[per-object-permissions] Update to trunk

git-svn-id: http://code.djangoproject.com/svn/django/branches/per-object-permissions@3464 bcc190cf-cafb-0310-a4f2-bffc1f526a37

django/bin/compile-messages.py

@@ -2,7 +2,6 @@
 
 import os
 import sys
-import getopt
 
 def compile_messages():
     basedir = None

django/bin/make-messages.py

@@ -1,5 +1,9 @@
 #!/usr/bin/env python
 
+# Need to ensure that the i18n framework is enabled
+from django.conf import settings
+settings.configure(USE_I18N = True)
+
 from django.utils.translation import templatize
 import re
 import os

django/conf/__init__.py

@@ -7,7 +7,6 @@ a list of all possible variables.
 """
 
 import os
-import sys
 from django.conf import global_settings
 
 ENVIRONMENT_VARIABLE = "DJANGO_SETTINGS_MODULE"

django/conf/global_settings.py

@@ -62,6 +62,7 @@ LANGUAGES = (
     ('sl', gettext_noop('Slovenian')),
     ('sr', gettext_noop('Serbian')),
     ('sv', gettext_noop('Swedish')),
+    ('ta', gettext_noop('Tamil')),
     ('uk', gettext_noop('Ukrainian')),
     ('zh-cn', gettext_noop('Simplified Chinese')),
     ('zh-tw', gettext_noop('Traditional Chinese')),

django/contrib/admin/filterspecs.py

@@ -123,7 +123,7 @@ class DateFieldFilterSpec(FilterSpec):
     def choices(self, cl):
         for title, param_dict in self.links:
             yield {'selected': self.date_params == param_dict,
-                   'query_string': cl.get_query_string(param_dict, self.field_generic),
+                   'query_string': cl.get_query_string(param_dict, [self.field_generic]),
                    'display': title}
 
 FilterSpec.register(lambda f: isinstance(f, models.DateField), DateFieldFilterSpec)

django/contrib/admin/templates/admin/base.html

@@ -20,13 +20,13 @@
         <div id="branding">
         {% block branding %}{% endblock %}
         </div>
-        {% if not user.is_anonymous %}{% if user.is_staff %}
+        {% if user.is_authenticated and user.is_staff %}
         <div id="user-tools">{% trans 'Welcome,' %} <strong>{% if user.first_name %}{{ user.first_name|escape }}{% else %}{{ user.username }}{% endif %}</strong>. {% block userlinks %}<a href="doc/">{% trans 'Documentation' %}</a> / <a href="password_change/">{% trans 'Change password' %}</a> / <a href="logout/">{% trans 'Log out' %}</a>{% endblock %}</div>
-        {% endif %}{% endif %}
+        {% endif %}
         {% block nav-global %}{% endblock %}
     </div>
     <!-- END Header -->
-    {% block breadcrumbs %}<div class="breadcrumbs"><a href="/">{% trans 'Home' %}</a>{% if title %} &rsaquo; {{ title }}{% endif %}</div>{% endblock %}
+    {% block breadcrumbs %}<div class="breadcrumbs"><a href="/">{% trans 'Home' %}</a>{% if title %} &rsaquo; {{ title|escape }}{% endif %}</div>{% endblock %}
     {% endif %}
 
         {% if messages %}
@@ -36,7 +36,7 @@
     <!-- Content -->
     <div id="content" class="{% block coltype %}colM{% endblock %}">
         {% block pretitle %}{% endblock %}
-        {% block content_title %}{% if title %}<h1>{{ title }}</h1>{% endif %}{% endblock %}
+        {% block content_title %}{% if title %}<h1>{{ title|escape }}</h1>{% endif %}{% endblock %}
         {% block content %}{{ content }}{% endblock %}
         {% block sidebar %}{% endblock %}
         <br class="clear" />

django/contrib/admin/templates/admin/base_site.html

@@ -1,7 +1,7 @@
 {% extends "admin/base.html" %}
 {% load i18n %}
 
-{% block title %}{{ title }} | {% trans 'Django site admin' %}{% endblock %}
+{% block title %}{{ title|escape }} | {% trans 'Django site admin' %}{% endblock %}
 
 {% block branding %}
 <h1 id="site-name">{% trans 'Django administration' %}</h1>

django/contrib/admin/templates/admin/change_form.html

@@ -11,8 +11,8 @@
 {% block breadcrumbs %}{% if not is_popup %}
 <div class="breadcrumbs">
      <a href="../../../">{% trans "Home" %}</a> &rsaquo;
-     <a href="../">{{ opts.verbose_name_plural|capfirst }}</a> &rsaquo;
+     <a href="../">{{ opts.verbose_name_plural|capfirst|escape }}</a> &rsaquo;
-     {% if add %}{% trans "Add" %} {{ opts.verbose_name }}{% else %}{{ original|truncatewords:"18"|escape }}{% endif %}
+     {% if add %}{% trans "Add" %} {{ opts.verbose_name|escape }}{% else %}{{ original|truncatewords:"18"|escape }}{% endif %}
 </div>
 {% endif %}{% endblock %}
 {% block content %}<div id="content-main">

django/contrib/admin/templates/admin/change_list.html

@@ -3,12 +3,12 @@
 {% block stylesheet %}{% admin_media_prefix %}css/changelists.css{% endblock %}
 {% block bodyclass %}change-list{% endblock %}
 {% block userlinks %}<a href="../../doc/">{% trans 'Documentation' %}</a> / <a href="../../password_change/">{% trans 'Change password' %}</a> / <a href="../../logout/">{% trans 'Log out' %}</a>{% endblock %}
-{% if not is_popup %}{% block breadcrumbs %}<div class="breadcrumbs"><a href="../../">{% trans "Home" %}</a> &rsaquo; {{ cl.opts.verbose_name_plural|capfirst }}</div>{% endblock %}{% endif %}
+{% if not is_popup %}{% block breadcrumbs %}<div class="breadcrumbs"><a href="../../">{% trans "Home" %}</a> &rsaquo; {{ cl.opts.verbose_name_plural|capfirst|escape }}</div>{% endblock %}{% endif %}
 {% block coltype %}flex{% endblock %}
 {% block content %}
 <div id="content-main">
 {% if has_add_permission %}
-<ul class="object-tools"><li><a href="add/{% if is_popup %}?_popup=1{% endif %}" class="addlink">{% blocktrans with cl.opts.verbose_name as name %}Add {{ name }}{% endblocktrans %}</a></li></ul>
+<ul class="object-tools"><li><a href="add/{% if is_popup %}?_popup=1{% endif %}" class="addlink">{% blocktrans with cl.opts.verbose_name|escape as name %}Add {{ name }}{% endblocktrans %}</a></li></ul>
 {% endif %}
 <div class="module{% if cl.has_filters %} filtered{% endif %}" id="changelist">
 {% block search %}{% search_form cl %}{% endblock %}

django/contrib/admin/templates/admin/date_hierarchy.html

@@ -1,9 +1,9 @@
 {% if show %}
 <div class="xfull">
 <ul class="toplinks">
-{% if back %}<li class="date-back"><a href="{{ back.link }}">&lsaquo; {{ back.title }}</a></li>{% endif %}
+{% if back %}<li class="date-back"><a href="{{ back.link }}">&lsaquo; {{ back.title|escape }}</a></li>{% endif %}
 {% for choice in choices %}
-<li> {% if choice.link %}<a href="{{ choice.link }}">{% endif %}{{ choice.title }}{% if choice.link %}</a>{% endif %}</li>
+<li> {% if choice.link %}<a href="{{ choice.link }}">{% endif %}{{ choice.title|escape }}{% if choice.link %}</a>{% endif %}</li>
 {% endfor %}
 </ul><br class="clear" />
 </div>

django/contrib/admin/templates/admin/delete_confirmation.html

@@ -4,21 +4,21 @@
 {% block breadcrumbs %}
 <div class="breadcrumbs">
      <a href="../../../../">{% trans "Home" %}</a> &rsaquo;
-     <a href="../../">{{ opts.verbose_name_plural|capfirst }}</a> &rsaquo;
+     <a href="../../">{{ opts.verbose_name_plural|capfirst|escape }}</a> &rsaquo;
-     <a href="../">{{ object|striptags|truncatewords:"18" }}</a> &rsaquo;
+     <a href="../">{{ object|escape|truncatewords:"18" }}</a> &rsaquo;
      {% trans 'Delete' %}
 </div>
 {% endblock %}
 {% block content %}
 {% if perms_lacking %}
-    <p>{% blocktrans %}Deleting the {{ object_name }} '{{ object }}' would result in deleting related objects, but your account doesn't have permission to delete the following types of objects:{% endblocktrans %}</p>
+    <p>{% blocktrans with object|escape as escaped_object %}Deleting the {{ object_name }} '{{ escaped_object }}' would result in deleting related objects, but your account doesn't have permission to delete the following types of objects:{% endblocktrans %}</p>
     <ul>
     {% for obj in perms_lacking %}
-        <li>{{ obj }}</li>
+        <li>{{ obj|escape }}</li>
     {% endfor %}
     </ul>
 {% else %}
-    <p>{% blocktrans %}Are you sure you want to delete the {{ object_name }} "{{ object }}"? All of the following related items will be deleted:{% endblocktrans %}</p>
+    <p>{% blocktrans with object|escape as escaped_object %}Are you sure you want to delete the {{ object_name }} "{{ escaped_object }}"? All of the following related items will be deleted:{% endblocktrans %}</p>
     <ul>{{ deleted_objects|unordered_list }}</ul>
     <form action="" method="post">
     <div>

django/contrib/admin/templates/admin/edit_inline_stacked.html

@@ -1,7 +1,7 @@
 {% load admin_modify %}
 <fieldset class="module aligned">
    {% for fcw in bound_related_object.form_field_collection_wrappers %}
-      <h2>{{ bound_related_object.relation.opts.verbose_name|capfirst }}&nbsp;#{{ forloop.counter }}</h2>
+      <h2>{{ bound_related_object.relation.opts.verbose_name|capfirst|escape }}&nbsp;#{{ forloop.counter }}</h2>
       {% if bound_related_object.show_url %}{% if fcw.obj.original %}
       <p><a href="/r/{{ fcw.obj.original.content_type_id }}/{{ fcw.obj.original.id }}/">View on site</a></p>
       {% endif %}{% endif %}

django/contrib/admin/templates/admin/edit_inline_tabular.html

@@ -1,10 +1,10 @@
 {% load admin_modify %}
 <fieldset class="module">
-   <h2>{{ bound_related_object.relation.opts.verbose_name_plural|capfirst }}</h2><table>
+   <h2>{{ bound_related_object.relation.opts.verbose_name_plural|capfirst|escape }}</h2><table>
    <thead><tr>
    {% for fw in bound_related_object.field_wrapper_list %}
       {% if fw.needs_header %}
-         <th{{ fw.header_class_attribute }}>{{ fw.field.verbose_name|capfirst }}</th>
+         <th{{ fw.header_class_attribute }}>{{ fw.field.verbose_name|capfirst|escape }}</th>
       {% endif %}
    {% endfor %}
    {% for fcw in bound_related_object.form_field_collection_wrappers %}

django/contrib/admin/templates/admin/filter.html

@@ -1,5 +1,5 @@
 {% load i18n %}
-<h3>{% blocktrans %} By {{ title }} {% endblocktrans %}</h3>
+<h3>{% blocktrans with title|escape as filter_title %} By {{ filter_title }} {% endblocktrans %}</h3>
 <ul>
 {% for choice in choices %}
     <li{% if choice.selected %} class="selected"{% endif %}>

django/contrib/admin/templates/admin/index.html

@@ -19,9 +19,9 @@
         {% for model in app.models %}
             <tr>
             {% if model.perms.change %}
-                <th scope="row"><a href="{{ model.admin_url }}">{{ model.name }}</a></th>
+                <th scope="row"><a href="{{ model.admin_url }}">{{ model.name|escape }}</a></th>
             {% else %}
-                <th scope="row">{{ model.name }}</th>
+                <th scope="row">{{ model.name|escape }}</th>
             {% endif %}
 
             {% if model.perms.add %}
@@ -58,7 +58,7 @@
             {% else %}
             <ul class="actionlist">
             {% for entry in admin_log %}
-                <li class="{% if entry.is_addition %}addlink{% endif %}{% if entry.is_change %}changelink{% endif %}{% if entry.is_deletion %}deletelink{% endif %}">{% if not entry.is_deletion %}<a href="{{ entry.get_admin_url }}">{% endif %}{{ entry.object_repr|escape }}{% if not entry.is_deletion %}</a>{% endif %}<br /><span class="mini quiet">{{ entry.content_type.name|capfirst }}</span></li>
+                <li class="{% if entry.is_addition %}addlink{% endif %}{% if entry.is_change %}changelink{% endif %}{% if entry.is_deletion %}deletelink{% endif %}">{% if not entry.is_deletion %}<a href="{{ entry.get_admin_url }}">{% endif %}{{ entry.object_repr|escape }}{% if not entry.is_deletion %}</a>{% endif %}<br /><span class="mini quiet">{{ entry.content_type.name|capfirst|escape }}</span></li>
             {% endfor %}
             </ul>
             {% endif %}

django/contrib/admin/templates/admin/invalid_setup.html

@@ -1,7 +1,7 @@
 {% extends "admin/base_site.html" %}
 {% load i18n %}
 
-{% block breadcrumbs %}<div class="breadcrumbs"><a href="../../">{% trans 'Home' %}</a> &rsaquo; {{ title }}</div>{% endblock %}
+{% block breadcrumbs %}<div class="breadcrumbs"><a href="../../">{% trans 'Home' %}</a> &rsaquo; {{ title|escape }}</div>{% endblock %}
 
