From ef8174d7a799b3cee5332d76b806cef57e20c5b1 Mon Sep 17 00:00:00 2001
From: liangliangyy
Date: Fri, 11 Feb 2022 11:38:51 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E9=83=A8=E5=88=86=E4=BB=A3?=
=?UTF-8?q?=E7=A0=81=E6=BC=8F=E6=B4=9E?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
accounts/views.py | 4 ++++
blog/templatetags/blog_tags.py | 2 +-
blog/views.py | 11 -----------
comments/forms.py | 10 ----------
comments/tests.py | 20 ++++++++-----------
comments/views.py | 24 ++++++-----------------
templates/blog/tags/article_info.html | 8 ++++----
templates/comments/tags/post_comment.html | 13 ------------
8 files changed, 23 insertions(+), 69 deletions(-)
diff --git a/accounts/views.py b/accounts/views.py
index 627aa2de..8db6b0aa 100644
--- a/accounts/views.py
+++ b/accounts/views.py
@@ -35,6 +35,10 @@ class RegisterView(FormView):
form_class = RegisterForm
template_name = 'account/registration_form.html'
+ @method_decorator(csrf_protect)
+ def dispatch(self, *args, **kwargs):
+ return super(RegisterView, self).dispatch(*args, **kwargs)
+
def form_valid(self, form):
if form.is_valid():
user = form.save(False)
diff --git a/blog/templatetags/blog_tags.py b/blog/templatetags/blog_tags.py
index 3871e501..14116a36 100644
--- a/blog/templatetags/blog_tags.py
+++ b/blog/templatetags/blog_tags.py
@@ -53,7 +53,7 @@ def custom_markdown(content):
def get_markdown_toc(content):
from djangoblog.utils import CommonMarkdown
body, toc = CommonMarkdown.get_markdown_with_toc(content)
- return mark_safe(toc), mark_safe(body)
+ return mark_safe(toc)
@register.filter(is_safe=True)
diff --git a/blog/views.py b/blog/views.py
index 4e32787b..007154da 100644
--- a/blog/views.py
+++ b/blog/views.py
@@ -4,7 +4,6 @@
import os
import uuid
-from django import forms
from django.conf import settings
from django.http import HttpResponse, HttpResponseForbidden
from django.shortcuts import get_object_or_404
@@ -117,17 +116,7 @@ def get_object(self, queryset=None):
return obj
def get_context_data(self, **kwargs):
- articleid = int(self.kwargs[self.pk_url_kwarg])
comment_form = CommentForm()
- user = self.request.user
- # 如果用户已经登录,则隐藏邮件和用户名输入框
- if user.is_authenticated and not user.is_anonymous and user.email and user.username:
- comment_form.fields.update({
- 'email': forms.CharField(widget=forms.HiddenInput()),
- 'name': forms.CharField(widget=forms.HiddenInput()),
- })
- comment_form.fields["email"].initial = user.email
- comment_form.fields["name"].initial = user.username
article_comments = self.object.comment_list()
diff --git a/comments/forms.py b/comments/forms.py
index 8f4a480a..e83737db 100644
--- a/comments/forms.py
+++ b/comments/forms.py
@@ -5,16 +5,6 @@
class CommentForm(ModelForm):
- url = forms.URLField(label='网址', required=False)
- email = forms.EmailField(label='电子邮箱', required=True)
- name = forms.CharField(
- label='姓名',
- widget=forms.TextInput(
- attrs={
- 'value': "",
- 'size': "30",
- 'maxlength': "245",
- 'aria-required': 'true'}))
parent_comment_id = forms.IntegerField(
widget=forms.HiddenInput, required=False)
diff --git a/comments/tests.py b/comments/tests.py
index 3b95550d..b9d9fdea 100644
--- a/comments/tests.py
+++ b/comments/tests.py
@@ -41,34 +41,32 @@ def test_validate_comment(self):
article.status = 'p'
article.save()
- commenturl = reverse(
+ comment_url = reverse(
'comments:postcomment', kwargs={
'article_id': article.id})
- response = self.client.post(commenturl,
+ response = self.client.post(comment_url,
{
'body': '123ffffffffff'
})
- self.assertEqual(response.status_code, 200)
+ self.assertEqual(response.status_code, 302)
article = Article.objects.get(pk=article.pk)
