Updates for CSRF protection in Django 1.2.X

Signed-off-by: Dan McGee <dan@archlinux.org>

11 files changed, 11 insertions, 11 deletions

diff --git a/templates/devel/index.html b/templates/devel/index.html
index 662e824..25429ec 100644
--- a/templates/devel/index.html
+++ b/templates/devel/index.html
@@ -60,7 +60,7 @@
         </tbody>
     </table>
 
-    <form id="dash-pkg-notify" method="post" action="/devel/notify/">
+    <form id="dash-pkg-notify" method="post" action="/devel/notify/">{% csrf_token %}
         <fieldset>
             <p><input id="notify" name="notify" type="checkbox" value="yes"
             {% if user.get_profile.notify %} checked="checked"{% endif %} />
diff --git a/templates/devel/profile.html b/templates/devel/profile.html
index 178a59a..2c1c658 100644
--- a/templates/devel/profile.html
+++ b/templates/devel/profile.html
@@ -6,7 +6,7 @@
 
     <h2>Developer Profile</h2>
 
-    <form id="edit-profile-form" method="post" action=".">
+    <form id="edit-profile-form" method="post" action=".">{% csrf_token %}
         <fieldset>
             <legend>Username: <strong>{{ user.username }}</strong></legend>
             {{ form.as_p }}
diff --git a/templates/general_form.html b/templates/general_form.html
index d499919..93e73ac 100644
--- a/templates/general_form.html
+++ b/templates/general_form.html
@@ -8,7 +8,7 @@
 
     {% if description %}{{description}}{% endif %}
 
-    <form class="general-form" method="post" action=".">
+    <form class="general-form" method="post" action=".">{% csrf_token %}
         <fieldset>
             {% for field in form %}
                 <p><label>{{field.label}}{% if field.help_text %}:</label><br />
diff --git a/templates/mirrors/index.html b/templates/mirrors/index.html
index b347a08..55c172d 100644
--- a/templates/mirrors/index.html
+++ b/templates/mirrors/index.html
@@ -13,7 +13,7 @@
     Simply replace the contents of <code>/etc/pacman.d/mirrorlist</code> with
     the generated code.</p>
 
-    <form id="list-generator" method="post" action=".">
+    <form id="list-generator" method="post" action=".">{% csrf_token %}
         {{ mirrorlist_form.as_p }}
         <p><label></label> <input type="submit" value="Generate List" /></p>
     </form>
diff --git a/templates/news/add.html b/templates/news/add.html
index 38b5b21..04a5568 100644
--- a/templates/news/add.html
+++ b/templates/news/add.html
@@ -10,7 +10,7 @@
     <h2>News: Add Article</h2>
     {% endif %}
 
-    <form id="newsform" method="post" action=".">
+    <form id="newsform" method="post" action=".">{% csrf_token %}
         <fieldset>
             {{ form.as_p }}
         </fieldset>
diff --git a/templates/news/delete.html b/templates/news/delete.html
index 6a2fa1e..3e3ba95 100644
--- a/templates/news/delete.html
+++ b/templates/news/delete.html
@@ -14,7 +14,7 @@
 
     <p>Are you sure?</p>
 
-    <form method="post" action=".">
+    <form method="post" action=".">{% csrf_token %}
         <input title="Delete this article" id="delete" name="delete"
         type="submit" value="Delete" /></p>
     </form>
diff --git a/templates/packages/details.html b/templates/packages/details.html
index f60324e..247b634 100644
--- a/templates/packages/details.html
+++ b/templates/packages/details.html
@@ -32,7 +32,7 @@
         </ul>
 
         {% if user.is_authenticated %}
-        <form id="pkg-action" method="post" action="/packages/update/">
+        <form id="pkg-action" method="post" action="/packages/update/">{% csrf_token %}
             <div><input type="hidden" name="pkgid" value="{{ pkg.id }}" /></div>
             <p><input title="Adopt this package" type="submit" class="adopt" name="adopt" value="Adopt" />
             &nbsp;&nbsp;<input title="Orphan this package" type="submit" class="disown" name="disown" value="Disown" /></p>
diff --git a/templates/packages/flag.html b/templates/packages/flag.html
index 71d8498..9a5b123 100644
--- a/templates/packages/flag.html
+++ b/templates/packages/flag.html
@@ -31,7 +31,7 @@
 
     <p>Please confirm your flag request for {{pkg.pkgname}}:</p>
 
-    <form id="flag-pkg-form" method="post" action=".">
+    <form id="flag-pkg-form" method="post" action=".">{% csrf_token %}
         <fieldset>
             {{ form.as_p }}
         </fieldset>
diff --git a/templates/packages/search.html b/templates/packages/search.html
index 6a22b7d..6ed7f95 100644
--- a/templates/packages/search.html
+++ b/templates/packages/search.html
@@ -69,7 +69,7 @@
     </div>
     {% endif %}
 
-    <form id="pkglist-results-form" method="post" action="/packages/update/">
+    <form id="pkglist-results-form" method="post" action="/packages/update/">{% csrf_token %}
 
         <table class="results">
             <thead>
diff --git a/templates/registration/login.html b/templates/registration/login.html
index 2f62656..867910b 100644
--- a/templates/registration/login.html
+++ b/templates/registration/login.html
@@ -10,7 +10,7 @@
     <p class="login-error">Your username and password didn't match. Please try again.</p>
     {% endif %}
 
-    <form id="dev-login-form" method="post" action=".">
+    <form id="dev-login-form" method="post" action=".">{% csrf_token %}
         <fieldset>
             <legend>Enter login credentials</legend>
             {{ form.as_p }}
diff --git a/templates/todolists/todolist_confirm_delete.html b/templates/todolists/todolist_confirm_delete.html
index c1e8783..39c9f0d 100644
--- a/templates/todolists/todolist_confirm_delete.html
+++ b/templates/todolists/todolist_confirm_delete.html
@@ -14,7 +14,7 @@
 
     <p>Are you sure?</p>
 
-    <form id="delete-todo-form" method="post" action=".">
+    <form id="delete-todo-form" method="post" action=".">{% csrf_token %}
         <p><input type="submit" value="Delete" /></p>
     </form>