 {% block content %}
 

django/contrib/admin/templates/admin/object_history.html

@@ -2,7 +2,7 @@
 {% load i18n %}
 {% block userlinks %}<a href="../../../../doc/">{% trans 'Documentation' %}</a> / <a href="../../../../password_change/">{% trans 'Change password' %}</a> / <a href="../../../../logout/">{% trans 'Log out' %}</a>{% endblock %}
 {% block breadcrumbs %}
-<div class="breadcrumbs"><a href="../../../../">{% trans 'Home' %}</a> &rsaquo; <a href="../../">{{ module_name }}</a> &rsaquo; <a href="../">{{ object|truncatewords:"18" }}</a> &rsaquo; {% trans 'History' %}</div>
+<div class="breadcrumbs"><a href="../../../../">{% trans 'Home' %}</a> &rsaquo; <a href="../../">{{ module_name|escape }}</a> &rsaquo; <a href="../">{{ object|escape|truncatewords:"18" }}</a> &rsaquo; {% trans 'History' %}</div>
 {% endblock %}
 
 {% block content %}

django/contrib/admin/templates/admin/pagination.html

@@ -6,6 +6,6 @@
     {% paginator_number cl i %}
 {% endfor %}
 {% endif %}
-{{ cl.result_count }} {% ifequal cl.result_count 1 %}{{ cl.opts.verbose_name }}{% else %}{{ cl.opts.verbose_name_plural }}{% endifequal %}
+{{ cl.result_count }} {% ifequal cl.result_count 1 %}{{ cl.opts.verbose_name|escape }}{% else %}{{ cl.opts.verbose_name_plural|escape }}{% endifequal %}
 {% if show_all_url %}&nbsp;&nbsp;<a href="{{ show_all_url }}" class="showall">{% trans 'Show all' %}</a>{% endif %}
 </p>

django/contrib/admin/templates/admin_doc/model_detail.html

@@ -9,13 +9,13 @@
 </style>
 {% endblock %}
 
-{% block breadcrumbs %}<div class="breadcrumbs"><a href="../../../">Home</a> &rsaquo; <a href="../../">Documentation</a> &rsaquo; <a href="../">Models</a> &rsaquo; {{ name }}</div>{% endblock %}
+{% block breadcrumbs %}<div class="breadcrumbs"><a href="../../../">Home</a> &rsaquo; <a href="../../">Documentation</a> &rsaquo; <a href="../">Models</a> &rsaquo; {{ name|escape }}</div>{% endblock %}
 
-{% block title %}Model: {{ name }}{% endblock %}
+{% block title %}Model: {{ name|escape }}{% endblock %}
 
 {% block content %}
 <div id="content-main">
-<h1>{{ summary }}</h1>
+<h1>{{ summary|escape }}</h1>
 
 {% if description %}
   <p>{% filter escape|linebreaksbr %}{% trans description %}{% endfilter %}</p>
@@ -35,7 +35,7 @@
 <tr>
     <td>{{ field.name }}</td>
     <td>{{ field.data_type }}</td>
-    <td>{% if field.verbose %}{{ field.verbose }}{% endif %}{% if field.help_text %} - {{ field.help_text }}{% endif %}</td>
+    <td>{% if field.verbose %}{{ field.verbose|escape }}{% endif %}{% if field.help_text %} - {{ field.help_text|escape }}{% endif %}</td>
 </tr>
 {% endfor %}
 </tbody>

django/contrib/admin/templates/admin_doc/template_detail.html

@@ -1,19 +1,19 @@
 {% extends "admin/base_site.html" %}
 {% load i18n %}
-{% block breadcrumbs %}<div class="breadcrumbs"><a href="../../../">Home</a> &rsaquo; <a href="../../">Documentation</a> &rsaquo; Templates &rsaquo; {{ name }}</div>{% endblock %}
+{% block breadcrumbs %}<div class="breadcrumbs"><a href="../../../">Home</a> &rsaquo; <a href="../../">Documentation</a> &rsaquo; Templates &rsaquo; {{ name|escape }}</div>{% endblock %}
 {% block userlinks %}<a href="../../../password_change/">{% trans 'Change password' %}</a> / <a href="../../../logout/">{% trans 'Log out' %}</a>{% endblock %}
 
-{% block title %}Template: {{ name }}{% endblock %}
+{% block title %}Template: {{ name|escape }}{% endblock %}
 
 {% block content %}
-<h1>Template: "{{ name }}"</h1>
+<h1>Template: "{{ name|escape }}"</h1>
 
 {% regroup templates|dictsort:"site_id" by site as templates_by_site %}
 {% for group in templates_by_site %}
-    <h2>Search path for template "{{ name }}" on {{ group.grouper }}:</h2>
+    <h2>Search path for template "{{ name|escape }}" on {{ group.grouper }}:</h2>
     <ol>
     {% for template in group.list|dictsort:"order" %}
-        <li><code>{{ template.file }}</code>{% if not template.exists %} <em>(does not exist)</em>{% endif %}</li>
+        <li><code>{{ template.file|escape }}</code>{% if not template.exists %} <em>(does not exist)</em>{% endif %}</li>
     {% endfor %}
     </ol>
 {% endfor %}

django/contrib/admin/templates/admin_doc/view_detail.html

@@ -8,7 +8,7 @@
 
 <h1>{{ name }}</h1>
 
-<h2 class="subhead">{{ summary }}</h2>
+<h2 class="subhead">{{ summary|escape }}</h2>
 
 <p>{{ body }}</p>
 

django/contrib/admin/templates/widget/file.html

@@ -1,4 +1,4 @@
 {% load admin_modify i18n %}{% if bound_field.original_value %}
-{% trans "Currently:" %} <a href="{{ bound_field.original_url }}" > {{ bound_field.original_value }} </a><br />
+{% trans "Currently:" %} <a href="{{ bound_field.original_url }}" > {{ bound_field.original_value|escape }} </a><br />
 {% trans "Change:" %}{% output_all bound_field.form_fields %}
 {% else %} {% output_all bound_field.form_fields %} {% endif %}

django/contrib/admin/templates/widget/foreign.html

@@ -15,6 +15,6 @@
         {{ bound_field.original_value }}
     {% endif %}
     {% if bound_field.raw_id_admin %}
-        {% if bound_field.existing_display %}&nbsp;<strong>{{ bound_field.existing_display|truncatewords:"14" }}</strong>{% endif %}
+        {% if bound_field.existing_display %}&nbsp;<strong>{{ bound_field.existing_display|truncatewords:"14"|escape }}</strong>{% endif %}
     {% endif %}
 {% endif %}

django/contrib/admin/templates/widget/one_to_one.html

@@ -1,2 +1,2 @@
 {% if add %}{% include "widget/foreign.html" %}{% endif %}
-{% if change %}{% if bound_field.existing_display %}&nbsp;<strong>{{ bound_field.existing_display|truncatewords:"14" }}</strong>{% endif %}{% endif %}
+{% if change %}{% if bound_field.existing_display %}&nbsp;<strong>{{ bound_field.existing_display|truncatewords:"14"|escape }}</strong>{% endif %}{% endif %}

django/contrib/admin/templatetags/admin_list.py

@@ -1,8 +1,6 @@
-from django import template
 from django.conf import settings
-from django.contrib.admin.views.main import MAX_SHOW_ALL_ALLOWED, ALL_VAR
+from django.contrib.admin.views.main import ALL_VAR, EMPTY_CHANGELIST_VALUE
 from django.contrib.admin.views.main import ORDER_VAR, ORDER_TYPE_VAR, PAGE_VAR, SEARCH_VAR
-from django.contrib.admin.views.main import IS_POPUP_VAR, EMPTY_CHANGELIST_VALUE
 from django.core.exceptions import ObjectDoesNotExist
 from django.db import models
 from django.utils import dateformat
@@ -119,7 +117,7 @@ def items_for_result(cl, result):
                 if callable(attr):
                     attr = attr()
                 result_repr = str(attr)
-            except AttributeError, ObjectDoesNotExist:
+            except (AttributeError, ObjectDoesNotExist):
                 result_repr = EMPTY_CHANGELIST_VALUE
             else:
                 # Strip HTML tags in the resulting text, except if the
@@ -167,11 +165,12 @@ def items_for_result(cl, result):
             result_repr = ' '
         # If list_display_links not defined, add the link tag to the first field
         if (first and not cl.lookup_opts.admin.list_display_links) or field_name in cl.lookup_opts.admin.list_display_links: 
+            table_tag = {True:'th', False:'td'}[first]
             first = False
             url = cl.url_for_result(result)
             result_id = str(getattr(result, pk)) # str() is needed in case of 23L (long ints)
-            yield ('<th%s><a href="%s"%s>%s</a></th>' % \
+            yield ('<%s%s><a href="%s"%s>%s</a></%s>' % \
-                (row_class, url, (cl.is_popup and ' onclick="opener.dismissRelatedLookupPopup(window, %r); return false;"' % result_id or ''), result_repr))
+                (table_tag, row_class, url, (cl.is_popup and ' onclick="opener.dismissRelatedLookupPopup(window, %r); return false;"' % result_id or ''), result_repr, table_tag))
         else:
             yield ('<td%s>%s</td>' % (row_class, result_repr))
 

django/contrib/admin/templatetags/admin_modify.py

@@ -1,9 +1,7 @@
 from django import template
 from django.contrib.admin.views.main import AdminBoundField
 from django.template import loader
-from django.utils.html import escape
 from django.utils.text import capfirst
-from django.utils.functional import curry
 from django.db import models
 from django.db.models.fields import Field
 from django.db.models.related import BoundRelatedObject

django/contrib/admin/utils.py

@@ -3,7 +3,6 @@
 import re
 from email.Parser import HeaderParser
 from email.Errors import HeaderParseError
-from urlparse import urljoin
 try:
     import docutils.core
     import docutils.nodes

django/contrib/admin/views/decorators.py

@@ -46,7 +46,7 @@ def staff_member_required(view_func):
     member, displaying the login page if necessary.
     """
     def _checklogin(request, *args, **kwargs):
-        if not request.user.is_anonymous() and request.user.is_staff:
+        if request.user.is_authenticated() and request.user.is_staff:
             # The user is valid. Continue to the admin page.
             if request.POST.has_key('post_data'):
                 # User must have re-authenticated through a different window

django/contrib/admin/views/doc.py

@@ -28,7 +28,7 @@ def bookmarklets(request):
     # Hack! This couples this view to the URL it lives at.
     admin_root = request.path[:-len('doc/bookmarklets/')]
     return render_to_response('admin_doc/bookmarklets.html', {
-        'admin_url': "%s://%s%s" % (os.environ.get('HTTPS') == 'on' and 'https' or 'http', get_host(request), admin_root),
+        'admin_url': "%s://%s%s" % (request.is_secure() and 'https' or 'http', get_host(request), admin_root),
     }, context_instance=RequestContext(request))
 bookmarklets = staff_member_required(bookmarklets)
 

django/contrib/admin/views/main.py

@@ -10,9 +10,6 @@ from django.shortcuts import get_object_or_404, render_to_response
 from django.db import models
 from django.db.models.query import handle_legacy_orderlist, QuerySet
 from django.http import Http404, HttpResponse, HttpResponseRedirect
-from django.template import loader
-from django.utils import dateformat
-from django.utils.dates import MONTHS
 from django.utils.html import escape
 from django.utils.text import capfirst, get_text_list
 import operator

django/contrib/admin/views/template.py

@@ -22,7 +22,7 @@ def template_validator(request):
         new_data = request.POST.copy()
         errors = manipulator.get_validation_errors(new_data)
         if not errors:
-            request.user.add_message('The template is valid.')
+            request.user.message_set.create(message='The template is valid.')
     return render_to_response('admin/template_validator.html', {
         'title': 'Template validator',
         'form': forms.FormWrapper(manipulator, new_data, errors),
@@ -32,7 +32,7 @@ template_validator = staff_member_required(template_validator)
 class TemplateValidator(forms.Manipulator):
     def __init__(self, settings_modules):
         self.settings_modules = settings_modules
-        site_list = Site.objects.get_in_bulk(settings_modules.keys()).values()
+        site_list = Site.objects.in_bulk(settings_modules.keys()).values()
         self.fields = (
             forms.SelectField('site', is_required=True, choices=[(s.id, s.name) for s in site_list]),
             forms.LargeTextField('template', is_required=True, rows=25, validator_list=[self.isValidTemplate]),

django/contrib/auth/__init__.py

@@ -38,7 +38,7 @@ def authenticate(**credentials):
         if user is None:
             continue
         # Annotate the user object with the path of the backend.
-        user.backend = str(backend.__class__)
+        user.backend = "%s.%s" % (backend.__module__, backend.__class__.__name__)
         return user
 
 def login(request, user):
@@ -56,8 +56,14 @@ def logout(request):
     """
     Remove the authenticated user's ID from the request.
     """
+    try:
         del request.session[SESSION_KEY]
+    except KeyError:
+        pass
+    try:
         del request.session[BACKEND_SESSION_KEY]
+    except KeyError:
+        pass
 
 def get_user(request):
     from django.contrib.auth.models import AnonymousUser

django/contrib/auth/backends.py

@@ -1,4 +1,4 @@
-from django.contrib.auth.models import User, check_password
+from django.contrib.auth.models import User
 
 class ModelBackend:
     """

django/contrib/auth/decorators.py

@@ -13,11 +13,14 @@ def user_passes_test(test_func, login_url=LOGIN_URL):
             if test_func(request.user):
                 return view_func(request, *args, **kwargs)
             return HttpResponseRedirect('%s?%s=%s' % (login_url, REDIRECT_FIELD_NAME, quote(request.get_full_path())))
+        _checklogin.__doc__ = view_func.__doc__
+        _checklogin.__dict__ = view_func.__dict__
+        _checklogin.__name__ = view_func.__name__
 
         return _checklogin
     return _dec
 
-login_required = user_passes_test(lambda u: not u.is_anonymous())
+login_required = user_passes_test(lambda u: u.is_authenticated())
 login_required.__doc__ = (
     """
     Decorator for views that checks that the user is logged in, redirecting

django/contrib/auth/forms.py

@@ -61,7 +61,7 @@ class PasswordResetForm(forms.Manipulator):
         except User.DoesNotExist:
             raise validators.ValidationError, "That e-mail address doesn't have an associated user acount. Are you sure you've registered?"
 
