Code

Ticket #12871: comments2.diff

File comments2.diff, 2.6 KB (added by shacker, 4 years ago)

Changes as suggested

Line 
1Index: docs/ref/contrib/comments/index.txt
2===================================================================
3--- docs/ref/contrib/comments/index.txt (revision 12588)
4+++ docs/ref/contrib/comments/index.txt (working copy)
5@@ -251,6 +251,56 @@
6 
7     <input type="hidden" name="next" value="{% url my_comment_was_posted %}" />
8 
9+Providing a comment form for authenticated users
10+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
11+
12+If a user is already authenticated, it makes little sense to display name, email,
13+and URL fields, since these can already be retrieved from their login data and
14+profile. In addition, some sites will only accept comments from authenticated users.
15+
16+To provide a comment form for authenticated users, you can manually provide the
17+additional fields expected by the Django comments framework. For example, assuming
18+comments are attached to the model "item"::
19+
20+    {% if user.is_authenticated %}
21+        {% get_comment_form for item as form %}
22+        <form action="{% comment_form_target %}" method="POST">
23+        {% csrf_token %}
24+        {{ form.comment }}
25+        {{ form.honeypot }}
26+        {{ form.content_type }}
27+        {{ form.object_pk }}
28+        {{ form.timestamp }}
29+        {{ form.security_hash }}
30+        <input type="hidden" name="next" value="{% url item_view item.id %}" />
31+        <input type="submit" value="Add comment" id="id_submit" />
32+        </form>
33+    {% else %}
34+        <p>Please <a href="{% url auth_login %}">log in</a> to leave a comment.</p>
35+    {% endif %}
36+
37+The {% csrf_token %} field accommodates the :ref:`Cross-Site Request Forgery Requirements
38+< ref-contrib-csrf>` in Django 1.2. The honeypot, content_type, object_pk, timestamp,
39+and security_hash fields are fields that would have been created automatically if you had
40+simply used {{form}} in your template, and are referred to in `Notes on the comment
41+form`_ below.
42+
43+Note that we do not need to specify the user to be associated with comments submitted
44+by authenticated users. This is possible because the :ref:`Built-in Comment Models
45+< ref-contrib-comments-models>` that come with Django associate comments with
46+authenticated users by default.
47+
48+In this example, the honeypot field will still be visible to the user; you'll need
49+to hide that field in your CSS::
50+
51+    #id_honeypot {
52+        visibility:hidden;
53+    }
54+
55+If you want to accept either anonymous or authenticated comments, replace the
56+contents of the "else" clause above with a standard comment form, and the right
57+thing will happen whether a user is logged in or not.
58+
59 .. _notes-on-the-comment-form:
60 
61 Notes on the comment form