Changes between Version 198 and Version 199 of BackwardsIncompatibleChanges
- Timestamp:
- Jul 31, 2008, 3:58:52 PM (16 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
BackwardsIncompatibleChanges
v198 v199 70 70 * [8015] July 19, 2008 [#ChangedthewayURLpathsaredetermined Changed the way URL paths are determined] 71 71 * [8143] July 30, 2008 [#DecimalFieldconversiontightened DecimalField conversion tightened] 72 * [8162] July 30, 2008 [#Passwordresetsystemchangedtoimprovesecurityandusability Password reset system changed to improve security and usability ] 72 73 73 74 == Database constraint names changed == … … 1044 1045 1045 1046 In [8143] the conversion between values in model attributes and values to be inserted into the database was changed internally. A side-effect of this is that Django will raise an error if you try to store a floating point value in a !DecimalField. There is no reliable way to convert between a float and a decimal. So you must either store a python `decimal` value in the model attribute or a string (which will then be converted to a `decimal`). 1047 1048 == Password reset system changed to improve security and usability == 1049 1050 In [8162], the password reset views and templates were overhauled. If you have were using the existing views with a customised !PasswordResetForm, or with any customised templates (such as the password reset email, or any of the related forms), then you will probably have to update your code (note that these forms/templates had already been updated recently to use newforms). The new system has much better security (#7723 is fixed). It does not reset the password, but sends an emails to the user with a link to click on. It also has much better usability -- the user is then prompted to enter their own password, rather than given a random one (which many users often forget to change). The link for resetting the password will expire as soon as it is used, or after a timeout -- default 3 days.