-    def save(self, domain_override=None):
+    def save(self, domain_override=None, email_template_name='registration/password_reset_email.html'):
         "Calculates a new password randomly and sends it to the user"
         from django.core.mail import send_mail
         new_pass = User.objects.make_random_password()
@@ -73,7 +73,7 @@ class PasswordResetForm(forms.Manipulator):
             domain = current_site.domain
         else:
             site_name = domain = domain_override
-        t = loader.get_template('registration/password_reset_email.html')
+        t = loader.get_template(email_template_name)
         c = {
             'new_password': new_pass,
             'email': self.user_cache.email,

django/contrib/auth/models.py

@@ -1,4 +1,5 @@
 from django.core import validators
+from django.core.exceptions import ImproperlyConfigured
 from django.db import backend, connection, models
 from django.contrib.contenttypes.models import ContentType
 from django.utils.translation import gettext_lazy as _
@@ -184,6 +185,11 @@ class User(models.Model):
         "Always returns False. This is a way of comparing User objects to anonymous users."
         return False
     
+    def is_authenticated(self):
+        """Always return True. This is a way to tell if the user has been authenticated in templates.
+        """
+        return True
+
     def get_full_name(self):
         "Returns the first_name plus the last_name, with a space in between."
         full_name = '%s %s' % (self.first_name, self.last_name)
@@ -351,3 +357,6 @@ class AnonymousUser(object):
 
     def is_anonymous(self):
         return True
+    
+    def is_authenticated(self):
+        return False

django/contrib/auth/views.py

@@ -4,7 +4,7 @@ from django import forms
 from django.shortcuts import render_to_response
 from django.template import RequestContext
 from django.contrib.sites.models import Site
-from django.http import HttpResponse, HttpResponseRedirect
+from django.http import HttpResponseRedirect
 from django.contrib.auth.decorators import login_required
 from django.contrib.auth import LOGIN_URL, REDIRECT_FIELD_NAME
 
@@ -34,9 +34,8 @@ def login(request, template_name='registration/login.html'):
 def logout(request, next_page=None, template_name='registration/logged_out.html'):
     "Logs out the user and displays 'You are logged out' message."
     from django.contrib.auth import logout
-    try:
     logout(request)
-    except KeyError:
+    if next_page is None:
         return render_to_response(template_name, {'title': _('Logged out')}, context_instance=RequestContext(request))
     else:
         # Redirect to this page until the session has been cleared.
@@ -50,7 +49,8 @@ def redirect_to_login(next, login_url=LOGIN_URL):
     "Redirects the user to the login page, passing the given 'next' page"
     return HttpResponseRedirect('%s?%s=%s' % (login_url, REDIRECT_FIELD_NAME, next))
 
-def password_reset(request, is_admin_site=False, template_name='registration/password_reset_form.html'):
+def password_reset(request, is_admin_site=False, template_name='registration/password_reset_form.html',
+        email_template_name='registration/password_reset_email.html'):
     new_data, errors = {}, {}
     form = PasswordResetForm()
     if request.POST:
@@ -58,9 +58,9 @@ def password_reset(request, is_admin_site=False, template_name='registration/pas
         errors = form.get_validation_errors(new_data)
         if not errors:
             if is_admin_site:
-                form.save(request.META['HTTP_HOST'])
+                form.save(domain_override=request.META['HTTP_HOST'])
             else:
-                form.save()
+                form.save(email_template_name=email_template_name)
             return HttpResponseRedirect('%sdone/' % request.path)
     return render_to_response(template_name, {'form': forms.FormWrapper(form, new_data, errors)},
         context_instance=RequestContext(request))

django/contrib/comments/feeds.py

@@ -1,7 +1,6 @@
 from django.conf import settings
 from django.contrib.comments.models import Comment, FreeComment
 from django.contrib.syndication.feeds import Feed
-from django.core.exceptions import ObjectDoesNotExist
 from django.contrib.sites.models import Site
 
 class LatestFreeCommentsFeed(Feed):
@@ -37,6 +36,6 @@ class LatestCommentsFeed(LatestFreeCommentsFeed):
         qs = qs.filter(is_removed=False)
         if settings.COMMENTS_BANNED_USERS_GROUP:
             where = ['user_id NOT IN (SELECT user_id FROM auth_users_group WHERE group_id = %s)']
-            params = [COMMENTS_BANNED_USERS_GROUP]
+            params = [settings.COMMENTS_BANNED_USERS_GROUP]
             qs = qs.extra(where=where, params=params)
         return qs

django/contrib/comments/templates/comments/form.html

@@ -2,10 +2,10 @@
 {% if display_form %}
 <form {% if photos_optional or photos_required %}enctype="multipart/form-data" {% endif %}action="/comments/post/" method="post">
 
-{% if user.is_anonymous %}
+{% if user.is_authenticated %}
-<p><label for="id_username">{% trans "Username:" %}</label> <input type="text" name="username" id="id_username" /><br />{% trans "Password:" %} <input type="password" name="password" id="id_password" /> (<a href="/accounts/password_reset/">{% trans "Forgotten your password?" %}</a>)</p>
-{% else %}
 <p>{% trans "Username:" %} <strong>{{ user.username }}</strong> (<a href="/accounts/logout/">{% trans "Log out" %}</a>)</p>
+{% else %}
+<p><label for="id_username">{% trans "Username:" %}</label> <input type="text" name="username" id="id_username" /><br />{% trans "Password:" %} <input type="password" name="password" id="id_password" /> (<a href="/accounts/password_reset/">{% trans "Forgotten your password?" %}</a>)</p>
 {% endif %}
 
 {% if ratings_optional or ratings_required %}

django/contrib/comments/templatetags/comments.py

@@ -114,7 +114,7 @@ class CommentListNode(template.Node):
         comment_list = get_list_function(**kwargs).order_by(self.ordering + 'submit_date').select_related()
 
         if not self.free:
-            if context.has_key('user') and not context['user'].is_anonymous():
+            if context.has_key('user') and context['user'].is_authenticated():
                 user_id = context['user'].id
                 context['user_can_moderate_comments'] = Comment.objects.user_is_moderator(context['user'])
             else:

django/contrib/comments/views/comments.py

@@ -5,7 +5,7 @@ from django.http import Http404
 from django.core.exceptions import ObjectDoesNotExist
 from django.shortcuts import render_to_response
 from django.template import RequestContext
-from django.contrib.comments.models import Comment, FreeComment, PHOTOS_REQUIRED, PHOTOS_OPTIONAL, RATINGS_REQUIRED, RATINGS_OPTIONAL, IS_PUBLIC
+from django.contrib.comments.models import Comment, FreeComment, RATINGS_REQUIRED, RATINGS_OPTIONAL, IS_PUBLIC
 from django.contrib.contenttypes.models import ContentType
 from django.contrib.auth.forms import AuthenticationForm
 from django.http import HttpResponseRedirect
@@ -63,7 +63,7 @@ class PublicCommentManipulator(AuthenticationForm):
                 validator_list=get_validator_list(8),
             ),
         ])
-        if not user.is_anonymous():
+        if user.is_authenticated():
             self["username"].is_required = False
             self["username"].validator_list = []
             self["password"].is_required = False

django/contrib/comments/views/karma.py

@@ -15,7 +15,7 @@ def vote(request, comment_id, vote):
     rating = {'up': 1, 'down': -1}.get(vote, False)
     if not rating:
         raise Http404, "Invalid vote"
-    if request.user.is_anonymous():
+    if not request.user.is_authenticated():
         raise Http404, _("Anonymous users cannot vote")
     try:
         comment = Comment.objects.get(pk=comment_id)

django/contrib/flatpages/views.py

@@ -22,7 +22,7 @@ def flatpage(request, url):
     f = get_object_or_404(FlatPage, url__exact=url, sites__id__exact=settings.SITE_ID)
     # If registration is required for accessing this page, and the user isn't
     # logged in, redirect to the login page.
-    if f.registration_required and request.user.is_anonymous():
+    if f.registration_required and not request.user.is_authenticated():
         from django.contrib.auth.views import redirect_to_login
         return redirect_to_login(request.path)
     if f.template_name:

django/contrib/sessions/models.py

@@ -32,11 +32,21 @@ class SessionManager(models.Manager):
         return s
 
 class Session(models.Model):
-    """Django provides full support for anonymous sessions. The session framework lets you store and retrieve arbitrary data on a per-site-visitor basis. It stores data on the server side and abstracts the sending and receiving of cookies. Cookies contain a session ID -- not the data itself.
+    """
+    Django provides full support for anonymous sessions. The session
+    framework lets you store and retrieve arbitrary data on a
+    per-site-visitor basis. It stores data on the server side and
+    abstracts the sending and receiving of cookies. Cookies contain a
+    session ID -- not the data itself.
 
-    The Django sessions framework is entirely cookie-based. It does not fall back to putting session IDs in URLs. This is an intentional design decision. Not only does that behavior make URLs ugly, it makes your site vulnerable to session-ID theft via the "Referer" header.
+    The Django sessions framework is entirely cookie-based. It does
+    not fall back to putting session IDs in URLs. This is an intentional
+    design decision. Not only does that behavior make URLs ugly, it makes
+    your site vulnerable to session-ID theft via the "Referer" header.
 
-    For complete documentation on using Sessions in your code, consult the sessions documentation that is shipped with Django (also available on the Django website).
+    For complete documentation on using Sessions in your code, consult
+    the sessions documentation that is shipped with Django (also available
+    on the Django website).
     """
     session_key = models.CharField(_('session key'), maxlength=40, primary_key=True)
     session_data = models.TextField(_('session data'))

django/contrib/syndication/feeds.py

@@ -73,7 +73,7 @@ class Feed(object):
             link = link,
             description = self.__get_dynamic_attr('description', obj),
             language = settings.LANGUAGE_CODE.decode(),
-            feed_url = add_domain(current_site, self.feed_url),
+            feed_url = add_domain(current_site, self.__get_dynamic_attr('feed_url', obj)),
             author_name = self.__get_dynamic_attr('author_name', obj),
             author_link = self.__get_dynamic_attr('author_link', obj),
             author_email = self.__get_dynamic_attr('author_email', obj),

django/core/cache/backends/db.py

@@ -1,7 +1,7 @@
 "Database cache backend."
 
 from django.core.cache.backends.base import BaseCache
-from django.db import connection, transaction
+from django.db import connection, transaction, DatabaseError
 import base64, time
 from datetime import datetime
 try:

django/core/cache/backends/locmem.py

@@ -3,10 +3,6 @@
 from django.core.cache.backends.simple import CacheClass as SimpleCacheClass
 from django.utils.synch import RWLock
 import copy, time
-try:
-    import cPickle as pickle
-except ImportError:
-    import pickle
 
 class CacheClass(SimpleCacheClass):
     def __init__(self, host, params):

django/core/handlers/base.py

@@ -119,7 +119,6 @@ class BaseHandler(object):
         Returns an HttpResponse that displays a PUBLIC error message for a
         fundamental error.
         """
-        from django.core import urlresolvers
         callback, param_dict = resolver.resolve500()
         return callback(request, **param_dict)
 

django/core/handlers/modpython.py

@@ -23,6 +23,9 @@ class ModPythonRequest(http.HttpRequest):
     def get_full_path(self):
         return '%s%s' % (self.path, self._req.args and ('?' + self._req.args) or '')
 
+    def is_secure(self):
+        return self._req.subprocess_env.has_key('HTTPS') and self._req.subprocess_env['HTTPS'] == 'on'
+
     def _load_post_and_files(self):
         "Populates self._post and self._files"
         if self._req.headers_in.has_key('content-type') and self._req.headers_in['content-type'].startswith('multipart'):
@@ -145,7 +148,6 @@ class ModPythonHandler(BaseHandler):
 
 def populate_apache_request(http_response, mod_python_req):
     "Populates the mod_python request object with an HttpResponse"
-    from django.conf import settings
     mod_python_req.content_type = http_response['Content-Type']
     for key, value in http_response.headers.items():
         if key != 'Content-Type':

django/core/handlers/wsgi.py

@@ -58,14 +58,16 @@ class WSGIRequest(http.HttpRequest):
         self.method = environ['REQUEST_METHOD'].upper()
 
     def __repr__(self):
-        from pprint import pformat
+        return '<WSGIRequest\nGET:%s,\nPOST:%s,\nCOOKIES:%s,\nMETA:%s>' % \
-        return '<DjangoRequest\nGET:%s,\nPOST:%s,\nCOOKIES:%s,\nMETA:%s>' % \
             (pformat(self.GET), pformat(self.POST), pformat(self.COOKIES),
             pformat(self.META))
 
     def get_full_path(self):
         return '%s%s' % (self.path, self.environ.get('QUERY_STRING', '') and ('?' + self.environ.get('QUERY_STRING', '')) or '')
 
