Spamfreeform

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
forms.py:
from django import newforms as forms
from django.newforms.util import ValidationError
from django.utils.translation import ugettext as _
from time import time, strptime
from django.conf import settings
from Crypto.Cipher import Blowfish
from base64 import b64encode, b64decode
from notice.models import Notice


def get_key():
    cobj = Blowfish.new(settings.SECRET_KEY)
    text = unicode(time())
    text += "".join(["_" for i in xrange(8-len(text)%8)])
    return b64encode(cobj.encrypt(text))

NoticeForm = forms.form_for_model(Notice)

class NoticeFormWithKey(NoticeForm):
    NoticeForm.base_fields['key'] = forms.CharField(max_length=100, widget=forms.widgets.HiddenInput())

    def clean_key(self):
        def validation_error():
            self.data['key'] = get_key()
            raise ValidationError(_('Incorrect key.'))

        cobj = Blowfish.new(settings.SECRET_KEY)
        text = cobj.decrypt(b64decode(self.cleaned_data['key'])).rstrip('_')
        try:
            key = float(text)
        except:
            validation_error()
        now = time()
        if now - key < 10 or now - key > 60*60*24:
            validation_error()
        return


views.py:
from notice.models import *
from django.template import RequestContext, loader, Context
from django.shortcuts import render_to_response, get_object_or_404
from django.http import Http404, HttpResponse, HttpResponseRedirect, HttpResponseServerError
from django import newforms as forms
from django.newforms import widgets
from django.views.generic.list_detail import object_list
from django.utils import simplejson
from django.core.serializers.json import DateTimeAwareJSONEncoder
from django.conf import settings
from notice.forms import NoticeFormWithKey, get_key


def notice(request):
    
    if request.method == 'POST':
        f = NoticeFormWithKey(request.POST)
        if f.is_valid():
            f.save()
            f = NoticeFormWithKey()
    else:
        f = NoticeFormWithKey()

    f.fields['key'].initial = get_key()

    return object_list(request,
        queryset=Notice.objects.all(),
        template_name='notice/notice.html',
        paginate_by=16,
        page=request.GET.get('sida', 1),
        extra_context={ 'form': f }
    )


def get_notice(request, id):
    o = get_object_or_404(Notice, id=id)
    return HttpResponse(simplejson.dumps(o.__dict__, cls=DateTimeAwareJSONEncoder), mimetype='text/javascript')

Comments

mikko (on September 17, 2007):

Have look at my more generic try, nospamform on this site.

#

(Forgotten your password?)

You may use Markdown syntax here, but raw HTML will be removed.