diff options
Diffstat (limited to 'askbot/skins')
20 files changed, 27 insertions, 27 deletions
diff --git a/askbot/skins/default/templates/answer_edit.html b/askbot/skins/default/templates/answer_edit.html index 0dc137ae..0d8b40da 100644 --- a/askbot/skins/default/templates/answer_edit.html +++ b/askbot/skins/default/templates/answer_edit.html @@ -11,7 +11,7 @@ </h1> <div id="main-body" class="ask-body"> <div id="askform"> - <form id="fmedit" action="{% url edit_answer answer.id %}" method="post" > + <form id="fmedit" action="{% url edit_answer answer.id %}" method="post" >{% csrf_token %} <label for="id_revision" ><strong>{% trans %}revision{% endtrans %}:</strong></label> <br/> {% if revision_form.revision.errors %}{{ revision_form.revision.errors.as_ul() }}{% endif %} <div style="vertical-align:middle"> diff --git a/askbot/skins/default/templates/authopenid/changeemail.html b/askbot/skins/default/templates/authopenid/changeemail.html index 52dc6a0c..1316a048 100644 --- a/askbot/skins/default/templates/authopenid/changeemail.html +++ b/askbot/skins/default/templates/authopenid/changeemail.html @@ -21,7 +21,7 @@ <p class="error">{{ msg }}</p> {% endif %} <div class="aligned"> - <form action="." method="post" accept-charset="utf-8"> + <form action="." method="post" accept-charset="utf-8">{% csrf_token %} {% if next %} <input type="hidden" name="next" value="{{next}}"/> {% endif %} diff --git a/askbot/skins/default/templates/authopenid/complete.html b/askbot/skins/default/templates/authopenid/complete.html index ccaf753a..40ec4ccc 100644 --- a/askbot/skins/default/templates/authopenid/complete.html +++ b/askbot/skins/default/templates/authopenid/complete.html @@ -48,11 +48,11 @@ parameters: {% endif %} <div class="login"> {% if login_type=='openid' %} - <form name="fregister" action="{% url user_register %}" method="POST"> + <form name="fregister" action="{% url user_register %}" method="POST">{% csrf_token %} {% elif login_type=='facebook' %} - <form name="fregister" action="" method="POST"> + <form name="fregister" action="" method="POST">{% csrf_token %} {% else %} - <form name="fregister" action="{% url user_signin %}" method="POST"> + <form name="fregister" action="{% url user_signin %}" method="POST">{% csrf_token %} {% endif %} {{ openid_register_form.next }} <div class="form-row-vertical"> diff --git a/askbot/skins/default/templates/authopenid/signin.html b/askbot/skins/default/templates/authopenid/signin.html index aa67c95f..9316255a 100644 --- a/askbot/skins/default/templates/authopenid/signin.html +++ b/askbot/skins/default/templates/authopenid/signin.html @@ -44,7 +44,7 @@ <p class="warning">{{ openid_error_message }}</p>
{% endif %}
{% if view_subtype != 'email_sent' and view_subtype != 'bad_key' %}
- <form id="signin-form" method="post" action="{% url user_signin %}">
+ <form id="signin-form" method="post" action="{% url user_signin %}">{% csrf_token %}
{# in this branch - the real signin view we display the login icons
here we hide the local login button only if admin
wants to always show the password login form - then
@@ -157,7 +157,7 @@ {% endif %}
{% if view_subtype != 'email_sent' or view_subtype == 'bad_key' %}
{% if user.is_anonymous() %}
- <form id="account-recovery-form" action="{% url user_account_recover %}" method="post">
+ <form id="account-recovery-form" action="{% url user_account_recover %}" method="post">{% csrf_token %}
{% if view_subtype != 'bad_key' %}
<h2 id='account-recovery-heading'>{% trans %}Still have trouble signing in?{% endtrans %}</h2>
{% endif %}