+    def is_secure(self):
+        return self.environ.has_key('HTTPS') and self.environ['HTTPS'] == 'on'
+
     def _load_post_and_files(self):
         # Populates self._post and self._files
         if self.method == 'POST':

django/core/management.py

@@ -45,8 +45,8 @@ def disable_termcolors():
     global style
     style = dummy()
 
-# Disable terminal coloring on Windows or if somebody's piping the output.
+# Disable terminal coloring on Windows, Pocket PC, or if somebody's piping the output.
-if sys.platform == 'win32' or not sys.stdout.isatty():
+if sys.platform == 'win32' or sys.platform == 'Pocket PC' or not sys.stdout.isatty():
     disable_termcolors()
 
 def _is_valid_dir_name(s):
@@ -78,7 +78,7 @@ def get_version():
     from django import VERSION
     v = '.'.join([str(i) for i in VERSION[:-1]])
     if VERSION[-1]:
-        v += ' (%s)' % VERSION[-1]
+        v += '-' + VERSION[-1]
     return v
 
 def get_sql_create(app):
@@ -95,44 +95,39 @@ def get_sql_create(app):
         sys.exit(1)
 
     # Get installed models, so we generate REFERENCES right
-    installed_models = _get_installed_models(_get_table_list())
-
     final_output = []
-    models_output = set(installed_models)
+    known_models = set(_get_installed_models(_get_table_list()))
     pending_references = {}
 
     app_models = models.get_models(app)
 
-    for klass in app_models:
+    for model in app_models:
-        output, references = _get_sql_model_create(klass, models_output)
+        output, references = _get_sql_model_create(model, known_models)
         final_output.extend(output)
         for refto, refs in references.items():
-            try:
+            pending_references.setdefault(refto,[]).extend(refs)
-                pending_references[refto].extend(refs)
+        final_output.extend(_get_sql_for_pending_references(model, pending_references))
-            except KeyError:
-                pending_references[refto] = refs
-        final_output.extend(_get_sql_for_pending_references(klass, pending_references))
         # Keep track of the fact that we've created the table for this model.
-        models_output.add(klass)
+        known_models.add(model)
 
     # Create the many-to-many join tables.
-    for klass in app_models:
+    for model in app_models:
-        final_output.extend(_get_many_to_many_sql_for_model(klass))
+        final_output.extend(_get_many_to_many_sql_for_model(model))
 
     # Handle references to tables that are from other apps
     # but don't exist physically
     not_installed_models = set(pending_references.keys())
     if not_installed_models:
         final_output.append('-- The following references should be added but depend on non-existant tables:')
-        for klass in not_installed_models:
+        for model in not_installed_models:
             final_output.extend(['-- ' + sql for sql in
-                _get_sql_for_pending_references(klass, pending_references)])
+                _get_sql_for_pending_references(model, pending_references)])
 
     return final_output
 get_sql_create.help_doc = "Prints the CREATE TABLE SQL statements for the given app name(s)."
 get_sql_create.args = APP_ARGS
 
-def _get_sql_model_create(klass, models_already_seen=set()):
+def _get_sql_model_create(model, known_models=set()):
     """
     Get the SQL required to create a single model.
 
@@ -141,7 +136,7 @@ def _get_sql_model_create(klass, models_already_seen=set()):
     from django.db import backend, get_creation_module, models
     data_types = get_creation_module().DATA_TYPES
 
-    opts = klass._meta
+    opts = model._meta
     final_output = []
     table_output = []
     pending_references = {}
@@ -163,7 +158,7 @@ def _get_sql_model_create(klass, models_already_seen=set()):
             if f.primary_key:
                 field_output.append(style.SQL_KEYWORD('PRIMARY KEY'))
             if f.rel:
-                if f.rel.to in models_already_seen:
+                if f.rel.to in known_models:
                     field_output.append(style.SQL_KEYWORD('REFERENCES') + ' ' + \
                         style.SQL_TABLE(backend.quote_name(f.rel.to._meta.db_table)) + ' (' + \
                         style.SQL_FIELD(backend.quote_name(f.rel.to._meta.get_field(f.rel.field_name).column)) + ')'
@@ -171,7 +166,7 @@ def _get_sql_model_create(klass, models_already_seen=set()):
                 else:
                     # We haven't yet created the table to which this field
                     # is related, so save it for later.
-                    pr = pending_references.setdefault(f.rel.to, []).append((klass, f))
+                    pr = pending_references.setdefault(f.rel.to, []).append((model, f))
             table_output.append(' '.join(field_output))
     if opts.order_with_respect_to:
         table_output.append(style.SQL_FIELD(backend.quote_name('_order')) + ' ' + \
@@ -189,7 +184,7 @@ def _get_sql_model_create(klass, models_already_seen=set()):
 
     return final_output, pending_references
 
-def _get_sql_for_pending_references(klass, pending_references):
+def _get_sql_for_pending_references(model, pending_references):
     """
     Get any ALTER TABLE statements to add constraints after the fact.
     """
@@ -197,29 +192,35 @@ def _get_sql_for_pending_references(klass, pending_references):
     data_types = get_creation_module().DATA_TYPES
 
     final_output = []
+    reference_names = {}
     if backend.supports_constraints:
-        opts = klass._meta
+        opts = model._meta
-        if klass in pending_references:
+        if model in pending_references:
-            for rel_class, f in pending_references[klass]:
+            for rel_class, f in pending_references[model]:
                 rel_opts = rel_class._meta
                 r_table = rel_opts.db_table
                 r_col = f.column
                 table = opts.db_table
                 col = opts.get_field(f.rel.field_name).column
+                r_name = '%s_referencing_%s_%s' % (r_col, table, col)
+                if r_name in reference_names:
+                    reference_names[r_name] += 1
+                    r_name += '_%s' % reference_names[r_name]
+                else:
+                    reference_names[r_name] = 0
                 final_output.append(style.SQL_KEYWORD('ALTER TABLE') + ' %s ADD CONSTRAINT %s FOREIGN KEY (%s) REFERENCES %s (%s);' % \
-                    (backend.quote_name(r_table),
+                    (backend.quote_name(r_table), r_name,
-                    backend.quote_name('%s_referencing_%s_%s' % (r_col, table, col)),
                     backend.quote_name(r_col), backend.quote_name(table), backend.quote_name(col)))
-            del pending_references[klass]
+            del pending_references[model]
     return final_output
 
-def _get_many_to_many_sql_for_model(klass):
+def _get_many_to_many_sql_for_model(model):
     from django.db import backend, get_creation_module
     from django.db.models import GenericRel
 
     data_types = get_creation_module().DATA_TYPES
 
-    opts = klass._meta
+    opts = model._meta
     final_output = []
     for f in opts.many_to_many:
         if not isinstance(f.rel, GenericRel):
@@ -273,37 +274,37 @@ def get_sql_delete(app):
 
     references_to_delete = {}
     app_models = models.get_models(app)
-    for klass in app_models:
+    for model in app_models:
-        if cursor and klass._meta.db_table in table_names:
+        if cursor and model._meta.db_table in table_names:
             # The table exists, so it needs to be dropped
-            opts = klass._meta
+            opts = model._meta
             for f in opts.fields:
                 if f.rel and f.rel.to not in to_delete:
-                    references_to_delete.setdefault(f.rel.to, []).append( (klass, f) )
+                    references_to_delete.setdefault(f.rel.to, []).append( (model, f) )
 
-            to_delete.add(klass)
+            to_delete.add(model)
 
-    for klass in app_models:
+    for model in app_models:
-        if cursor and klass._meta.db_table in table_names:
+        if cursor and model._meta.db_table in table_names:
             # Drop the table now
             output.append('%s %s;' % (style.SQL_KEYWORD('DROP TABLE'),
-                style.SQL_TABLE(backend.quote_name(klass._meta.db_table))))
+                style.SQL_TABLE(backend.quote_name(model._meta.db_table))))
-            if backend.supports_constraints and references_to_delete.has_key(klass):
+            if backend.supports_constraints and references_to_delete.has_key(model):
-                for rel_class, f in references_to_delete[klass]:
+                for rel_class, f in references_to_delete[model]:
                     table = rel_class._meta.db_table
                     col = f.column
-                    r_table = klass._meta.db_table
+                    r_table = model._meta.db_table
-                    r_col = klass._meta.get_field(f.rel.field_name).column
+                    r_col = model._meta.get_field(f.rel.field_name).column
                     output.append('%s %s %s %s;' % \
                         (style.SQL_KEYWORD('ALTER TABLE'),
                         style.SQL_TABLE(backend.quote_name(table)),
                         style.SQL_KEYWORD(backend.get_drop_foreignkey_sql()),
                         style.SQL_FIELD(backend.quote_name("%s_referencing_%s_%s" % (col, r_table, r_col)))))
-                del references_to_delete[klass]
+                del references_to_delete[model]
 
     # Output DROP TABLE statements for many-to-many tables.
-    for klass in app_models:
+    for model in app_models:
-        opts = klass._meta
+        opts = model._meta
         for f in opts.many_to_many:
             if cursor and f.m2m_db_table() in table_names:
                 output.append("%s %s;" % (style.SQL_KEYWORD('DROP TABLE'),
@@ -360,8 +361,8 @@ def get_sql_initial_data(app):
     app_models = get_models(app)
     app_dir = os.path.normpath(os.path.join(os.path.dirname(app.__file__), 'sql'))
 
-    for klass in app_models:
+    for model in app_models:
-        output.extend(get_sql_initial_data_for_model(klass))
+        output.extend(get_sql_initial_data_for_model(model))
 
     return output
 get_sql_initial_data.help_doc = "Prints the initial INSERT SQL statements for the given app name(s)."
@@ -371,18 +372,18 @@ def get_sql_sequence_reset(app):
     "Returns a list of the SQL statements to reset PostgreSQL sequences for the given app."
     from django.db import backend, models
     output = []
-    for klass in models.get_models(app):
+    for model in models.get_models(app):
-        for f in klass._meta.fields:
+        for f in model._meta.fields:
             if isinstance(f, models.AutoField):
                 output.append("%s setval('%s', (%s max(%s) %s %s));" % \
                     (style.SQL_KEYWORD('SELECT'),
-                    style.SQL_FIELD('%s_%s_seq' % (klass._meta.db_table, f.column)),
+                    style.SQL_FIELD('%s_%s_seq' % (model._meta.db_table, f.column)),
                     style.SQL_KEYWORD('SELECT'),
                     style.SQL_FIELD(backend.quote_name(f.column)),
                     style.SQL_KEYWORD('FROM'),
-                    style.SQL_TABLE(backend.quote_name(klass._meta.db_table))))
+                    style.SQL_TABLE(backend.quote_name(model._meta.db_table))))
                 break # Only one AutoField is allowed per model, so don't bother continuing.
-        for f in klass._meta.many_to_many:
+        for f in model._meta.many_to_many:
             output.append("%s setval('%s', (%s max(%s) %s %s));" % \
                 (style.SQL_KEYWORD('SELECT'),
                 style.SQL_FIELD('%s_id_seq' % f.m2m_db_table()),
@@ -399,15 +400,15 @@ def get_sql_indexes(app):
     from django.db import backend, models
     output = []
 
-    for klass in models.get_models(app):
+    for model in models.get_models(app):
-        for f in klass._meta.fields:
+        for f in model._meta.fields:
             if f.db_index:
                 unique = f.unique and 'UNIQUE ' or ''
                 output.append(
                     style.SQL_KEYWORD('CREATE %sINDEX' % unique) + ' ' + \
-                    style.SQL_TABLE('%s_%s' % (klass._meta.db_table, f.column)) + ' ' + \
+                    style.SQL_TABLE('%s_%s' % (model._meta.db_table, f.column)) + ' ' + \
                     style.SQL_KEYWORD('ON') + ' ' + \
-                    style.SQL_TABLE(backend.quote_name(klass._meta.db_table)) + ' ' + \
+                    style.SQL_TABLE(backend.quote_name(model._meta.db_table)) + ' ' + \
                     "(%s);" % style.SQL_FIELD(backend.quote_name(f.column))
                 )
     return output
@@ -517,14 +518,14 @@ def get_admin_index(app):
     app_label = app_models[0]._meta.app_label
     output.append('{%% if perms.%s %%}' % app_label)
     output.append('<div class="module"><h2>%s</h2><table>' % app_label.title())
-    for klass in app_models:
+    for model in app_models:
-        if klass._meta.admin:
+        if model._meta.admin:
             output.append(MODULE_TEMPLATE % {
                 'app': app_label,
-                'mod': klass._meta.module_name,
+                'mod': model._meta.module_name,
-                'name': capfirst(klass._meta.verbose_name_plural),
+                'name': capfirst(model._meta.verbose_name_plural),
-                'addperm': klass._meta.get_add_permission(),
+                'addperm': model._meta.get_add_permission(),
-                'changeperm': klass._meta.get_change_permission(),
+                'changeperm': model._meta.get_change_permission(),
             })
     output.append('</table></div>')
     output.append('{% endif %}')
@@ -592,7 +593,6 @@ install.args = APP_ARGS
 def reset(app):
     "Executes the equivalent of 'get_sql_reset' in the current database."
     from django.db import connection, transaction
-    from cStringIO import StringIO
     app_name = app.__name__.split('.')[-2]
 
     disable_termcolors()
@@ -692,7 +692,6 @@ startapp.args = "[appname]"
 def inspectdb():
     "Generator that introspects the tables in the given database name and returns a Django model, one line at a time."
     from django.db import connection, get_introspection_module
-    from django.conf import settings
     import keyword
 
     introspection_module = get_introspection_module()
@@ -1024,7 +1023,7 @@ def _check_for_validation_errors(app=None):
         sys.stderr.write(s.read())
         sys.exit(1)
 
