I´m trying to send an email to the user for activating his/her account:
right now it has the form /activate-account/?passwordhash×tamp-
of-date-joined
any better ideas?
thanks,
patrick
Am 17.07.2006 um 19:21 schrieb patrickk:
>
> thanks, I did use do_html2python ... but for the wrong manipulator
> (which, of course, is like not using it) ...
>
> patrick
>
> Am 17.07.2006 um 18:30 schrieb Aidas Bendoraitis:
>
>>
>> The problem is that you don't use manipulator.do_html2python
>> (new_data)
>> which transforms strings to appropriate values.
>>
>> In your case, you should write something like:
>> new_user_data['date_joined'] = datetime.now()
>>
>> Aidas Bendoraitis [aka Archatas]
>>
>> On 7/17/06, patrickk <[EMAIL PROTECTED]> wrote:
>>>
>>> you´re right - I only sent half of the code - will send a full
>>> example once I´m finished.
>>>
>>> I tried to use some of your code:
>>> now = datetime.now()
>>> new_user_data['date_joined_date'] = now.strftime("%Y-%m-%d")
>>> new_user_data['date_joined_time'] = now.strftime("%H:%M:%S")
>>>
>>> but got the error:
>>> combine() argument 1 must be datetime.date, not str
>>>
>>> any ideas?
>>>
>>>
>>> Am 17.07.2006 um 16:42 schrieb Aidas Bendoraitis:
>>>
>>>>
>>>> It seems that you are missing the escaping/converting of the got
>>>> (ten)
>>>> values. Don't you need something like
>>>> manipulator.do_html2python(new_data) before saving the user? I
>>>> think
>>>> there is a risk of SQL injection[1] in your example.
>>>>
>>>> [1] http://en.wikipedia.org/wiki/Sql_injection
>>>>
>>>> Aidas Bendoraitis [aka Archatas]
>>>>
>>>>
>>>>
>>>> On 7/17/06, patrickk <[EMAIL PROTECTED]> wrote:
>>>>>
>>>>> here´s the registration I´ve come up with. I´m using a Custom
>>>>> Manipulator, because I´ve added some fields to the User Model and
>>>>> need specific validation. I´ve also added a confirmation mail:
>>>>>
>>>>> def registration(request):
>>>>>
>>>>> manipulator = RegistrationManipulator()
>>>>>
>>>>> if request.POST:
>>>>> new_data = request.POST.copy()
>>>>> errors = manipulator.get_validation_errors(new_data)
>>>>> if not errors:
>>>>>
>>>>> ### Send MAIL
>>>>> date= new_data['date_joined_date'] + "
>>>>> " +
>>>>> new_data['date_joined_time']
>>>>> confirmhash = set_hash(new_data
>>>>> ['password'],
>>>>> date)
>>>>> link = "http://mysite.com/confirm/?"; +
>>>>> confirmhash
>>>>> content = "something in here" + link
>>>>> toMail = new_data['email']
>>>>> send_mail('[mysite.com] Registration:
>>>>> confirm', content, '[EMAIL PROTECTED]', [toMail],
>>>>> fail_silently=False)
>>>>>
>>>>> ### SAVE USER
>>>>> pw_hash = set_password(new_data
>>>>> ['password'])
>>>>> user = User.objects.create_user(new_data
>>>>> ['username'], new_data['email'], pw_hash)
>>>>> user.save()
>>>>> return HttpResponseRedirect("/")
>>>>>
>>>>> else:
>>>>> errors = new_data = {}
>>>>>
>>>>> ...
>>>>>
>>>>>
>>>>> Am 17.07.2006 um 13:35 schrieb Aidas Bendoraitis:
>>>>>
>>>>>>
>>>>>> A few weeks ago I browsed through Django core code to get a basic
>>>>>> understanding how to create a user registration or any other form
>>>>>> using generic manipulators and how to fill in some values
>>>>>> (such as
>>>>>> last_login) behind the scene.
>>>>>>
>>>>>> I was following the guidelines about manipulators at:
>>>>>> http://www.djangoproject.com/documentation/forms/
>>>>>>
>>>>>> To create a user you should do something like that:
>>>>>>
>>>>>> def add_profile(request):
>>>>>> from datetime import datetime
>>>>>> user_manipulator = User.AddManipulator()
>>>>>>
>>>>>> if request.POST:
>>>>>> new_user_data = request.POST.copy()
>>>>>>
>>>>>> # fields that have to be left unmodified
>>>>>> #new_user_data['username'] = user.username
>>>>>> new_user_data['password'] = new_password_data
>>>>>> ['new_password']
>>>>>> now = datetime.now()
>>>>>> new_user_data['date_joined_date'] = now.strftime("%Y-%m-
>>>>>> %d")
>>>>>> new_user_data['date_joined_time'] = now.strftime("%H:%M:
>>>>>> %S")
>>>>>> new_user_data['last_login_date'] = "1900-01-01"
>>>>>> new_user_data['last_login_time'] = "00:00:00"
>>>>>> new_user_data['is_active'] = 'on'
>>>>>> new_user_data['is_superuser'] = 'off'
>>>>>> new_user_data['is_staff'] = 'off'
>>>>>> user_errors = user_manipulator.get_validation_errors
>>>>>> (new_user_data)
>>>>>> if not user_errors:
>>>>>> user_manipulator.do_html2python(new_user_data)
>>>>>> user = user_manipulator.save(new_user_data)
>>>>>> #user = User.objects.create_user(
>>>>>> # new_user_data['username'],
>>>>>> # new_user_data['email'],
>>>>>> # new_user_data['password']
>>>>>> #)
>>>>>> user.set_password(new_user_data['password'])
>>>>>> user.save()
>>>>>> ...
>>>>>>
>>>>>> I hope this will help you. And if somebody has a better
>>>>>> solution how
>>>>>> to manage filling fields with values automagically, please share
>>>>>> that
>>>>>> wwith everybody.
>>>>>>
>>>>>> Good luck!
>>>>>> Aidas Bendoraitis [aka Archatas]
>>>>>>
>>>>>>
>>>>>> On 7/16/06, patrickk <[EMAIL PROTECTED]> wrote:
>>>>>>>
>>>>>>> nice. didn´t see that.
>>>>>>>
>>>>>>> Am 15.07.2006 um 18:29 schrieb [EMAIL PROTECTED]:
>>>>>>>
>>>>>>>>
>>>>>>>> There is:
>>>>>>>> http://code.djangoproject.com/wiki/FormField
>>>>>>>>
>>>>>>>> Chris
>>>>>>>>
>>>>>>>>
>>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>>>
>>>>>
>>>>>
>>>>>>
>>>>>
>>>>
>>>>>
>>>
>>>
>>>>
>>>
>>
>>>
>
>
> >
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/django-users
-~----------~----~----~----~------~----~------~--~---
