It seems I haven't expressed myself clearly enough.
The template django/contrib/admin/templates/admin/auth/user/
change_password.html You point me to is rendered when I use the
password change form from user change form.
The one that seems to be missing CSRF token is rendered when I try to
change password from the link in the upper right corner of admin
screen.
I think that it is some other template, as the form's fields ids are
different - namely id_old_password, id_new_password1 and
id_new_password_2, while in the aforementioned template the form's
fields ids are id_password1 and id_password2.
I think that the template rendered in this case is django/contrib/
admin/templates/registration/password_change_form.html
Is this something I can change and if so then how? The link I am
referring to is part of django/contrib/admin/templates/admin/base.html
and looks like this:
{% url admin:password_change as password_change_url %}
{% if password_change_url %}
<a href="{{ password_change_url }}">
{% else %}
<a href="{{ root_path }}password_change/">
{% endif %}
{% trans 'Change password' %}</a>
Best regards
On 19 Sie, 02:09, Russell Keith-Magee <[email protected]> wrote:
> 2010/8/18 Aspontus <[email protected]>:
>
> > Sorry, I haven't thought it through.
> > Server is running:
> > - Debian GNU/Linux 5.0 with 2.6.32.2 kernel
> > - Python 2.5.2
> > - Django 1.2.1
> > - MySQL 5.0.51 (with MySQLdb 1.2.2) - default engine InnoDB
> > - Apache2 with mod_python 3.3.1
> > Browsers are in default polish configuration and I've tested it with
>
> > Firefox 3.5.11, Safari 5.0.1, Opera 10.60, Internet Explorer 8.0.6001,
> > Lunascape 6.2.0, SeaMonkey 2.0.6, Google Chrome 5.0.375 (all of them
> > under Windows XP 32 bit PL) and Firefox 3.6 under Ubuntu 9.10 64 bit
>
> > It seems, that the CSRF token is somehow missing in that second case.
>
> Agreed - which means it's not a complex browser issue, it's a
> configuration issue with your Django project. At first guess, either:
>
> * Your TEMPLATE_DIRS setting is pointing to a directory with pre-1.2
> templates
> * Your Django install is running pre-1.2 code, or using stale pyc
> files (which might mean you're loading templates from the wrong app
> directory)
> * You have overridden the auth/user/change_password.html template
> * You have installed an app that overrides the
> auth/user/change_password.html template
>
> To demonstrate the point -- go to the Django install that you think
> you are using, and change the
> django/contrib/admin/templates/admin/auth/user/change_password.html
> template, putting in some dummy content (e.g., "I WAS HERE") at the
> top of the form where the CSRF token should be. Then re-render the
> form. If you don't get your new content, then you've found the problem
> -- you're not rendering the template you think you are.
>
> Yours,
> Russ Magee %-)
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en.