-def runserver(addr, port):
+def runserver(addr, port, use_reloader=True):
     "Starts a lightweight Web server for development."
     from django.core.servers.basehttp import run, AdminMediaHandler, WSGIServerException
     from django.core.handlers.wsgi import WSGIHandler
@@ -1058,9 +1057,12 @@ def runserver(addr, port):
             sys.exit(1)
         except KeyboardInterrupt:
             sys.exit(0)
+    if use_reloader:
         from django.utils import autoreload
         autoreload.main(inner_run)
-runserver.args = '[optional port number, or ipaddr:port]'
+    else:
+        inner_run()
+runserver.args = '[--noreload] [optional port number, or ipaddr:port]'
 
 def createcachetable(tablename):
     "Creates the table needed to use the SQL cache backend"
@@ -1209,6 +1211,8 @@ def execute_from_command_line(action_mapping=DEFAULT_ACTION_MAPPING, argv=None):
         help='Lets you manually add a directory the Python path, e.g. "/home/djangoprojects/myproject".')
     parser.add_option('--plain', action='store_true', dest='plain',
         help='Tells Django to use plain Python, not IPython, for "shell" command.')
+    parser.add_option('--noreload', action='store_false', dest='use_reloader', default=True,
+        help='Tells Django to NOT use the auto-reloader when running the development server.')
     options, args = parser.parse_args(argv[1:])
 
     # Take care of options.
@@ -1264,7 +1268,7 @@ def execute_from_command_line(action_mapping=DEFAULT_ACTION_MAPPING, argv=None):
                 addr, port = args[1].split(':')
             except ValueError:
                 addr, port = '', args[1]
-        action_mapping[action](addr, port)
+        action_mapping[action](addr, port, options.use_reloader)
     elif action == 'runfcgi':
         action_mapping[action](args[1:])
     else:

django/core/paginator.py

@@ -1,4 +1,3 @@
-from copy import copy
 from math import ceil
 
 class InvalidPage(Exception):

django/core/serializers/python.py

@@ -79,7 +79,7 @@ def Deserializer(object_list, **options):
             elif field.rel and isinstance(field.rel, models.ManyToOneRel):
                 try:
                     data[field.name] = field.rel.to._default_manager.get(pk=field_value)
-                except RelatedModel.DoesNotExist:
+                except field.rel.to.DoesNotExist:
                     data[field.name] = None
                     
             # Handle all other fields

django/core/servers/basehttp.py

@@ -8,7 +8,7 @@ been reviewed for security issues. Don't use it for production use.
 """
 
 from BaseHTTPServer import BaseHTTPRequestHandler, HTTPServer
-from types import ListType, StringType, TupleType
+from types import ListType, StringType
 import os, re, sys, time, urllib
 
 __version__ = "0.1"

django/core/urlresolvers.py

@@ -201,3 +201,19 @@ class RegexURLResolver(object):
         sub_match = self.reverse(viewname, *args, **kwargs)
         result = reverse_helper(self.regex, *args, **kwargs)
         return result + sub_match
+
+def resolve(path, urlconf=None):
+    if urlconf is None:
+        from django.conf import settings
+        urlconf = settings.ROOT_URLCONF
+    resolver = RegexURLResolver(r'^/', urlconf)
+    return resolver.resolve(path)
+
+def reverse(viewname, urlconf, args=None, kwargs=None):
+    args = args or []
+    kwargs = kwargs or {}
+    if urlconf is None:
+        from django.conf import settings
+        urlconf = settings.ROOT_URLCONF
+    resolver = RegexURLResolver(r'^/', urlconf)
+    return resolver.reverse(viewname, *args, **kwargs)

django/db/backends/mysql/base.py

@@ -40,7 +40,7 @@ class MysqlDebugWrapper:
     def executemany(self, sql, param_list):
         try:
             return self.cursor.executemany(sql, param_list)
-        except Database.Warning:
+        except Database.Warning, w:
             self.cursor.execute("SHOW WARNINGS")
             raise Database.Warning, "%s: %s" % (w, self.cursor.fetchall())
 

django/db/backends/mysql/introspection.py

@@ -1,4 +1,3 @@
-from django.db import transaction
 from django.db.backends.mysql.base import quote_name
 from MySQLdb import ProgrammingError, OperationalError
 from MySQLdb.constants import FIELD_TYPE

django/db/backends/oracle/base.py

@@ -10,7 +10,6 @@ try:
 except ImportError, e:
     from django.core.exceptions import ImproperlyConfigured
     raise ImproperlyConfigured, "Error loading cx_Oracle module: %s" % e
-import types
 
 DatabaseError = Database.Error
 

django/db/backends/oracle/introspection.py

@@ -1,5 +1,3 @@
-from django.db import transaction
-from django.db.backends.oracle.base import quote_name
 import re
 
 foreign_key_re = re.compile(r"\sCONSTRAINT `[^`]*` FOREIGN KEY \(`([^`]*)`\) REFERENCES `([^`]*)` \(`([^`]*)`\)")

django/db/backends/postgresql/introspection.py

@@ -1,4 +1,3 @@
-from django.db import transaction
 from django.db.backends.postgresql.base import quote_name
 
 def get_table_list(cursor):

django/db/backends/postgresql_psycopg2/introspection.py

@@ -1,4 +1,3 @@
-from django.db import transaction
 from django.db.backends.postgresql_psycopg2.base import quote_name
 
 def get_table_list(cursor):

django/db/backends/sqlite3/introspection.py

@@ -1,4 +1,3 @@
-from django.db import transaction
 from django.db.backends.sqlite3.base import quote_name
 
 def get_table_list(cursor):

django/db/models/base.py

@@ -4,8 +4,7 @@ from django.core import validators
 from django.core.exceptions import ObjectDoesNotExist
 from django.db.models.fields import AutoField, ImageField, FieldDoesNotExist
 from django.db.models.fields.related import OneToOneRel, ManyToOneRel
-from django.db.models.related import RelatedObject
+from django.db.models.query import delete_objects
-from django.db.models.query import orderlist2sql, delete_objects
 from django.db.models.options import Options, AdminOptions
 from django.db import connection, backend, transaction
 from django.db.models import signals

django/db/models/fields/__init__.py

@@ -4,7 +4,7 @@ from django.conf import settings
 from django.core import validators
 from django import forms
 from django.core.exceptions import ObjectDoesNotExist
-from django.utils.functional import curry, lazy
+from django.utils.functional import curry
 from django.utils.text import capfirst
 from django.utils.translation import gettext, gettext_lazy
 import datetime, os, time
@@ -364,8 +364,8 @@ class BooleanField(Field):
 
     def to_python(self, value):
         if value in (True, False): return value
-        if value is 't': return True
+        if value in ('t', 'True'): return True
-        if value is 'f': return False
+        if value in ('f', 'False'): return False
         raise validators.ValidationError, gettext("This value must be either True or False.")
 
     def get_manipulator_field_objs(self):

django/db/models/fields/related.py

@@ -1,4 +1,4 @@
-from django.db import backend, connection, transaction
+from django.db import backend, transaction
 from django.db.models import signals, get_model
 from django.db.models.fields import AutoField, Field, IntegerField, get_ul_class
 from django.db.models.related import RelatedObject
@@ -46,7 +46,7 @@ def manipulator_valid_rel_key(f, self, field_data, all_data):
     "Validates that the value is a valid foreign key"
     klass = f.rel.to
     try:
-        klass._default_manager.get(pk=field_data)
+        klass._default_manager.get(**{f.rel.field_name: field_data})
     except klass.DoesNotExist:
         raise validators.ValidationError, _("Please enter a valid %s.") % f.verbose_name
 

django/db/models/manager.py

@@ -1,10 +1,7 @@
-from django.utils.functional import curry
-from django.db import backend, connection
 from django.db.models.query import QuerySet
 from django.dispatch import dispatcher
 from django.db.models import signals
 from django.db.models.fields import FieldDoesNotExist
-from django.utils.datastructures import SortedDict
 
 # Size of each "chunk" for get_iterator calls.
 # Larger values are slightly faster at the expense of more storage space.

django/db/models/manipulators.py

@@ -5,7 +5,7 @@ from django.db.models.fields import FileField, AutoField
 from django.dispatch import dispatcher
 from django.db.models import signals
 from django.utils.functional import curry
-from django.utils.datastructures import DotExpandedDict, MultiValueDict
+from django.utils.datastructures import DotExpandedDict
 from django.utils.text import capfirst
 import types
 
@@ -76,7 +76,7 @@ class AutomaticManipulator(forms.Manipulator):
 
         # Add field for ordering.
         if self.change and self.opts.get_ordered_objects():
-            self.fields.append(formfields.CommaSeparatedIntegerField(field_name="order_"))
+            self.fields.append(forms.CommaSeparatedIntegerField(field_name="order_"))
 
     def save(self, new_data):
         # TODO: big cleanup when core fields go -> use recursive manipulators.

django/db/models/query.py

@@ -18,7 +18,7 @@ QUERY_TERMS = (
     'exact', 'iexact', 'contains', 'icontains',
     'gt', 'gte', 'lt', 'lte', 'in',
     'startswith', 'istartswith', 'endswith', 'iendswith',
-    'range', 'year', 'month', 'day', 'isnull',
+    'range', 'year', 'month', 'day', 'isnull', 'search',
 )
 
 # Size of each "chunk" for get_iterator calls.

django/dispatch/robustapply.py

@@ -45,5 +45,3 @@ def robustApply(receiver, *arguments, **named):
             if arg not in acceptable:
                 del named[arg]
     return receiver(*arguments, **named)
-
-			

django/http/__init__.py

@@ -1,3 +1,4 @@
+import os
 from Cookie import SimpleCookie
 from pprint import pformat
 from urllib import urlencode, quote
@@ -38,6 +39,9 @@ class HttpRequest(object):
     def get_full_path(self):
         return ''
         
+    def is_secure(self):
+        return os.environ.get("HTTPS") == "on"
+
 def parse_file_upload(header_dict, post_data):
     "Returns a tuple of (POST MultiValueDict, FILES MultiValueDict)"
     import email, email.Message

django/middleware/cache.py

@@ -1,7 +1,6 @@
 from django.conf import settings
 from django.core.cache import cache
 from django.utils.cache import get_cache_key, learn_cache_key, patch_response_headers
-from django.http import HttpResponseNotModified
 
 class CacheMiddleware(object):
     """
@@ -10,6 +9,11 @@ class CacheMiddleware(object):
 
     Only parameter-less GET or HEAD-requests with status code 200 are cached.
 
+    If CACHE_MIDDLEWARE_ANONYMOUS_ONLY is set to True, only anonymous requests
+    (i.e., those node made by a logged-in user) will be cached. This is a
+    simple and effective way of avoiding the caching of the Django admin (and
+    any other user-specific content).
+
     This middleware expects that a HEAD request is answered with a response
     exactly like the corresponding GET request.
 
@@ -23,13 +27,17 @@ class CacheMiddleware(object):
     This middleware also sets ETag, Last-Modified, Expires and Cache-Control
     headers on the response object.
     """
-    def __init__(self, cache_timeout=None, key_prefix=None):
+    def __init__(self, cache_timeout=None, key_prefix=None, cache_anonymous_only=None):
         self.cache_timeout = cache_timeout
         if cache_timeout is None:
             self.cache_timeout = settings.CACHE_MIDDLEWARE_SECONDS
         self.key_prefix = key_prefix
         if key_prefix is None:
             self.key_prefix = settings.CACHE_MIDDLEWARE_KEY_PREFIX
+        if cache_anonymous_only is None:
+            self.cache_anonymous_only = getattr(settings, 'CACHE_MIDDLEWARE_ANONYMOUS_ONLY', False)
+        else:
+            self.cache_anonymous_only = cache_anonymous_only
 
     def process_request(self, request):
         "Checks whether the page is already cached and returns the cached version if available."
@@ -37,6 +45,10 @@ class CacheMiddleware(object):
             request._cache_update_cache = False
             return None # Don't bother checking the cache.
 
