What about the patches on the ticket? The cookie-based approach is not the right way to do it, as the comments on that page indicate, these things should be stored server side, especially since it is being unpickled serverside, it leave a larges security hole. (and the encryption he later added makes it just silly, just keep it serverside).
I really like this idea, the current message system seems pretty broken to me. I don't see any reason why it should be limited to authenticated users, when it's the type of thing that can and should be used for anonymous users as well... I'm thinking "Your comment has been recieved but must be moderated.." etc. The approach used in the patches supplied with the ticket seems sane, so whether or not its accepted into django it's definitely a good starting point if you really want that functionality, and I'll probably use it in my next project. Cheers, Andre On Dec 5, 7:51 am, Thomas Guettler <[EMAIL PROTECTED]> wrote: > Hi, > > I use code based on "session based messages" > from:http://code.djangoproject.com/ticket/4604 > > What I don't like: There are two database hits, which are not necessary: > Store message in session-pickle > and pop message from session-pickle. > > I found this: > http://www.djangosnippets.org/snippets/1064/ > The (flash) message is stored in a cookie. > > But I think the snippet is not thread safe. Has anyone a working example? > > Thomas > > -- > Thomas Guettler,http://www.thomas-guettler.de/ > E-Mail: guettli (*) thomas-guettler + de --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~----------~----~----~----~------~----~------~--~---
