mirror of
https://github.com/django/django.git
synced 2024-12-25 10:35:48 +00:00
Fixed #12871 - Documented creation of a comment form for authenticated users; thanks shacker for patch.
This commit is contained in:
parent
6c2faaceb0
commit
fea0ca4334
@ -254,6 +254,56 @@ you can include a hidden form input called ``next`` in your comment form. For ex
|
|||||||
|
|
||||||
<input type="hidden" name="next" value="{% url 'my_comment_was_posted' %}" />
|
<input type="hidden" name="next" value="{% url 'my_comment_was_posted' %}" />
|
||||||
|
|
||||||
|
Providing a comment form for authenticated users
|
||||||
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
|
If a user is already authenticated, it makes little sense to display the name,
|
||||||
|
email, and URL fields, since these can already be retrieved from their login
|
||||||
|
data and profile. In addition, some sites will only accept comments from
|
||||||
|
authenticated users.
|
||||||
|
|
||||||
|
To provide a comment form for authenticated users, you can manually provide the
|
||||||
|
additional fields expected by the Django comments framework. For example,
|
||||||
|
assuming comments are attached to the model "object"::
|
||||||
|
|
||||||
|
{% if user.is_authenticated %}
|
||||||
|
{% get_comment_form for object as form %}
|
||||||
|
<form action="{% comment_form_target %}" method="POST">
|
||||||
|
{% csrf_token %}
|
||||||
|
{{ form.comment }}
|
||||||
|
{{ form.honeypot }}
|
||||||
|
{{ form.content_type }}
|
||||||
|
{{ form.object_pk }}
|
||||||
|
{{ form.timestamp }}
|
||||||
|
{{ form.security_hash }}
|
||||||
|
<input type="hidden" name="next" value="{% url 'object_detail_view' object.id %}" />
|
||||||
|
<input type="submit" value="Add comment" id="id_submit" />
|
||||||
|
</form>
|
||||||
|
{% else %}
|
||||||
|
<p>Please <a href="{% url 'auth_login' %}">log in</a> to leave a comment.</p>
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
The honeypot, content_type, object_pk, timestamp, and security_hash fields are
|
||||||
|
fields that would have been created automatically if you had simply used
|
||||||
|
``{{ form }}`` in your template, and are referred to in `Notes on the comment
|
||||||
|
form`_ below.
|
||||||
|
|
||||||
|
Note that we do not need to specify the user to be associated with comments
|
||||||
|
submitted by authenticated users. This is possible because the :doc:`Built-in
|
||||||
|
Comment Models</ref/contrib/comments/models>` that come with Django associate
|
||||||
|
comments with authenticated users by default.
|
||||||
|
|
||||||
|
In this example, the honeypot field will still be visible to the user; you'll
|
||||||
|
need to hide that field in your CSS::
|
||||||
|
|
||||||
|
#id_honeypot {
|
||||||
|
display: none;
|
||||||
|
}
|
||||||
|
|
||||||
|
If you want to accept either anonymous or authenticated comments, replace the
|
||||||
|
contents of the "else" clause above with a standard comment form and the right
|
||||||
|
thing will happen whether a user is logged in or not.
|
||||||
|
|
||||||
.. _notes-on-the-comment-form:
|
.. _notes-on-the-comment-form:
|
||||||
|
|
||||||
Notes on the comment form
|
Notes on the comment form
|
||||||
|
Loading…
Reference in New Issue
Block a user