+        if self.cache_anonymous_only and request.user.is_authenticated():
+            request._cache_update_cache = False
+            return None # Don't cache requests from authenticated users.
+
         cache_key = get_cache_key(request, self.key_prefix)
         if cache_key is None:
             request._cache_update_cache = True

django/middleware/common.py

@@ -1,7 +1,7 @@
 from django.conf import settings
 from django import http
 from django.core.mail import mail_managers
-import md5, os
+import md5
 
 class CommonMiddleware(object):
     """
@@ -44,7 +44,7 @@ class CommonMiddleware(object):
         if new_url != old_url:
             # Redirect
             if new_url[0]:
-                newurl = "%s://%s%s" % (os.environ.get('HTTPS') == 'on' and 'https' or 'http', new_url[0], new_url[1])
+                newurl = "%s://%s%s" % (request.is_secure() and 'https' or 'http', new_url[0], new_url[1])
             else:
                 newurl = new_url[1]
             if request.GET:

django/middleware/transaction.py

@@ -1,4 +1,3 @@
-from django.conf import settings
 from django.db import transaction
 
 class TransactionMiddleware(object):

django/template/__init__.py

@@ -358,7 +358,7 @@ class DebugParser(Parser):
         super(DebugParser, self).extend_nodelist(nodelist, node, token)
 
     def unclosed_block_tag(self, parse_until):
-        (command, source) = self.command_stack.pop()
+        command, source = self.command_stack.pop()
         msg = "Unclosed tag '%s'. Looking for one of: %s " % (command, ', '.join(parse_until))
         raise self.source_error( source, msg)
 
@@ -708,9 +708,9 @@ class DebugNodeList(NodeList):
             if not hasattr(e, 'source'):
                 e.source = node.source
             raise
-        except Exception:
+        except Exception, e:
             from sys import exc_info
-            wrapped = TemplateSyntaxError('Caught an exception while rendering.')
+            wrapped = TemplateSyntaxError('Caught an exception while rendering: %s' % e)
             wrapped.source = node.source
             wrapped.exc_info = exc_info()
             raise wrapped
@@ -817,7 +817,7 @@ class Library(object):
             self.filters[name] = filter_func
             return filter_func
         else:
-            raise InvalidTemplateLibrary, "Unsupported arguments to Library.filter: (%r, %r, %r)", (name, compile_function, has_arg)
+            raise InvalidTemplateLibrary, "Unsupported arguments to Library.filter: (%r, %r)", (name, filter_func)
 
     def filter_function(self, func):
         self.filters[func.__name__] = func

django/template/defaultfilters.py

@@ -133,7 +133,7 @@ def wordwrap(value, arg):
     """
     Wraps words at specified line length
 
-    Argument: number of words to wrap the text at.
+    Argument: number of characters to wrap the text at.
     """
     from django.utils.text import wrap
     return wrap(str(value), int(arg))

django/template/loader.py

@@ -21,7 +21,7 @@
 # installed, because pkg_resources is necessary to read eggs.
 
 from django.core.exceptions import ImproperlyConfigured
-from django.template import Origin, StringOrigin, Template, Context, TemplateDoesNotExist, add_to_builtins
+from django.template import Origin, Template, Context, TemplateDoesNotExist, add_to_builtins
 from django.conf import settings
 
 template_source_loaders = None

django/template/loader_tags.py

@@ -1,5 +1,5 @@
 from django.template import TemplateSyntaxError, TemplateDoesNotExist, resolve_variable
-from django.template import Library, Context, Node
+from django.template import Library, Node
 from django.template.loader import get_template, get_template_from_string, find_template_source
 from django.conf import settings
 
@@ -125,7 +125,7 @@ def do_block(parser, token):
         if block_name in parser.__loaded_blocks:
             raise TemplateSyntaxError, "'%s' tag with name '%s' appears more than once" % (bits[0], block_name)
         parser.__loaded_blocks.append(block_name)
-    except AttributeError: # parser._loaded_blocks isn't a list yet
+    except AttributeError: # parser.__loaded_blocks isn't a list yet
         parser.__loaded_blocks = [block_name]
     nodelist = parser.parse(('endblock',))
     parser.delete_first_token()

django/templatetags/i18n.py

@@ -1,8 +1,7 @@
-from django.template import Node, NodeList, Template, Context, resolve_variable
+from django.template import Node, resolve_variable
 from django.template import TemplateSyntaxError, TokenParser, Library
-from django.template import TOKEN_BLOCK, TOKEN_TEXT, TOKEN_VAR
+from django.template import TOKEN_TEXT, TOKEN_VAR
 from django.utils import translation
-import re, sys
 
 register = Library()
 
@@ -228,7 +227,7 @@ def do_block_translate(parser, token):
             break
     if countervar and counter:
         if token.contents.strip() != 'plural':
-            raise TemplateSyntaxError, "'blocktrans' doesn't allow other block tags inside it" % tag
+            raise TemplateSyntaxError, "'blocktrans' doesn't allow other block tags inside it"
         while parser.tokens:
             token = parser.next_token()
             if token.token_type in (TOKEN_VAR, TOKEN_TEXT):

django/utils/termcolors.py

@@ -2,8 +2,6 @@
 termcolors.py
 """
 
-import types
-
 color_names = ('black', 'red', 'green', 'yellow', 'blue', 'magenta', 'cyan', 'white')
 foreground = dict([(color_names[x], '3%s' % x) for x in range(8)])
 background = dict([(color_names[x], '4%s' % x) for x in range(8)])

django/utils/translation/trans_null.py

@@ -17,3 +17,14 @@ get_language = lambda: settings.LANGUAGE_CODE
 get_language_bidi = lambda: settings.LANGUAGE_CODE in settings.LANGUAGES_BIDI
 get_date_formats = lambda: (settings.DATE_FORMAT, settings.DATETIME_FORMAT, settings.TIME_FORMAT)
 get_partial_date_formats = lambda: (settings.YEAR_MONTH_FORMAT, settings.MONTH_DAY_FORMAT)
+check_for_language = lambda x: True
+
+def to_locale(language):
+    p = language.find('-')
+    if p >= 0:
+        return language[:p].lower()+'_'+language[p+1:].upper()
+    else:
+        return language.lower()
+
+def get_language_from_request(request):
+    return settings.LANGUAGE_CODE

django/views/debug.py

@@ -3,8 +3,6 @@ from django.template import Template, Context, TemplateDoesNotExist
 from django.utils.html import escape
 from django.http import HttpResponseServerError, HttpResponseNotFound
 import os, re
-from itertools import count, izip
-from os.path import dirname, join as pathjoin
 
 HIDDEN_SETTINGS = re.compile('SECRET|PASSWORD')
 
@@ -124,7 +122,7 @@ def technical_500_response(request, exc_type, exc_value, tb):
         'frames': frames,
         'lastframe': frames[-1],
         'request': request,
-        'request_protocol': os.environ.get("HTTPS") == "on" and "https" or "http",
+        'request_protocol': request.is_secure() and "https" or "http",
         'settings': get_safe_settings(),
         'template_info': template_info,
         'template_does_not_exist': template_does_not_exist,
@@ -149,7 +147,7 @@ def technical_404_response(request, exception):
         'urlpatterns': tried,
         'reason': str(exception),
         'request': request,
-        'request_protocol': os.environ.get("HTTPS") == "on" and "https" or "http",
+        'request_protocol': request.is_secure() and "https" or "http",
         'settings': get_safe_settings(),
     })
     return HttpResponseNotFound(t.render(c), mimetype='text/html')

django/views/decorators/cache.py

@@ -10,7 +10,6 @@ example, as that is unique across a Django project.
 Additionally, all headers from the response's Vary header will be taken into
 account on caching -- just like the middleware does.
 """
-import re
 
 from django.utils.decorators import decorator_from_middleware
 from django.utils.cache import patch_cache_control, add_never_cache_headers

django/views/generic/create_update.py

@@ -4,7 +4,6 @@ from django import forms
 from django.db.models import FileField
 from django.contrib.auth.views import redirect_to_login
 from django.template import RequestContext
-from django.core.paginator import ObjectPaginator, InvalidPage
 from django.http import Http404, HttpResponse, HttpResponseRedirect
 from django.core.exceptions import ObjectDoesNotExist, ImproperlyConfigured
 
@@ -20,7 +19,7 @@ def create_object(request, model, template_name=None,
             the form wrapper for the object
     """
     if extra_context is None: extra_context = {}
-    if login_required and request.user.is_anonymous():
+    if login_required and not request.user.is_authenticated():
         return redirect_to_login(request.path)
 
     manipulator = model.AddManipulator(follow=follow)
@@ -39,7 +38,7 @@ def create_object(request, model, template_name=None,
             # No errors -- this means we can save the data!
             new_object = manipulator.save(new_data)
 
-            if not request.user.is_anonymous():
+            if request.user.is_authenticated():
                 request.user.message_set.create(message="The %s was created successfully." % model._meta.verbose_name)
 
             # Redirect to the new object: first by trying post_save_redirect,
@@ -86,7 +85,7 @@ def update_object(request, model, object_id=None, slug=None,
             the original object being edited
     """
     if extra_context is None: extra_context = {}
-    if login_required and request.user.is_anonymous():
+    if login_required and not request.user.is_authenticated():
         return redirect_to_login(request.path)
 
     # Look up the object to be edited
@@ -113,7 +112,7 @@ def update_object(request, model, object_id=None, slug=None,
         if not errors:
             object = manipulator.save(new_data)
 
-            if not request.user.is_anonymous():
+            if request.user.is_authenticated():
                 request.user.message_set.create(message="The %s was updated successfully." % model._meta.verbose_name)
 
             # Do a post-after-redirect so that reload works, etc.
@@ -162,7 +161,7 @@ def delete_object(request, model, post_delete_redirect,
             the original object being deleted
     """
     if extra_context is None: extra_context = {}
-    if login_required and request.user.is_anonymous():
+    if login_required and not request.user.is_authenticated():
         return redirect_to_login(request.path)
 
     # Look up the object to be edited
@@ -180,7 +179,7 @@ def delete_object(request, model, post_delete_redirect,
 
     if request.method == 'POST':
         object.delete()
-        if not request.user.is_anonymous():
+        if request.user.is_authenticated():
             request.user.message_set.create(message="The %s was deleted." % model._meta.verbose_name)
         return HttpResponseRedirect(post_delete_redirect)
     else:

django/views/generic/date_based.py

@@ -7,7 +7,7 @@ import datetime, time
 def archive_index(request, queryset, date_field, num_latest=15,
         template_name=None, template_loader=loader,
         extra_context=None, allow_empty=False, context_processors=None,
-        mimetype=None):
+        mimetype=None, allow_future=False):
     """
     Generic top-level archive of date-based objects.
 
@@ -20,6 +20,7 @@ def archive_index(request, queryset, date_field, num_latest=15,
     """
     if extra_context is None: extra_context = {}
     model = queryset.model
+    if not allow_future:
         queryset = queryset.filter(**{'%s__lte' % date_field: datetime.datetime.now()})
     date_list = queryset.dates(date_field, 'year')[::-1]
     if not date_list and not allow_empty:
@@ -47,7 +48,7 @@ def archive_index(request, queryset, date_field, num_latest=15,
 def archive_year(request, year, queryset, date_field, template_name=None,
         template_loader=loader, extra_context=None, allow_empty=False,
         context_processors=None, template_object_name='object', mimetype=None,
-        make_object_list=False):
+        make_object_list=False, allow_future=False):
     """
     Generic yearly archive view.
 
@@ -67,8 +68,8 @@ def archive_year(request, year, queryset, date_field, template_name=None,
 
     lookup_kwargs = {'%s__year' % date_field: year}
 
-    # Only bother to check current date if the year isn't in the past.
+    # Only bother to check current date if the year isn't in the past and future objects aren't requested.
-    if int(year) >= now.year:
+    if int(year) >= now.year and not allow_future:
         lookup_kwargs['%s__lte' % date_field] = now
     date_list = queryset.filter(**lookup_kwargs).dates(date_field, 'month')
     if not date_list and not allow_empty:
@@ -95,7 +96,7 @@ def archive_year(request, year, queryset, date_field, template_name=None,
 def archive_month(request, year, month, queryset, date_field,
         month_format='%b', template_name=None, template_loader=loader,
         extra_context=None, allow_empty=False, context_processors=None,
-        template_object_name='object', mimetype=None):
+        template_object_name='object', mimetype=None, allow_future=False):
     """
     Generic monthly archive view.
 
@@ -127,19 +128,28 @@ def archive_month(request, year, month, queryset, date_field,
         last_day = first_day.replace(month=first_day.month + 1)
     lookup_kwargs = {'%s__range' % date_field: (first_day, last_day)}
 
-    # Only bother to check current date if the month isn't in the past.
+    # Only bother to check current date if the month isn't in the past and future objects are requested.
-    if last_day >= now.date():
+    if last_day >= now.date() and not allow_future:
         lookup_kwargs['%s__lte' % date_field] = now
     object_list = queryset.filter(**lookup_kwargs)
     if not object_list and not allow_empty:
         raise Http404
+
+    # Calculate the next month, if applicable.
+    if allow_future:
+        next_month = last_day + datetime.timedelta(days=1)
+    elif last_day < datetime.date.today():
+        next_month = last_day + datetime.timedelta(days=1)
+    else:
+        next_month = None
+
     if not template_name:
         template_name = "%s/%s_archive_month.html" % (model._meta.app_label, model._meta.object_name.lower())
     t = template_loader.get_template(template_name)
     c = RequestContext(request, {
         '%s_list' % template_object_name: object_list,
         'month': date,
-        'next_month': (last_day < datetime.date.today()) and (last_day + datetime.timedelta(days=1)) or None,
+        'next_month': next_month,
         'previous_month': first_day - datetime.timedelta(days=1),
     }, context_processors)
     for key, value in extra_context.items():
@@ -152,7 +162,7 @@ def archive_month(request, year, month, queryset, date_field,
 def archive_week(request, year, week, queryset, date_field,
         template_name=None, template_loader=loader,
         extra_context=None, allow_empty=True, context_processors=None,
-        template_object_name='object', mimetype=None):
+        template_object_name='object', mimetype=None, allow_future=False):
     """
     Generic weekly archive view.
 
@@ -177,8 +187,8 @@ def archive_week(request, year, week, queryset, date_field,
     last_day = date + datetime.timedelta(days=7)
     lookup_kwargs = {'%s__range' % date_field: (first_day, last_day)}
 
-    # Only bother to check current date if the week isn't in the past.
+    # Only bother to check current date if the week isn't in the past and future objects aren't requested.
-    if last_day >= now.date():
+    if last_day >= now.date() and not allow_future:
         lookup_kwargs['%s__lte' % date_field] = now
     object_list = queryset.filter(**lookup_kwargs)
     if not object_list and not allow_empty:
@@ -201,7 +211,7 @@ def archive_day(request, year, month, day, queryset, date_field,
         month_format='%b', day_format='%d', template_name=None,
         template_loader=loader, extra_context=None, allow_empty=False,
         context_processors=None, template_object_name='object',
-        mimetype=None):
+        mimetype=None, allow_future=False):
     """
     Generic daily archive view.
 
