Ticket #11112: wizard.patch2

File wizard.patch2, 3.0 KB (added by hlecuanda <hector@…>, 6 years ago)

Fixed case where formset is not last item in wizard

Line 
1--- ../../../django-trunk/django/contrib/formtools/wizard.py    2009-05-08 11:58:20.000000000 -0700
2+++ wizard.py   2009-06-12 16:00:07.000000000 -0700
3@@ -4,8 +4,6 @@
4 stored on the server side.
5 """
6 
7-import cPickle as pickle
8-
9 from django import forms
10 from django.conf import settings
11 from django.http import Http404
12@@ -62,8 +60,18 @@
13         # TODO: Move "hash_%d" to a method to make it configurable.
14         for i in range(current_step):
15             form = self.get_form(i, request.POST)
16-            if request.POST.get("hash_%d" % i, '') != self.security_hash(request, form):
17-                return self.render_hash_failure(request, i)
18+            # Handle formsets
19+            if issubclass(form.__class__,forms.formsets.BaseFormSet):
20+                # checkhash for management form
21+                if request.POST.get("hash_%d" % i, '') != self.security_hash(request, form.management_form):
22+                    return self.render_hash_failure(request, i)
23+                for f in form.forms:
24+                    # check hash in every form
25+                    if request.POST.get("hash_%d_%s" % (i,f.prefix)) != self.security_hash(request,f):
26+                        return self.render_hash_failure(request,i)
27+            else:
28+                if request.POST.get("hash_%d" % i, '') != self.security_hash(request, form):
29+                    return self.render_hash_failure(request, i)
30             self.process_step(request, form, i)
31 
32         # Process the current step. If it's valid, go to the next step or call
33@@ -107,8 +115,20 @@
34             for i in range(step):
35                 old_form = self.get_form(i, old_data)
36                 hash_name = 'hash_%s' % i
37-                prev_fields.extend([bf.as_hidden() for bf in old_form])
38-                prev_fields.append(hidden.render(hash_name, old_data.get(hash_name, self.security_hash(request, old_form))))
39+                # handle formsets
40+                if issubclass(old_form.__class__,forms.formsets.BaseFormSet):
41+                    # do management form and generate hash
42+                    prev_fields.extend([bf.as_hidden() for bf in old_form.management_form])
43+                    prev_fields.append(hidden.render(hash_name, old_data.get(hash_name, self.security_hash(request, old_form.management_form))))
44+                    for f in old_form.forms:
45+                        # do each form and generate a hash for each
46+                        hash_name = 'hash_%s_%s' % (i,f.prefix)
47+                        prev_fields.extend([bf.as_hidden() for bf in f])
48+                        prev_fields.append(hidden.render(hash_name, old_data.get(hash_name, self.security_hash(request, f))))
49+                else:
50+                    prev_fields.extend([bf.as_hidden() for bf in old_form])
51+                    prev_fields.append(hidden.render(hash_name, old_data.get(hash_name, self.security_hash(request, old_form))))
52+
53         return self.render_template(request, form, ''.join(prev_fields), step, context)
54 
55     # METHODS SUBCLASSES MIGHT OVERRIDE IF APPROPRIATE ########################
Back to Top