POST has to replaced by GET in register_handle_form

Issue #1259 new
scrapper
created an issue

in register_handle_form located at satchmo_store/accounts/views.py

I think a POST has to get replaced by GET. {{{

!python

def register_handle_form(request, redirect=None): """ Handle all registration logic. This is broken out from "register" to allow easy overriding/hooks such as a combined login/register page.

This method only presents a typical login or register form, not a full address form
(see register_handle_address_form for that one.)

Returns:
- Success flag
- HTTPResponseRedirect (success) or form (fail)
"""

if request.method == 'POST':
    form = RegistrationForm(request.POST)
    if form.is_valid():
        contact = form.save(request)

        # look for explicit "next"
     --- next = request.POST.get('next', '')
     +++ next = request.GET.get('next', '')

}}}

so ?next=/..... would work. hope this is correct.

if not, please tell me.

greetings

scrapper

Comments (7)

  1. Anonymous

    hello Chris,

    i really investigated a lot of time into this, thats the reason why i do write back days ago. the template i was talking about was NOT: https://bitbucket.org/chris1610/satchmo/src/25a8f114d059/satchmo/apps/satchmo_store/contact/templates/contact/_login_form.html#cl-5

    it is: https://bitbucket.org/chris1610/satchmo/src/f762f5a91b0a/satchmo/apps/satchmo_store/contact/templates/registration/login.html

    and if you do click the link:

    <p>{% trans "If you do not have an account, please" %} <a href="{% url registration_register %}">{% trans "click here" %}</a>.</p>

    -> no next parameter is sent with it. so the only chance to add a next is via GET:

    <p>{% trans "If you do not have an account, please" %} <a href="{% url registration_register %}?next=/shop">{% trans "click here" %}</a>.</p>

    why this could matter? if you do have more apps than satchmo running. example blog, forum,... (i do) after registration in shop, i get linked to /forum/login.

    with the correct next parameter this would not happen.

    should i solve that in another way or do we check on next via GET in /satchmo_store/accounts/views/register_handle_form as well?

    i think we could check both: next-POST and next-GET.

    what do you think?

    greetings

    scrapper

  2. scrapper reporter

    unfortunately i cannot change the name of the topic.

    POST should not be replace by GET.

    But: a check should be added to test if a next-GET parameter was added.

  3. scrapper reporter

    hi chris,

    after account registration one gets redirected via NEXT and GET to SHOP_BASE defined in settings.py.

    please check if everything is done correct. thank you.

    scrapper

  4. scrapper reporter

    i hope you dont get tired of my patches. if i should do them in another way, so you can work more efficient with them just tell me.

    scrapper

  5. Log in to comment