@@ -229,12 +239,21 @@ def archive_day(request, year, month, day, queryset, date_field,
         '%s__range' % date_field: (datetime.datetime.combine(date, datetime.time.min), datetime.datetime.combine(date, datetime.time.max)),
     }
 
-    # Only bother to check current date if the date isn't in the past.
+    # Only bother to check current date if the date isn't in the past and future objects aren't requested.
-    if date >= now.date():
+    if date >= now.date() and not allow_future:
         lookup_kwargs['%s__lte' % date_field] = now
     object_list = queryset.filter(**lookup_kwargs)
     if not allow_empty and not object_list:
         raise Http404
+
+    # Calculate the next day, if applicable.
+    if allow_future:
+        next_day = date + datetime.timedelta(days=1)
+    elif date < datetime.date.today():
+        next_day = date + datetime.timedelta(days=1)
+    else:
+        next_day = None
+
     if not template_name:
         template_name = "%s/%s_archive_day.html" % (model._meta.app_label, model._meta.object_name.lower())
     t = template_loader.get_template(template_name)
@@ -242,7 +261,7 @@ def archive_day(request, year, month, day, queryset, date_field,
         '%s_list' % template_object_name: object_list,
         'day': date,
         'previous_day': date - datetime.timedelta(days=1),
-        'next_day': (date < datetime.date.today()) and (date + datetime.timedelta(days=1)) or None,
+        'next_day': next_day,
     }, context_processors)
     for key, value in extra_context.items():
         if callable(value):
@@ -267,7 +286,7 @@ def object_detail(request, year, month, day, queryset, date_field,
         month_format='%b', day_format='%d', object_id=None, slug=None,
         slug_field=None, template_name=None, template_name_field=None,
         template_loader=loader, extra_context=None, context_processors=None,
-        template_object_name='object', mimetype=None):
+        template_object_name='object', mimetype=None, allow_future=False):
     """
     Generic detail view from year/month/day/slug or year/month/day/id structure.
 
@@ -289,8 +308,8 @@ def object_detail(request, year, month, day, queryset, date_field,
         '%s__range' % date_field: (datetime.datetime.combine(date, datetime.time.min), datetime.datetime.combine(date, datetime.time.max)),
     }
 
-    # Only bother to check current date if the date isn't in the past.
+    # Only bother to check current date if the date isn't in the past and future objects aren't requested.
-    if date >= now.date():
+    if date >= now.date() and not allow_future:
         lookup_kwargs['%s__lte' % date_field] = now
     if object_id:
         lookup_kwargs['%s__exact' % model._meta.pk.name] = object_id

django/views/static.py

@@ -1,5 +1,4 @@
 from django.template import loader
-from django.core.exceptions import ImproperlyConfigured
 from django.http import Http404, HttpResponse, HttpResponseRedirect, HttpResponseNotModified
 from django.template import Template, Context, TemplateDoesNotExist
 import mimetypes

docs/api_stability.txt

@@ -0,0 +1,117 @@
+=============
+API stability
+=============
+
+Although Django has not reached a 1.0 release, the bulk of Django's public APIs are
+stable as of the 0.95 release. This document explains which APIs will and will not
+change before the 1.0 release.
+
+In this context, stable means:
+
+   - All the public APIs -- everything documented in the linked documents, and
+     all methods that don't begin with an underscore -- will not be moved or
+     renamed without providing backwards-compatible aliases.
+     
+   - If new features are added to these APIs -- which is quite possible --
+     they will not break or change the meaning of existing methods. In other
+     words, "stable" does not (necessarily) mean "complete."
+     
+   - If, for some reason, an API declared stable must be removed or replaced, it
+     will be declared deprecated but will remain in the API until at least
+     version 1.1. Warnings will be issued when the deprecated method is
+     called.
+     
+   - We'll only break backwards compatibility of these APIs if a bug or
+     security hole makes it completely unavoidable.
+
+These APIs are stable:
+
+   - `Caching`_.
+   
+   - `Custom template tags and libraries`_ (with the possible exception for a
+     small change in the way templates are registered and loaded).
+     
+   - `Database lookup`_ (with the exception of validation; see below).
+   
+   - `django-admin utility`_.
+   
+   - `FastCGI integration`_.
+   
+   - `Flatpages`_.
+   
+   - `Generic views`_.
+   
+   - `Internationalization`_.
+   
+   - `Legacy database integration`_.
+   
+   - `Model definition`_ (with the exception of generic relations; see below).
+   
+   - `mod_python integration`_.
+   
+   - `Redirects`_.
+   
+   - `Request/response objects`_.
+   
+   - `Sending email`_.
+   
+   - `Sessions`_.
+   
+   - `Settings`_.
+   
+   - `Syndication`_.
+   
+   - `Template language`_ (with the exception of some possible disambiguation
+     of how tag arguments are passed to tags and filters).
+   
+   - `Transactions`_.
+   
+   - `URL dispatch`_.   
+   
+You'll notice that this list comprises the bulk of Django's APIs. That's right
+-- most of the changes planned between now and Django 1.0 are either under the
+hood, feature additions, or changes to a few select bits. A good estimate is
+that 90% of Django can be considered forwards-compatible at this point.
+
+That said, these APIs should *not* be considered stable, and are likely to
+change:
+
+   - `Forms and validation`_ will most likely be compeltely rewritten to
+     deemphasize Manipulators in favor of validation-aware models.
+
+   - `Serialization`_ is under heavy development; changes are likely.
+
+   - The `authentication`_ framework is changing to be far more flexible, and
+     API changes may be necessary.
+
+   - Generic relations will most likely be moved out of core and into the
+     content-types contrib package to avoid core dependacies on optional
+     components.
+
+   - The comments framework, which is yet undocumented, will likely get a complete
+     rewrite before Django 1.0. Even if the change isn't quite that drastic,
+     there will at least be moderate changes.
+     
+.. _caching: http://www.djangoproject.com/documentation/cache/
+.. _custom template tags and libraries: http://www.djangoproject.com/documentation/templates_python/
+.. _database lookup: http://www.djangoproject.com/documentation/db_api/
+.. _django-admin utility: http://www.djangoproject.com/documentation/django_admin/
+.. _fastcgi integration: http://www.djangoproject.com/documentation/fastcgi/
+.. _flatpages: http://www.djangoproject.com/documentation/flatpages/
+.. _generic views: http://www.djangoproject.com/documentation/generic_views/
+.. _internationalization: http://www.djangoproject.com/documentation/i18n/
+.. _legacy database integration: http://www.djangoproject.com/documentation/legacy_databases/
+.. _model definition: http://www.djangoproject.com/documentation/model_api/
+.. _mod_python integration: http://www.djangoproject.com/documentation/modpython/
+.. _redirects: http://www.djangoproject.com/documentation/redirects/
+.. _request/response objects: http://www.djangoproject.com/documentation/request_response/
+.. _sending email: http://www.djangoproject.com/documentation/email/
+.. _sessions: http://www.djangoproject.com/documentation/sessions/
+.. _settings: http://www.djangoproject.com/documentation/settings/
+.. _syndication: http://www.djangoproject.com/documentation/syndication/
+.. _template language: http://www.djangoproject.com/documentation/templates/
+.. _transactions: http://www.djangoproject.com/documentation/transactions/
+.. _url dispatch: http://www.djangoproject.com/documentation/url_dispatch/
+.. _forms and validation: http://www.djangoproject.com/documentation/forms/
+.. _serialization: http://www.djangoproject.com/documentation/serialization/
+.. _authentication: http://www.djangoproject.com/documentation/authentication/

docs/authentication.txt

@@ -95,7 +95,11 @@ In addition to those automatic API methods, ``User`` objects have the following
 custom methods:
 
     * ``is_anonymous()`` -- Always returns ``False``. This is a way of
-      comparing ``User`` objects to anonymous users.
+      differentiating ``User`` and ``AnonymousUser`` objects. Generally, you
+      should prefer using ``is_authenticated()`` to this method.
+
+    * ``is_authenticated()`` -- Always returns ``True``. This is a way to
+      tell if the user has been authenticated.
 
     * ``get_full_name()`` -- Returns the ``first_name`` plus the ``last_name``,
       with a space in between.
@@ -219,6 +223,7 @@ the ``django.contrib.auth.models.User`` interface, with these differences:
 
     * ``id`` is always ``None``.
     * ``is_anonymous()`` returns ``True`` instead of ``False``.
+    * ``is_authenticated()`` returns ``False`` instead of ``True``.
     * ``has_perm()`` always returns ``False``.
     * ``set_password()``, ``check_password()``, ``save()``, ``delete()``,
       ``set_groups()`` and ``set_permissions()`` raise ``NotImplementedError``.
@@ -254,12 +259,12 @@ Once you have those middlewares installed, you'll be able to access
 ``request.user`` in views. ``request.user`` will give you a ``User`` object
 representing the currently logged-in user. If a user isn't currently logged in,
 ``request.user`` will be set to an instance of ``AnonymousUser`` (see the
-previous section). You can tell them apart with ``is_anonymous()``, like so::
+previous section). You can tell them apart with ``is_authenticated()``, like so::
 
-    if request.user.is_anonymous():
+    if request.user.is_authenticated():
-        # Do something for anonymous users.
+        # Do something for authenticated users.
     else:
-        # Do something for logged-in users.
+        # Do something for anonymous users.
 
