From 671e946c6d48f043c9a3949eee6cf7dd8826aa3e Mon Sep 17 00:00:00 2001
From: Martin Green <martin.speleo@gmail.com>
Date: Mon, 2 May 2011 02:12:26 +0100
Subject: [PATCH] settings.PUBLIC_SITE, login required if public for logbook
 entry, CRCF middleware

---
 localsettingsserver.py            | 2 ++
 localsettingsubuntu.py            | 2 ++
 localsettingswindows.py           | 1 +
 settings.py                       | 1 +
 templates/logbookentry.html       | 7 +++++--
 templates/registration/login.html | 2 +-
 6 files changed, 12 insertions(+), 3 deletions(-)

diff --git a/localsettingsserver.py b/localsettingsserver.py
index 208aed9..cd05178 100644
--- a/localsettingsserver.py
+++ b/localsettingsserver.py
@@ -16,6 +16,8 @@ SURVEY_SCANS = '/home/expo/expoimages/'
 FILES = '/home/expo/expoimages'
 EXPOWEB_URL = 'http://expo.survex.com/'
 
+PUBLIC_SITE = True
+
 SURVEYS_URL = 'http://troggle.cavingexpedition.com/survey_scans/'
 
 SVX_URL = 'http://framos.lawoftheland.co.uk/troggle/survex/'
diff --git a/localsettingsubuntu.py b/localsettingsubuntu.py
index c8800b9..991a77f 100644
--- a/localsettingsubuntu.py
+++ b/localsettingsubuntu.py
@@ -13,6 +13,8 @@ SURVEYS = '/home/goatchurch/tunnel/cucc/surveys'
 
 EXPOWEB_URL = 'http://expo.survex.com/'
 
+PUBLIC_SITE = False
+
 CAVERN = 'cavern'
 EXPOWEB = '/home/goatchurch/expoweb/'
 SURVEYS_URL = ''
diff --git a/localsettingswindows.py b/localsettingswindows.py
index 717167f..3b0447e 100644
--- a/localsettingswindows.py
+++ b/localsettingswindows.py
@@ -18,6 +18,7 @@ LOGFILE = EXPOWEB+'troggle\\parsing_log.txt'
 PHOTOS = 'C:\\Expo\\expoweb\\photos'
 
 URL_ROOT = 'http://127.0.0.1:8000'
+PUBLIC_SITE = False
 
 TINY_MCE_MEDIA_ROOT = '/usr/share/tinymce/www/' 
 TINY_MCE_MEDIA_URL = URL_ROOT + 'tinymce_media/'
diff --git a/settings.py b/settings.py
index 9078f11..5a41239 100644
--- a/settings.py
+++ b/settings.py
@@ -63,6 +63,7 @@ MIDDLEWARE_CLASSES = (
     'django.contrib.sessions.middleware.SessionMiddleware',
     'django.contrib.auth.middleware.AuthenticationMiddleware',
     'django.contrib.redirects.middleware.RedirectFallbackMiddleware',
+    'django.middleware.csrf.CsrfViewMiddleware',
     'troggle.middleware.SmartAppendSlashMiddleware'
 )
 
diff --git a/templates/logbookentry.html b/templates/logbookentry.html
index 19b8a30..04229fb 100644
--- a/templates/logbookentry.html
+++ b/templates/logbookentry.html
@@ -5,7 +5,9 @@
 {% block editLink %}<a href={{logbookentry.get_admin_url}}>Edit logbook entry {{logbookentry|wiki_to_html_short}}</a>{% endblock %}
 {% block content %}
 
-<h2>{{logbookentry.title|safe}}</h2>
+{% block related %}{% endblock %}
+{% block nav %}{% endblock %}
+<h2>{{logbookentry.title}}</h2>
 
 <div id="related">
 <p><a href="{{ logbookentry.expedition.get_absolute_url }}">{{logbookentry.expedition.name}}</a></p>
@@ -69,6 +71,7 @@
 </div>
 </div>
 
-{% if logbookentry.filename %}<a href="{% url editlogbookentry year=logbookentry.year pdate=logbookentry.date pslug=logbookentry.slug %}">Edit</a> <a href="{% url deletelogbookentry year=logbookentry.year date=logbookentry.date slug=logbookentry.slug %}">Delete</a>{%endif%}
+{% if logbookentry.filename %}<a href="{% url editLogBookEntry expeditionyear=logbookentry.expedition.year pdate=logbookentry.date pslug=logbookentry.slug %}">Edit</a> <a href="{% url deleteLogBookEntry expeditionyear=logbookentry.expedition.year date=logbookentry.date slug=logbookentry.slug %}">Delete</a>{%endif%}
+
 
 {% endblock %}
diff --git a/templates/registration/login.html b/templates/registration/login.html
index 04b5074..2d49395 100644
--- a/templates/registration/login.html
+++ b/templates/registration/login.html
@@ -6,7 +6,7 @@
 <p>Your username and password didn't match. Please try again.</p>
 {% endif %}
 
-<form method="post" action=".">
+<form method="post" action=".">{% csrf_token %}
 <table>
 <tr><td>{{ form.username.label_tag }}</td><td>{{ form.username }}</td></tr>
 <tr><td>{{ form.password.label_tag }}</td><td>{{ form.password }}</td></tr>