, it
was truncated; in a model formset, all initial forms would be displayed
regardless of max_num. Now regular formsets are the same as model formsets; all
initial forms are displayed, even if more than max_num. (But if validate_max is
True, submitting these forms will result in a "too many forms" validation
error!) This combination of behaviors was chosen to keep the max_num validation
simple and consistent, and avoid silent data loss due to truncation of initial
data.

Thanks to Preston for discussion of the design choices.
2013-03-21 01:27:24 -07:00
Claude Paroz a9ee0e2970 Fixed #20096 -- Added link to the Greek localflavor app 2013-03-20 17:08:08 +01:00
Aymeric Augustin 6197935152 Fixed #19968 -- Dropped support for PostgreSQL < 8.4. 2013-03-18 21:16:29 +01:00
Aymeric Augustin f3a6d74db9 Minor docs fix for e11ccc76. 2013-03-17 22:43:49 +01:00
Aymeric Augustin e11ccc76d3 Updated bundled version of six. 2013-03-17 10:44:28 +01:00
Aymeric Augustin f8c7c8f27b Merge pull request #901 from giamfreeg/master
Fixed an erroneous import in example code of docs (class-based-views/intro).
2013-03-15 06:23:21 -07:00
Aymeric Augustin 3f2befc931 Deprecated django.views.defaults.shortcut. 2013-03-14 20:30:23 +01:00
Claude Paroz 50eb70b08f Fixed #20032 -- Documented how to simulate the absence of a setting
Thanks Ram Rachum for the report.
2013-03-13 23:14:26 +01:00
Pablo Sanfilippo bd68f701b1 Fixed an erroneous import in example code. 2013-03-13 14:16:27 -03:00
Aymeric Augustin 5d8342f321 Proof-read and adjusted the transactions docs. 2013-03-13 15:17:41 +01:00
Aymeric Augustin 83a416f5e7 Made atomic usable when autocommit is off.
Thanks Anssi for haggling until I implemented this.

This change alleviates the need for atomic_if_autocommit. When
autocommit is disabled for a database, atomic will simply create and
release savepoints, and not commit anything. This honors the contract of
not doing any transaction management.

This change also makes the hack to allow using atomic within the legacy
transaction management redundant.

None of the above will work with SQLite, because of a flaw in the design
of the sqlite3 library. This is a known limitation that cannot be lifted
without unacceptable side effects eg. triggering arbitrary commits.
2013-03-13 15:17:40 +01:00
Aymeric Augustin e654180ce2 Improved the API of set_autocommit. 2013-03-11 15:10:58 +01:00
Aymeric Augustin 4dbd1b2dd8 Used commit_on_success_unless_managed to make ORM operations atomic. 2013-03-11 15:05:05 +01:00
Aymeric Augustin 107d9b1d97 Added an option to disable the creation of savepoints in atomic. 2013-03-11 15:05:04 +01:00
Aymeric Augustin 189fb4e294 Added a note about long-running processes.
There isn't much else to say, really.
2013-03-11 15:05:04 +01:00
Aymeric Augustin 17cf29920b Added an explanation of transactions and grouped low-level APIs. 2013-03-11 15:05:02 +01:00
Aymeric Augustin ffe41591e7 Updated the documentation for savepoints.
Apparently django.db.transaction used to be an object.
2013-03-11 15:04:10 +01:00
Aymeric Augustin ac37ed21b3 Deprecated TransactionMiddleware and TRANSACTIONS_MANAGED.
Replaced them with per-database options, for proper multi-db support.

Also toned down the recommendation to tie transactions to HTTP requests.
Thanks Jeremy for sharing his experience.
2013-03-11 15:04:05 +01:00
Aymeric Augustin 7c46c8d5f2 Added some assertions to enforce the atomicity of atomic. 2013-03-11 14:48:55 +01:00
Aymeric Augustin d7bc4fbc94 Implemented an 'atomic' decorator and context manager.
Currently it only works in autocommit mode.