diff --git a/askbot/skins/default/templates/authopenid/signup_with_password.html b/askbot/skins/default/templates/authopenid/signup_with_password.html index d85f8671..b5680806 100644 --- a/askbot/skins/default/templates/authopenid/signup_with_password.html +++ b/askbot/skins/default/templates/authopenid/signup_with_password.html @@ -8,7 +8,7 @@ {% block content %} {% if settings.PASSWORD_REGISTER_SHOW_PROVIDER_BUTTONS == True %} <h1>{% trans %}Please register by clicking on any of the icons below{% endtrans %}</h1> - <form id="signin-form" method="post" action="{% url user_signin %}"> + <form id="signin-form" method="post" action="{% url user_signin %}">{% csrf_token %} {# hide_local_login == True because it is password reg form #} {{ login_macros.provider_buttons( @@ -25,7 +25,7 @@ <h1>{% trans %}Create login name and password{% endtrans %}</h1> <p class="message">{% trans %}Traditional signup info{% endtrans %}</p> {%endif%} -<form action="{% url user_signup_with_password %}" method="post" accept-charset="utf-8"> +<form action="{% url user_signup_with_password %}" method="post" accept-charset="utf-8">{% csrf_token %} {{form.login_provider}} <ul class="form-horizontal-rows"> <li><label for="usename_id">{{form.username.label}}</label>{{form.username}}{{form.username.errors}}</li> diff --git a/askbot/skins/default/templates/avatar/add.html b/askbot/skins/default/templates/avatar/add.html index df700d0c..68a188ef 100644 --- a/askbot/skins/default/templates/avatar/add.html +++ b/askbot/skins/default/templates/avatar/add.html @@ -8,7 +8,7 @@ {% if not avatars %} <p>{% trans %}You haven't uploaded an avatar yet. Please upload one now.{% endtrans %}</p> {% endif %} - <form enctype="multipart/form-data" method="POST" action="{% url avatar_add %}"> + <form enctype="multipart/form-data" method="POST" action="{% url avatar_add %}">{% csrf_token %} {{ upload_avatar_form.as_p() }} <p><input type="submit" value="{% trans %}Upload New Image{% endtrans %}" /></p> </form> diff --git a/askbot/skins/default/templates/avatar/change.html b/askbot/skins/default/templates/avatar/change.html index 7a88ddef..7921a662 100644 --- a/askbot/skins/default/templates/avatar/change.html +++ b/askbot/skins/default/templates/avatar/change.html @@ -10,14 +10,14 @@ {% if not avatars %} <p>{% trans %}You haven't uploaded an avatar yet. Please upload one now.{% endtrans %}</p> {% else %} - <form method="POST" action="{% url avatar_change %}"> + <form method="POST" action="{% url avatar_change %}">{% csrf_token %} <ul> {{ primary_avatar_form.as_ul() }} </ul> <p><input type="submit" value="{% trans %}Choose new Default{% endtrans %}" /></p> </form> {% endif %} - <form enctype="multipart/form-data" method="POST" action="{% url avatar_add %}"> + <form enctype="multipart/form-data" method="POST" action="{% url avatar_add %}">{% csrf_token %} {{ upload_avatar_form.as_p() }} <p><input type="submit" value="{% trans %}Upload{% endtrans %}" /></p> </form> diff --git a/askbot/skins/default/templates/avatar/confirm_delete.html b/askbot/skins/default/templates/avatar/confirm_delete.html index 042d7c0d..282d72fa 100644 --- a/askbot/skins/default/templates/avatar/confirm_delete.html +++ b/askbot/skins/default/templates/avatar/confirm_delete.html @@ -6,7 +6,7 @@ {% if not avatars %} <p>{% trans avatar_change_url="avatar_change"|url %}You have no avatars to delete. Please <a href="{{ avatar_change_url }}">upload one</a> now.{% endtrans %}</p> {% else %} - <form method="POST" action="{% url avatar_delete %}"> + <form method="POST" action="{% url avatar_delete %}">{% csrf_token %} <ul> {{ delete_avatar_form.as_ul() }} </ul> diff --git a/askbot/skins/default/templates/blocks/ask_form.html b/askbot/skins/default/templates/blocks/ask_form.html index 8df6c019..9b61c7ce 100644 --- a/askbot/skins/default/templates/blocks/ask_form.html +++ b/askbot/skins/default/templates/blocks/ask_form.html @@ -1,6 +1,6 @@ {% import "macros.html" as macros %} <div id="askform"> - <form id="fmask" action="" method="post" > + <form id="fmask" action="" method="post" >{% csrf_token %} <div class="form-item"> <div id="askFormBar"> {% if not request.user.is_authenticated() %} diff --git a/askbot/skins/default/templates/close.html b/askbot/skins/default/templates/close.html index 57ff5780..d8160865 100644 --- a/askbot/skins/default/templates/close.html +++ b/askbot/skins/default/templates/close.html @@ -6,7 +6,7 @@ <p>{% trans %}Close the question{% endtrans %}: <a href="{{ question.get_absolute_url() }}"> <strong>{{ question.get_question_title() }}</strong></a> </p> - <form id="fmclose" action="{% url close question.id %}" method="post" > + <form id="fmclose" action="{% url close question.id %}" method="post" >{% csrf_token %} <p> <strong>{% trans %}Reasons{% endtrans %}:</strong> {{ form.reason }} diff --git a/askbot/skins/default/templates/feedback.html b/askbot/skins/default/templates/feedback.html index 258a85dc..d5e8b3a7 100644 --- a/askbot/skins/default/templates/feedback.html +++ b/askbot/skins/default/templates/feedback.html @@ -3,7 +3,7 @@ {% block title %}{% spaceless %}{% trans %}Feedback{% endtrans %}{% endspaceless %}{% endblock %} {% block content %} <h1>{% trans %}Give us your feedback!{% endtrans %}</h1> -<form method="post" action="{% url feedback %}" accept-charset="utf-8"> +<form method="post" action="{% url feedback %}" accept-charset="utf-8">{% csrf_token %} {% if user.is_authenticated() %} <p class="message"> {% trans user_name=user.username %} diff --git a/askbot/skins/default/templates/import_data.html b/askbot/skins/default/templates/import_data.html index 7bc370ab..affeaa73 100644 --- a/askbot/skins/default/templates/import_data.html +++ b/askbot/skins/default/templates/import_data.html @@ -18,7 +18,7 @@ Please note that feedback will be printed in plain text. {% endtrans %} </p> - <form id="load-dump-form" method="post" enctype="multipart/form-data"> + <form id="load-dump-form" method="post" enctype="multipart/form-data">{% csrf_token %} <table> {{dump_upload_form.as_table()}} </table> diff --git a/askbot/skins/default/templates/question.html b/askbot/skins/default/templates/question.html index d95fd6c0..ffab9bd1 100644 --- a/askbot/skins/default/templates/question.html +++ b/askbot/skins/default/templates/question.html @@ -304,7 +304,7 @@ {{ macros.paginator(paginator_context) }} </div><br/> {% endif %} -<form id="fmanswer" action="{% url answer question.id %}" method="post"> +<form id="fmanswer" action="{% url answer question.id %}" method="post">{% csrf_token %} {% if request.user.is_authenticated() %} <p style="padding-left:3px"> {{ answer.email_notify }} diff --git a/askbot/skins/default/templates/question_edit.html b/askbot/skins/default/templates/question_edit.html index c1a84426..6a55e58c 100644 --- a/askbot/skins/default/templates/question_edit.html +++ b/askbot/skins/default/templates/question_edit.html @@ -7,7 +7,7 @@ {% endblock %} {% block content %} <h1>{% trans %}Edit question{% endtrans %} [<a href="{{ question.get_absolute_url() }}">{% trans %}back{% endtrans %}</a>]</h1> -<form id="fmedit" action="{% url edit_question question.id %}" method="post" > +<form id="fmedit" action="{% url edit_question question.id %}" method="post" >{% csrf_token %} <label for="id_revision" ><strong>{% trans %}revision{% endtrans %}:</strong></label> <br/> {% if revision_form.revision.errors %}{{ revision_form.revision.errors.as_ul() }}{% endif %} <div style="vertical-align:middle"> diff --git a/askbot/skins/default/templates/question_retag.html b/askbot/skins/default/templates/question_retag.html index f521ccb3..79cbbbff 100644 --- a/askbot/skins/default/templates/question_retag.html +++ b/askbot/skins/default/templates/question_retag.html @@ -4,7 +4,7 @@ {% block content %} <h1>{% trans %}Change tags{% endtrans %} [<a href="{{ question.get_absolute_url() }}">{% trans %}back{% endtrans %}</a>]</h1> <div id="askform"> - <form id="fmretag" action="{% url retag_question question.id %}" method="post" > + <form id="fmretag" action="{% url retag_question question.id %}" method="post" >{% csrf_token %} <h2> {{ question.get_question_title() }} </h2> diff --git a/askbot/skins/default/templates/reopen.html b/askbot/skins/default/templates/reopen.html index 58d798a3..d68e8bdc 100644 --- a/askbot/skins/default/templates/reopen.html +++ b/askbot/skins/default/templates/reopen.html @@ -21,7 +21,7 @@ <p> {% trans %}Reopen this question?