Changes between Version 198 and Version 199 of BackwardsIncompatibleChanges

07/31/2008 03:58:52 PM (10 years ago)
Luke Plant



  • BackwardsIncompatibleChanges

    v198 v199  
    7070 * [8015] July 19, 2008 [#ChangedthewayURLpathsaredetermined Changed the way URL paths are determined]
    7171 * [8143] July 30, 2008 [#DecimalFieldconversiontightened DecimalField conversion tightened]
     72 * [8162] July 30, 2008 [#Passwordresetsystemchangedtoimprovesecurityandusability  Password reset system changed to improve security and usability ]
    7374== Database constraint names changed ==
    10451046In [8143] the conversion between values in model attributes and values to be inserted into the database was changed internally. A side-effect of this is that Django will raise an error if you try to store a floating point value in a !DecimalField. There is no reliable way to convert between a float and a decimal. So you must either store a python `decimal` value in the model attribute or a string (which will then be converted to a `decimal`).
     1048== Password reset system changed to improve security and usability ==
     1050In [8162], the password reset views and templates were overhauled.  If you have were using the existing views with a customised !PasswordResetForm, or with any customised templates (such as the password reset email, or any of the related forms), then you will probably have to update your code (note that these forms/templates had already been updated recently to use newforms).  The new system has much better security (#7723 is fixed).  It does not reset the password, but sends an emails to the user with a link to click on.  It also has much better usability -- the user is then prompted to enter their own password, rather than given a random one (which many users often forget to change).  The link for resetting the password will expire as soon as it is used, or after a timeout -- default 3 days.
Back to Top