Based on @xact by Christophe Pettus.
2013-03-11 14:48:55 +01:00
Aymeric Augustin 4b31a6a9e6 Added support for savepoints in SQLite.
Technically speaking they aren't usable yet.
2013-03-11 14:48:55 +01:00
Aymeric Augustin 5e27debc5c Enabled database-level autocommit for all backends.
This is mostly a documentation change.

It has the same backwards-incompatibility consequences as those
described for PostgreSQL in a previous commit.
2013-03-11 14:48:54 +01:00
Aymeric Augustin f515619494 Added an API to control database-level autocommit. 2013-03-11 14:48:53 +01:00
Loic Bistuer 6983a1a540 Fixed #15363 -- Renamed and normalized to `get_queryset` the methods that return a QuerySet. 2013-03-08 10:11:45 -05:00
Claude Paroz 4cccb85e29 Fixed #19997 -- Added custom EMPTY_VALUES to form fields
Thanks Loic Bistuer for the report and the patch.
2013-03-07 15:22:03 +01:00
Michael Manfre bb998c9fec Update link to django-mssql project 2013-03-06 12:12:42 -05:00
Tobias Carlander df7668a9e4 Fix Typo explicitly. Fixes #19971 2013-03-03 22:34:10 +04:00
Aymeric Augustin 97afc49bb0 Removed unnecessary imports. 2013-03-03 16:07:38 +01:00
Tim Graham fe5d9fe5fe Fixed #19962 - Added a note about SESSION_EXPIRE_AT_BROWSER_CLOSE and browsers that persist sessions.
Thanks David Sanders.
2013-03-02 10:11:23 -05:00
Tim Graham d009ffe436 Fixed #19937 - Typo in class-based views intro. 2013-02-28 08:25:14 -05:00
Tim Graham 226a9fb2ea Merge pull request #858 from intgr/py3kdoc-fix
Fixed a typo in Python 3 porting guide.
2013-02-27 13:16:55 -08:00
Claude Paroz b0ba21db07 Fixed #19926 -- Fixed a link to code example in queries docs
Thanks Randy Salvo for the report.
2013-02-27 21:30:54 +01:00
Tim Graham 2108941677 Fixed #16807 - Added a class-based views intro.
Thanks Preston Holmes for the text.
2013-02-27 07:13:55 -05:00
Marti Raudsepp fba6df19b5 [py3] str.decode does not exist; str.encode was intended 2013-02-26 23:28:47 +02:00
Tim Graham 9ce1b6191b Fixed #19922 - Typo in translation docs.
Thanks amoebob for the report.
2013-02-26 15:12:28 -05:00
Aymeric Augustin 0836670c5c Fixed #6195 -- Documented caching options for javascript_catalog. 2013-02-25 22:29:38 +01:00
Ben Konrath d546259647 Fixed #19394 --Added note about auth forms and custom user models. 2013-02-24 07:55:38 -08:00
Zbigniew Siciarz 0a8402eb05 Test case and docs for custom context data in feeds
Thanks Paul Winkler for the initial patch. (Ref #18112).
2013-02-24 08:33:20 -06:00
Florian Apolloner 4506ae0497 Merge pull request #717 from slurms/ticket_19746
Fixed #19746 -- Allow deserialization of pk-less data
2013-02-24 06:31:14 -08:00
Tomek Paczkowski 99edbe0e27 Fixed #19253 -- Extracted template cache key building logic
Introduced a public function
django.core.cache.utils.make_template_fragment_key
Thanks @chrismedrela for fruitful cooperation.
2013-02-24 14:32:45 +01:00
Aymeric Augustin b6aede3268 Merge pull request #815 from zerok/tickets/11971
Fixed #11971 -- Documented the serialization formats
2013-02-24 02:18:32 -08:00
Horst Gutmann 5612f54bd5 Added more details about the various serialization formats. 2013-02-24 10:58:03 +01:00