 .. _request objects: http://www.djangoproject.com/documentation/request_response/#httprequest-objects
 .. _session documentation: http://www.djangoproject.com/documentation/sessions/
@@ -323,19 +328,19 @@ The raw way
 ~~~~~~~~~~~
 
 The simple, raw way to limit access to pages is to check
-``request.user.is_anonymous()`` and either redirect to a login page::
+``request.user.is_authenticated()`` and either redirect to a login page::
 
     from django.http import HttpResponseRedirect
 
     def my_view(request):
-        if request.user.is_anonymous():
+        if not request.user.is_authenticated():
             return HttpResponseRedirect('/login/?next=%s' % request.path)
         # ...
 
 ...or display an error message::
 
     def my_view(request):
-        if request.user.is_anonymous():
+        if not request.user.is_authenticated():
             return render_to_response('myapp/login_error.html')
         # ...
 
@@ -439,7 +444,7 @@ For example, this view checks to make sure the user is logged in and has the
 permission ``polls.can_vote``::
 
     def my_view(request):
-        if request.user.is_anonymous() or not request.user.has_perm('polls.can_vote'):
+        if not (request.user.is_authenticated() and request.user.has_perm('polls.can_vote')):
             return HttpResponse("You can't vote in this poll.")
         # ...
 
@@ -605,10 +610,10 @@ Users
 The currently logged-in user, either a ``User`` instance or an``AnonymousUser``
 instance, is stored in the template variable ``{{ user }}``::
 
-    {% if user.is_anonymous %}
+    {% if user.is_authenticated %}
-        <p>Welcome, new user. Please log in.</p>
-    {% else %}
         <p>Welcome, {{ user.username }}. Thanks for logging in.</p>    
+    {% else %}
+        <p>Welcome, new user. Please log in.</p>
     {% endif %}
 
 Permissions

docs/cache.txt

@@ -230,8 +230,13 @@ Then, add the following required settings to your Django settings file:
   collisions. Use an empty string if you don't care.
 
 The cache middleware caches every page that doesn't have GET or POST
-parameters. Additionally, ``CacheMiddleware`` automatically sets a few headers
+parameters. Optionally, if the ``CACHE_MIDDLEWARE_ANONYMOUS_ONLY`` setting is
-in each ``HttpResponse``:
+``True``, only anonymous requests (i.e., not those made by a logged-in user)
+will be cached. This is a simple and effective way of disabling caching for any
+user-specific pages (include Django's admin interface).
+
+Additionally, ``CacheMiddleware`` automatically sets a few headers in each
+``HttpResponse``:
 
 * Sets the ``Last-Modified`` header to the current date/time when a fresh
   (uncached) version of the page is requested.

docs/contributing.txt

@@ -168,6 +168,10 @@ Please follow these coding standards when writing code for inclusion in Django:
 
           {{foo}}
 
+    * Please don't put your name in the code. While we appreciate all
+      contributions to Django, our policy is not to publish individual
+      developer names in code -- for instance, at the top of Python modules.
+
 Committing code
 ===============
 
@@ -212,6 +216,10 @@ repository:
       first, then the "Fixed #abc." For example:
       "magic-removal: Fixed #123 -- Added whizbang feature."
 
+      For the curious: We're using a `Trac post-commit hook`_ for this.
+
+      .. _Trac post-commit hook: http://trac.edgewall.org/browser/trunk/contrib/trac-post-commit-hook
+
     * If your commit references a ticket in the Django `ticket tracker`_ but
       does *not* close the ticket, include the phrase "Refs #abc", where "abc"
       is the number of the ticket your commit references. We've rigged

docs/design_philosophies.txt

@@ -274,8 +274,8 @@ Loose coupling
 A view shouldn't care about which template system the developer uses -- or even
 whether a template system is used at all.
 
-Designate between GET and POST
+Differentiate between GET and POST
-------------------------------
+----------------------------------
 
 GET and POST are distinct; developers should explicitly use one or the other.
 The framework should make it easy to distinguish between GET and POST data.

docs/django-admin.txt

@@ -192,6 +192,14 @@ documentation.
 
 .. _serving static files: http://www.djangoproject.com/documentation/static_files/
 
+Turning off auto-reload
+~~~~~~~~~~~~~~~~~~~~~~~
+
+To disable auto-reloading of code while the development server is running, use the
+``--noreload`` option, like so::
+
+    django-admin.py runserver --noreload
+
 shell
 -----
 

docs/faq.txt

@@ -156,7 +156,7 @@ logical to us.
 -----------------------------------------------------
 
 We're well aware that there are other awesome Web frameworks out there, and
-we're not adverse to borrowing ideas where appropriate. However, Django was
+we're not averse to borrowing ideas where appropriate. However, Django was
 developed precisely because we were unhappy with the status quo, so please be
 aware that "because <Framework X>" does it is not going to be sufficient reason
 to add a given feature to Django.
@@ -535,13 +535,26 @@ If you're sure your username and password are correct, make sure your user
 account has ``is_active`` and ``is_staff`` set to True. The admin site only
 allows access to users with those two fields both set to True.
 
+How can I prevent the cache middleware from caching the admin site?
+-------------------------------------------------------------------
+
+Set the ``CACHE_MIDDLEWARE_ANONYMOUS_ONLY`` setting to ``True``. See the
+`cache documentation`_ for more information.
+
+.. _cache documentation: ../cache/#the-per-site-cache
+
 How do I automatically set a field's value to the user who last edited the object in the admin?
 -----------------------------------------------------------------------------------------------
 
-At this point, you can't do this. But it's an oft-requested feature, so we're
+At this point, Django doesn't have an official way to do this. But it's an oft-requested
-discussing how it can be implemented. The problem is we don't want to couple
+feature, so we're discussing how it can be implemented. The problem is we don't want to couple
-the model layer with the admin layer with the request layer (to get the current
+the model layer with the admin layer with the request layer (to get the current user). It's a
-user). It's a tricky problem.
+tricky problem.
+
+One person hacked up a `solution that doesn't require patching Django`_, but note that it's an
+unofficial solution, and there's no guarantee it won't break at some point.
+
+.. _solution that doesn't require patching Django: http://lukeplant.me.uk/blog.php?id=1107301634
 
 How do I limit admin access so that objects can only be edited by the users who created them?
 ---------------------------------------------------------------------------------------------
@@ -606,3 +619,21 @@ To create a user, you'll have to use the Python API. See `creating users`_ for
 full info.
 
 .. _creating users: http://www.djangoproject.com/documentation/authentication/#creating-users
+
+Contributing code
+=================
+
+I submitted a bug fix in the ticket system several weeks ago. Why are you ignoring my patch?
+--------------------------------------------------------------------------------------------
+
+Don't worry: We're not ignoring you!
+
+It's important to understand there is a difference between "a ticket is being
+ignored" and "a ticket has not been attended to yet." Django's ticket system
+contains hundreds of open tickets, of various degrees of impact on end-user
+functionality, and Django's developers have to review and prioritize.
+
+Besides, if your feature request stands no chance of inclusion in Django, we
+won't ignore it -- we'll just close the ticket. So if your ticket is still
+open, it doesn't mean we're ignoring you; it just means we haven't had time to
+look at it yet.

docs/generic_views.txt

@@ -148,7 +148,8 @@ are views for displaying drilldown pages for date-based data.
 **Description:**
 
 A top-level index page showing the "latest" objects, by date. Objects with
-a date in the *future* are not included.
+a date in the *future* are not included unless you set ``allow_future`` to
+``True``.
 
 **Required arguments:**
 
@@ -185,6 +186,11 @@ a date in the *future* are not included.
     * ``mimetype``: The MIME type to use for the resulting document. Defaults
       to the value of the ``DEFAULT_MIME_TYPE`` setting.
 
+    * ``allow_future``: A boolean specifying whether to include "future"
+      objects on this page, where "future" means objects in which the field
+      specified in ``date_field`` is greater than the current date/time. By
+      default, this is ``False``.
+
 **Template name:**
 
 If ``template_name`` isn't specified, this view will use the template
@@ -217,7 +223,8 @@ In addition to ``extra_context``, the template's context will be:
 **Description:**
 
 A yearly archive page showing all available months in a given year. Objects
-with a date in the *future* are not displayed.
+with a date in the *future* are not displayed unless you set ``allow_future``
+to ``True``.
 
 **Required arguments:**
 
@@ -265,6 +272,11 @@ with a date in the *future* are not displayed.
     * ``mimetype``: The MIME type to use for the resulting document. Defaults
       to the value of the ``DEFAULT_MIME_TYPE`` setting.
 
+    * ``allow_future``: A boolean specifying whether to include "future"
+      objects on this page, where "future" means objects in which the field
+      specified in ``date_field`` is greater than the current date/time. By
+      default, this is ``False``.
+
 **Template name:**
 
 If ``template_name`` isn't specified, this view will use the template
@@ -296,7 +308,8 @@ In addition to ``extra_context``, the template's context will be:
 **Description:**
 
 A monthly archive page showing all objects in a given month. Objects with a
-date in the *future* are not displayed.
+date in the *future* are not displayed unless you set ``allow_future`` to
+``True``.
 
 **Required arguments:**
 
@@ -346,6 +359,11 @@ date in the *future* are not displayed.
     * ``mimetype``: The MIME type to use for the resulting document. Defaults
       to the value of the ``DEFAULT_MIME_TYPE`` setting.
 
+    * ``allow_future``: A boolean specifying whether to include "future"
+      objects on this page, where "future" means objects in which the field
+      specified in ``date_field`` is greater than the current date/time. By
+      default, this is ``False``.
+
 **Template name:**
 
 If ``template_name`` isn't specified, this view will use the template
@@ -378,7 +396,7 @@ In addition to ``extra_context``, the template's context will be:
 **Description:**
 
 A weekly archive page showing all objects in a given week. Objects with a date
-in the *future* are not displayed.
+in the *future* are not displayed unless you set ``allow_future`` to ``True``.
 
 **Required arguments:**
 
@@ -422,6 +440,11 @@ in the *future* are not displayed.
     * ``mimetype``: The MIME type to use for the resulting document. Defaults
       to the value of the ``DEFAULT_MIME_TYPE`` setting.
 
+    * ``allow_future``: A boolean specifying whether to include "future"
+      objects on this page, where "future" means objects in which the field
+      specified in ``date_field`` is greater than the current date/time. By
+      default, this is ``False``.
+
 **Template name:**
 
 If ``template_name`` isn't specified, this view will use the template
@@ -445,7 +468,8 @@ In addition to ``extra_context``, the template's context will be:
 **Description:**
 
 A day archive page showing all objects in a given day. Days in the future throw
-a 404 error, regardless of whether any objects exist for future days.
+a 404 error, regardless of whether any objects exist for future days, unless
+you set ``allow_future`` to ``True``.
 
 **Required arguments:**
 
@@ -501,6 +525,11 @@ a 404 error, regardless of whether any objects exist for future days.
     * ``mimetype``: The MIME type to use for the resulting document. Defaults
       to the value of the ``DEFAULT_MIME_TYPE`` setting.
 
+    * ``allow_future``: A boolean specifying whether to include "future"
+      objects on this page, where "future" means objects in which the field
+      specified in ``date_field`` is greater than the current date/time. By
+      default, this is ``False``.
+
 **Template name:**
 
 If ``template_name`` isn't specified, this view will use the template
@@ -537,7 +566,9 @@ and today's date is used instead.
 
 **Description:**
 
-A page representing an individual object.
+A page representing an individual object. If the object has a date value in the
+future, the view will throw a 404 error by default, unless you set
+``allow_future`` to ``True``.
 
 **Required arguments:**
 
@@ -604,6 +635,11 @@ A page representing an individual object.
     * ``mimetype``: The MIME type to use for the resulting document. Defaults
       to the value of the ``DEFAULT_MIME_TYPE`` setting.
 
+    * ``allow_future``: A boolean specifying whether to include "future"
+      objects on this page, where "future" means objects in which the field
+      specified in ``date_field`` is greater than the current date/time. By
+      default, this is ``False``.
+
 **Template name:**
 
 If ``template_name`` isn't specified, this view will use the template

docs/i18n.txt

@@ -224,11 +224,18 @@ block::
     This will have {{ myvar }} inside.
     {% endblocktrans %}
 
+If you need to bind more than one expression inside a ``blocktrans`` tag,
+separate the pieces with ``and``::
+
+    {% blocktrans with book|title as book_t and author|title as author_t %}
+    This is {{ book_t }} by {{ author_t }}
+    {% endblocktrans %}
+
 To pluralize, specify both the singular and plural forms with the
 ``{% plural %}`` tag, which appears within ``{% blocktrans %}`` and
 ``{% endblocktrans %}``. Example::
 
-    {% blocktrans count list|counted as counter %}
+    {% blocktrans count list|count as counter %}
     There is only one {{ name }} object.
     {% plural %}
     There are {{ counter }} {{ name }} objects.
@@ -306,7 +313,7 @@ marked for translation. It creates (or updates) a message file in the directory
 ``conf/locale``. In the ``de`` example, the file will be
 ``conf/locale/de/LC_MESSAGES/django.po``.
 
-If run over your project source tree or your appliation source tree, it will
+If run over your project source tree or your application source tree, it will
 do the same, but the location of the locale directory is ``locale/LANG/LC_MESSAGES``
 (note the missing ``conf`` prefix).
 
@@ -349,7 +356,7 @@ A quick explanation:
 Long messages are a special case. There, the first string directly after the
 ``msgstr`` (or ``msgid``) is an empty string. Then the content itself will be
 written over the next few lines as one string per line. Those strings are
-directlyconcatenated. Don't forget trailing spaces within the strings;
+directly concatenated. Don't forget trailing spaces within the strings;
 otherwise, they'll be tacked together without whitespace!
 
 .. admonition:: Mind your charset
@@ -647,7 +654,7 @@ The ``javascript_catalog`` view
 -------------------------------
 
 The main solution to these problems is the ``javascript_catalog`` view, which
-sends out a JavaScript code library with functions that mimick the ``gettext``
+sends out a JavaScript code library with functions that mimic the ``gettext``
 interface, plus an array of translation strings. Those translation strings are
 taken from the application, project or Django core, according to what you
 specify in either the {{{info_dict}}} or the URL.
@@ -665,7 +672,7 @@ You hook it up like this::
 Each string in ``packages`` should be in Python dotted-package syntax (the
 same format as the strings in ``INSTALLED_APPS``) and should refer to a package
 that contains a ``locale`` directory. If you specify multiple packages, all
-those catalogs aremerged into one catalog. This is useful if you have
+those catalogs are merged into one catalog. This is useful if you have
 JavaScript that uses strings from different applications.
 
 You can make the view dynamic by putting the packages into the URL pattern::

docs/model-api.txt

@@ -1225,6 +1225,24 @@ A few special cases to note about ``list_display``:
                   return self.birthday.strftime('%Y')[:3] + "0's"
               decade_born_in.short_description = 'Birth decade'
 
+    * If the string given is a method of the model, Django will HTML-escape the
+      output by default. If you'd rather not escape the output of the method,
+      give the method an ``allow_tags`` attribute whose value is ``True``.
+
+      Here's a full example model::
+
+          class Person(models.Model):
+              first_name = models.CharField(maxlength=50)
+              last_name = models.CharField(maxlength=50)
+              color_code = models.CharField(maxlength=6)
+
+              class Admin:
+                  list_display = ('first_name', 'last_name', 'colored_name')
+
+              def colored_name(self):
+                  return '<span style="color: #%s;">%s %s</span>' % (self.color_code, self.first_name, self.last_name)
+              colored_name.allow_tags = True
+
 ``list_display_links``
 ----------------------
 

docs/request_response.txt

@@ -106,12 +106,12 @@ All attributes except ``session`` should be considered read-only.
     A ``django.contrib.auth.models.User`` object representing the currently
     logged-in user. If the user isn't currently logged in, ``user`` will be set
     to an instance of ``django.contrib.auth.models.AnonymousUser``. You
-    can tell them apart with ``is_anonymous()``, like so::
+    can tell them apart with ``is_authenticated()``, like so::
 
-        if request.user.is_anonymous():
+        if request.user.is_authenticated():
-            # Do something for anonymous users.
-        else:
             # Do something for logged-in users.
+        else:
+            # Do something for anonymous users.
 
     ``user`` is only available if your Django installation has the
     ``AuthenticationMiddleware`` activated. For more, see
@@ -150,6 +150,10 @@ Methods
 
    Example: ``"/music/bands/the_beatles/?print=true"``
     
+``is_secure()``
+   Returns ``True`` if the request is secure; that is, if it was made with
+   HTTPS.
+
 QueryDict objects
 -----------------
 

docs/settings.txt

@@ -760,6 +760,13 @@ Note that this is the time zone to which Django will convert all dates/times --
 not necessarily the timezone of the server. For example, one server may serve
 multiple Django-powered sites, each with a separate time-zone setting.
 
+Normally, Django sets the ``os.environ['TZ']`` variable to the time zone you
+specify in the  ``TIME_ZONE`` setting. Thus, all your views and models will
+automatically operate in the correct time zone. However, if you're using the
+manual configuration option (see below), Django will *not* touch the ``TZ``
+environment variable, and it'll be up to you to ensure your processes are
+running in the correct environment.
+
 USE_ETAGS
 ---------
 
@@ -837,6 +844,15 @@ uppercase, with the same name as the settings described above. If a particular
 setting is not passed to ``configure()`` and is needed at some later point,
 Django will use the default setting value.
 
+Configuring Django in this fashion is mostly necessary -- and, indeed,
+recommended -- when you're using a piece of the framework inside a larger
+application.
+
+Consequently, when configured via ``settings.configure()``, Django will not
+make any modifications to the process environment variables. (See the
+explanation of ``TIME_ZONE``, above, for why this would normally occur.) It's
+assumed that you're already in full control of your environment in these cases.
+
 Custom default settings
 -----------------------
 

docs/syndication_feeds.txt

@@ -427,7 +427,7 @@ This example illustrates all possible attributes and methods for a ``Feed`` clas
             author's e-mail as a normal Python string.
             """
 
-        def author_name(self):
+        def author_email(self):
             """
             Returns the feed's author's e-mail as a normal Python string.
             """