Malcolm Tredinnick wrote: > On Wed, 2006-10-11 at 22:45 -0500, Patrick J. Anderson wrote: > [...] >> Thanks for your comments, Malcolm. I realize that a determined person >> could submit an altered form and edit other profiles. >> >> I guess this is not a Django-specific question, but what would be the >> best way of preventing that from happening? > > You already know what you want the original value to be (False). So set > it explicitly to False in the view prior to saving it upon creation. > There is no need for the user's input to be involved for that attribute > at all, so don't include it in the form. > > Regards, > Malcolm > > > > > > But if I don't set it to True in the form (well "2" to be exact; "True" returns KeyError if my value is in hidden input), it reverts to False for approved members.
I have a fairly large Member model and I was hoping to avoid writing custom form manipulators --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users -~----------~----~----~----~------~----~------~--~---
