ó Š*Pc@sddlZddlmZddlmZddlmZddlmZddl m Z ddl m Z m Z ddlmZdd lmZdd lmZdd lmZmZmZeed d ƒZdejfd„ƒYZdefd„ƒYZdefd„ƒYZdS(iÿÿÿÿN(tforms(t ErrorDict(tsettings(t ContentType(tComment(t salted_hmactconstant_time_compare(t force_text(t get_text_list(ttimezone(t ungettexttugettextt ugettext_lazytCOMMENT_MAX_LENGTHi¸ tCommentSecurityFormcBs³eZdZejdejƒZejdejƒZejdejƒZ ejdddddejƒZ d d d„Z d„Z d„Zd„Zd „Zd „Zd „ZRS( sI Handles the security aspects (anti-spoofing) for comment forms. twidgett min_lengthi(t max_lengthcCsT||_|dkri}n|j|jƒƒtt|ƒjd|d|ƒdS(Ntdatatinitial(t target_objecttNonetupdatetgenerate_security_datatsuperRt__init__(tselfRRR((s6../Django//lib/python/django/contrib/comments/forms.pyRs    cCsJtƒ}x:dddgD])}||jkr|j|||Make sure the timestamp isn't too far (> 2 hours) in the past.Rii<sTimestamp check failedixi (R&ttimeRR'(Rtts((s6../Django//lib/python/django/contrib/comments/forms.pytclean_timestamp4s cCsbttjƒƒ}it|jjƒd6t|jjƒƒd6t|ƒd6|j|ƒd6}|S(s4Generate a dict of security data for "initial" data.R!R#RR(tintR,tstrRt_metat _get_pk_valtinitial_security_hash(RRt security_dict((s6../Django//lib/python/django/contrib/comments/forms.pyR;s cCsIit|jjƒd6t|jjƒƒd6t|ƒd6}|j|S(sm Generate the initial security hash from self.content_object and a (unix) timestamp. R!R#R(R0RR1R2R%(RRtinitial_security_dict((s6../Django//lib/python/django/contrib/comments/forms.pyR3Fs cCs7|||f}d}dj|ƒ}t||ƒjƒS(sG Generate a HMAC security hash from the provided info. s(django.contrib.forms.CommentSecurityFormt-(tjoinRt hexdigest(RR!R#Rtinfotkey_salttvalue((s6../Django//lib/python/django/contrib/comments/forms.pyR%SsN(t__name__t __module__t__doc__Rt CharFieldt HiddenInputR!R#t IntegerFieldRRRRR R+R.RR3R%(((s6../Django//lib/python/django/contrib/comments/forms.pyRs!   tCommentDetailsFormcBs¶eZdZejdedƒddƒZejdedƒƒZej dedƒde ƒZ ejdedƒd ej de ƒZd „Zd „Zd „Zd „Zd„ZRS(sL Handles the specific details of the comment (name, comment, etc.). tlabeltNameRi2s Email addresstURLtrequiredRRcCsL|jƒstdƒ‚n|jƒ}||jƒ}|j|ƒ}|S(s6 Return a new (unsaved) comment object based on the information in this form. Assumes that the form is already validated and will throw a ValueError if not. Does not set any of the fields that would come from a Request object (i.e. ``user`` or ``ip_address``). s4get_comment_object may only be called on valid forms(tis_validt ValueErrortget_comment_modeltget_comment_create_datatcheck_for_duplicate_comment(Rt CommentModeltnew((s6../Django//lib/python/django/contrib/comments/forms.pytget_comment_objectfs  cCstS(sì Get the comment model to create with this form. Subclasses in custom comment apps should override this, get_comment_create_data, and perhaps check_for_duplicate_comment to provide custom comment models. (R(R((s6../Django//lib/python/django/contrib/comments/forms.pyRIxscCs†tdtjj|jƒdt|jjƒƒd|jdd|jdd|jdd |jd d tj ƒd t j d t d t ƒ S(sæ Returns the dict of data to be used to create a comment. Subclasses in custom comment apps that override get_comment_model can override this method to add extra fields onto a custom comment model. R!R#t user_nametnamet user_emailtemailtuser_urlturltcommentt submit_datetsite_idt is_publict is_removed(tdictRtobjectst get_for_modelRRR2R&R tnowRtSITE_IDtTruetFalse(R((s6../Django//lib/python/django/contrib/comments/forms.pyRJ€s      c Cs|jƒjj|jjjƒjd|jd|jd|j d|j d|j ƒ}xB|D]:}|j j ƒ|j j ƒkr[|j|jkr[|Sq[W|S(s¼ Check that a submitted comment isn't a duplicate. This might be caused by someone posting a comment twice. If it is a dup, silently return the *previous* comment. R!R#RORQRS(RIt_default_managertusingRt_statetdbtfilterR!R#RORQRSRVtdateRU(RRMtpossible_duplicatestold((s6../Django//lib/python/django/contrib/comments/forms.pyRK“s      0c CsÄ|jd}tjtkrÀgtjD]}||jƒkr&|^q&}|rÀtjtddt |ƒƒt g|D]/}d|ddt |ƒd|df^qut d ƒƒƒ‚qÀn|S( s† If COMMENTS_ALLOW_PROFANITIES is False, check that the comment doesn't contain anything in PROFANITIES_LIST. RUs2Watch your mouth! The word %s is not allowed here.s4Watch your mouth! The words %s are not allowed here.s"%s%s%s"iR6iiÿÿÿÿtand( R&RtCOMMENTS_ALLOW_PROFANITIESR`tPROFANITIES_LISTtlowerRR'R tlenRR (RRUtwt bad_wordsti((s6../Django//lib/python/django/contrib/comments/forms.pyt clean_comment§s . O(R<R=R>RR?t_RPt EmailFieldRRtURLFieldR`RTtTextareaR RURNRIRJRKRq(((s6../Django//lib/python/django/contrib/comments/forms.pyRB\s     t CommentFormcBs/eZejdededƒƒZd„ZRS(RFRCsHIf you enter anything in this field your comment will be treated as spamcCs3|jd}|r/tj|jdjƒ‚n|S(s4Check that nothing's been entered into the honeypot.R(R&RR'tfieldsRC(RR;((s6../Django//lib/python/django/contrib/comments/forms.pytclean_honeypot½s (R<R=RR?R`RrRRx(((s6../Django//lib/python/django/contrib/comments/forms.pyRv¸s(R,tdjangoRtdjango.forms.utilRt django.confRt"django.contrib.contenttypes.modelsRtdjango.contrib.comments.modelsRtdjango.utils.cryptoRRtdjango.utils.encodingRtdjango.utils.textRt django.utilsR tdjango.utils.translationR R R RrtgetattrR tFormRRBRv(((s6../Django//lib/python/django/contrib/comments/forms.pyts M\