{% endtrans %} </p> -<form id="fmclose" action="{% url reopen question.id %}" method="post" > +<form id="fmclose" action="{% url reopen question.id %}" method="post" >{% csrf_token %} <div id="" style="padding:20px 0 20px 0"> <input type="submit" value="{% trans %}Reopen this question{% endtrans %}" class="submit" /> <input id="btBack" type="button" value="{% trans %}Cancel{% endtrans %}" class="submit" /> diff --git a/askbot/skins/default/templates/subscribe_for_tags.html b/askbot/skins/default/templates/subscribe_for_tags.html index 9a58ccbf..b436fb84 100644 --- a/askbot/skins/default/templates/subscribe_for_tags.html +++ b/askbot/skins/default/templates/subscribe_for_tags.html @@ -10,7 +10,7 @@ {% endfor %} </ul> <div style="clear:both;padding-top: 5px"> - <form method="post" action="{% url subscribe_for_tags %}"> + <form method="post" action="{% url subscribe_for_tags %}">{% csrf_token %} <input type="hidden" name="tags" value="{{tags|join(' ')|escape}}" /> <input type="submit" name="ok" value="{% trans %}Subscribe{% endtrans %}" /> <input type="submit" name="nope" value="{% trans %}Cancel{% endtrans %}" /> diff --git a/askbot/skins/default/templates/user_profile/user_edit.html b/askbot/skins/default/templates/user_profile/user_edit.html index 9308bf90..fe4ea35f 100644 --- a/askbot/skins/default/templates/user_profile/user_edit.html +++ b/askbot/skins/default/templates/user_profile/user_edit.html @@ -7,7 +7,7 @@ {{ request.user.username }} - {% trans %}edit profile{% endtrans %} </h1> <div id="main-body" style="width:100%;padding-top:10px"> - <form name="" action="{% url edit_user request.user.id %}" method="post"> + <form name="" action="{% url edit_user request.user.id %}" method="post">{% csrf_token %} <div id="left" style="float:left;width:180px"> {% if request.user.email %} {{ macros.gravatar(request.user, 128) }} diff --git a/askbot/skins/default/templates/user_profile/user_email_subscriptions.html b/askbot/skins/default/templates/user_profile/user_email_subscriptions.html index 896a77f0..e6a18dd3 100644 --- a/askbot/skins/default/templates/user_profile/user_email_subscriptions.html +++ b/askbot/skins/default/templates/user_profile/user_email_subscriptions.html @@ -10,7 +10,7 @@ {% if action_status %} <p class="action-status"><span>{{action_status}}</span></p> {% endif %} - <form method="post" action=""> + <form method="post" action="">{% csrf_token %} <table class='form-as-table ab-subscr-form'> {{email_feeds_form.as_table()}} </table> diff --git a/askbot/skins/default/templates/user_profile/user_moderate.html b/askbot/skins/default/templates/user_profile/user_moderate.html index b8070e50..563026a4 100644 --- a/askbot/skins/default/templates/user_profile/user_moderate.html +++ b/askbot/skins/default/templates/user_profile/user_moderate.html @@ -10,7 +10,7 @@ {% if user_status_changed %} <p class="action-status"><span>{% trans %}User status changed{% endtrans %}</span></p> {% endif %} - <form method="post"> + <form method="post">{% csrf_token %} <input type="hidden" name="sort" value="moderate"/> <table class="form-as-table"> {{ change_user_status_form.as_table() }} @@ -29,7 +29,7 @@ {% if user_rep_changed %} <p class="action-status"><span>{% trans %}User reputation changed{% endtrans %}</span></p> {% endif %} -<form method="post"> +<form method="post">{% csrf_token %} <input type="hidden" name="sort" value="moderate"/> <table class="form-as-table"> {{ change_user_reputation_form.as_table() }} @@ -44,7 +44,7 @@ {% if message_sent %} <p class="action-status"><span>{% trans %}Message sent{% endtrans %}</span></p> {% endif %} -<form method="post"> +<form method="post">{% csrf_token %} <input type="hidden" name="sort" value="moderate"/> <div class="form-row-vertical"> <label for="id_subject_line">{{ send_message_form.subject_line.label}}</label> |