- self.assertEqual(len(article.comment_list()), 0)
+ self.assertEqual(len(article.comment_list()), 1)
- response = self.client.post(commenturl,
+ response = self.client.post(comment_url,
{
'body': '123ffffffffff',
- 'email': user.email,
- 'name': user.username
})
self.assertEqual(response.status_code, 302)
article = Article.objects.get(pk=article.pk)
- self.assertEqual(len(article.comment_list()), 1)
+ self.assertEqual(len(article.comment_list()), 2)
parent_comment_id = article.comment_list()[0].id
- response = self.client.post(commenturl,
+ response = self.client.post(comment_url,
{
'body': '''
# Title1
@@ -83,15 +81,13 @@ def test_validate_comment(self):
''',
- 'email': user.email,
- 'name': user.username,
'parent_comment_id': parent_comment_id
})
self.assertEqual(response.status_code, 302)
article = Article.objects.get(pk=article.pk)
- self.assertEqual(len(article.comment_list()), 2)
+ self.assertEqual(len(article.comment_list()), 3)
comment = Comment.objects.get(id=parent_comment_id)
tree = parse_commenttree(article.comment_list(), comment)
self.assertEqual(len(tree), 1)
diff --git a/comments/views.py b/comments/views.py
index 4484f5bf..241b60da 100644
--- a/comments/views.py
+++ b/comments/views.py
@@ -1,7 +1,7 @@
# Create your views here.
-from django import forms
-from django.contrib.auth import get_user_model
from django.http import HttpResponseRedirect
+from django.utils.decorators import method_decorator
+from django.views.decorators.csrf import csrf_protect
from django.views.generic.edit import FormView
from blog.models import Article
@@ -13,6 +13,10 @@ class CommentPostView(FormView):
form_class = CommentForm
template_name = 'blog/article_detail.html'
+ @method_decorator(csrf_protect)
+ def dispatch(self, *args, **kwargs):
+ return super(CommentPostView, self).dispatch(*args, **kwargs)
+
def get(self, request, *args, **kwargs):
article_id = self.kwargs['article_id']
@@ -23,16 +27,6 @@ def get(self, request, *args, **kwargs):
def form_invalid(self, form):
article_id = self.kwargs['article_id']
article = Article.objects.get(pk=article_id)
- u = self.request.user
-
- if self.request.user.is_authenticated:
- form.fields.update({
- 'email': forms.CharField(widget=forms.HiddenInput()),
- 'name': forms.CharField(widget=forms.HiddenInput()),
- })
- user = self.request.user
- form.fields["email"].initial = user.email
- form.fields["name"].initial = user.username
return self.render_to_response({
'form': form,
@@ -45,13 +39,7 @@ def form_valid(self, form):
article_id = self.kwargs['article_id']
article = Article.objects.get(pk=article_id)
- if not self.request.user.is_authenticated:
- email = form.cleaned_data['email']
- username = form.cleaned_data['name']
- user = get_user_model().objects.get_or_create(
- username=username, email=email)[0]
- # auth.login(self.request, user)
comment = form.save(False)
comment.article = article
diff --git a/templates/blog/tags/article_info.html b/templates/blog/tags/article_info.html
index 54883cec..5d1e437b 100644
--- a/templates/blog/tags/article_info.html
+++ b/templates/blog/tags/article_info.html
@@ -51,16 +51,16 @@
Read more
{% else %}
- {% get_markdown_toc article.body as markdown %}
- {% if article.show_toc %}
+ {% if article.show_toc %}
+ {% get_markdown_toc article.body as toc %}
目录:
- {{ markdown.0|safe }}
+ {{ toc|safe }}
{% endif %}
- {{ markdown.1|safe }}
+ {{ article.body|custom_markdown|escape }}
{% endif %}
diff --git a/templates/comments/tags/post_comment.html b/templates/comments/tags/post_comment.html
index 5064f44e..fa31ecd8 100644
--- a/templates/comments/tags/post_comment.html
+++ b/templates/comments/tags/post_comment.html
@@ -13,19 +13,6 @@
-
{{ form.parent_comment_id }}