On Sat, Dec 6, 2008 at 3:15 PM, David Cramer <[EMAIL PROTECTED]> wrote:
>
> Would have to look at how FormPreview's work, but I agree.
>
> So far what I've done with the wizard is remove all of the data from
> the session as much as possible. It calculates cleaned_data at the
> very end and only stores the POST values (still need to solve a
> potential exploit).
If you look at my patch, you'll see this line:
page_data = self._get_cleaned_data(request, page_key)
....
if issubclass(form_class, forms.ModelForm):
form = form_class(instance=form_class.Meta.model(**page_data))
I tried using the POST data with initial, but it failed for ModelForm
.. the foreign key fields weren't handled properly. Maybe you've
solved that in a different way.
-Dave
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django developers" group.
To post to this group, send email to django-developers@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/django-developers?hl=en
-~----------~----~----~----~------~----~------~--~---
