Hi all! I come to here from a little symfony background (a framework, which try to borrow good things from django), and would like to have an overview how django stacks up.
I would like to ask, if the admin module can be used on a production server by registered users. What problems can occur? (I assume every object references a user) - editing/deleting objects not belonging to user - id leak (the user will know how many object of any type is) - for this to solve, one must use an unique index (not an autoincremented number) to select specific objects. OR the primary keys should be hidden from user (stored in session, and the request just references to the index in the session) - what else gotchas? How these problems are solved in django? thanks Gergo --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~----------~----~----~----~------~----~------~--~---
