1. Kevin Veroneau
  2. antibot-forms


antibot-forms / views.py

from django.views.decorators.csrf import csrf_protect
from django.views.decorators.http import require_POST
from antibot-forms.forms import CommentForm
from django.core.mail import mail_admins
from django.contrib.comments.views.comments import CommentPostBadRequest,\
from django.db import models
from django.utils.html import escape
from django.core.exceptions import ObjectDoesNotExist, ValidationError
from django.contrib import comments
from django.shortcuts import render_to_response
from django.template.context import RequestContext
from django.contrib.comments import signals
from django.contrib.comments.views.utils import next_redirect
from django.http import HttpResponse

def post_comment(request, next=None, using=None):
    frm = CommentForm(request)
    if not frm.is_valid():
            comment = frm.getField('comment')
            comment = "Comment lost in transit, hit the back button and cross your fingers..."
        mail_admins("Comment post failed", "Error: %s<br/>Comment: %s" % (frm.error, comment), fail_silently=True)
        return HttpResponse("There was a problem with submitting your comment: %s<br/>Please copy and paste your comment below and try again...<hr/>%s" % (frm.error, comment))
        next = frm.getField('next')
        next = '/comments/posted/'
    if next == '': next = '/comments/posted/'
        ctype = frm.getField("content_type")
        object_pk = frm.getField("object_pk")
        return CommentPostBadRequest("Missing content_type or object_pk field.")
        model = models.get_model(*ctype.split(".", 1))
        target = model._default_manager.using(using).get(pk=object_pk)
    except TypeError:
        return CommentPostBadRequest(
            "Invalid content_type value: %r" % escape(ctype))
    except AttributeError:
        return CommentPostBadRequest(
            "The given content-type %r does not resolve to a valid model." % \
    except ObjectDoesNotExist:
        return CommentPostBadRequest(
            "No object matching content-type %r and object PK %r exists." % \
                (escape(ctype), escape(object_pk)))
    except (ValueError, ValidationError), e:
        return CommentPostBadRequest(
            "Attempting go get content-type %r and object PK %r exists raised %s" % \
                (escape(ctype), escape(object_pk), e.__class__.__name__))
    form = comments.get_form()(target, data=frm.getFields())

    if form.security_errors():
        return CommentPostBadRequest(
            "The comment form failed security verification: %s" % \

    # If there are errors or if we requested a preview show the comment
    if form.errors:
        template_list = [
            # These first two exist for purely historical reasons.
            # Django v1.0 and v1.1 allowed the underscore format for
            # preview templates, so we have to preserve that format.
            "comments/%s_%s_preview.html" % (model._meta.app_label, model._meta.module_name),
            "comments/%s_preview.html" % model._meta.app_label,
            # Now the usual directory based template heirarchy.
            "comments/%s/%s/preview.html" % (model._meta.app_label, model._meta.module_name),
            "comments/%s/preview.html" % model._meta.app_label,
        return render_to_response(
            template_list, {
                "comment" : form.data.get("comment", ""),
                "frm" : frm,
                "next": next,
            RequestContext(request, {})

    # Otherwise create the comment
    comment = form.get_comment_object()
    comment.ip_address = request.META.get("REMOTE_ADDR", None)
    if request.user.is_authenticated():
        comment.user = request.user

    # Signal that the comment is about to be saved
    responses = signals.comment_will_be_posted.send(
        sender  = comment.__class__,
        comment = comment,
        request = request

    for (receiver, response) in responses:
        if response == False:
            return CommentPostBadRequest(
                "comment_will_be_posted receiver %r killed the comment" % receiver.__name__)

    # Save the comment and signal that it was saved
        sender  = comment.__class__,
        comment = comment,
        request = request

    return next_redirect(request, next, comment_done)