Django-1.2.1/django/contrib/formtools/utils.py

   1 try:
   2     import cPickle as pickle
   3 except ImportError:
   4     import pickle
   5
   6 from django.conf import settings
   7 from django.utils.hashcompat import md5_constructor
   8 from django.forms import BooleanField
   9
  10 def security_hash(request, form, *args):
  11     """
  12     Calculates a security hash for the given Form instance.
  13
  14     This creates a list of the form field names/values in a deterministic
  15     order, pickles the result with the SECRET_KEY setting, then takes an md5
  16     hash of that.
  17     """
  18
  19     data = []
  20     for bf in form:
  21         # Get the value from the form data. If the form allows empty or hasn't
  22         # changed then don't call clean() to avoid trigger validation errors.
  23         if form.empty_permitted and not form.has_changed():
  24             value = bf.data or ''
  25         else:
  26             value = bf.field.clean(bf.data) or ''
  27         if isinstance(value, basestring):
  28             value = value.strip()
  29         data.append((bf.name, value))
  30
  31     data.extend(args)
  32     data.append(settings.SECRET_KEY)
  33
  34     # Use HIGHEST_PROTOCOL because it's the most efficient. It requires
  35     # Python 2.3, but Django requires 2.4 anyway, so that's OK.
  36     pickled = pickle.dumps(data, pickle.HIGHEST_PROTOCOL)
  37
  38     return md5_constructor(pickled).hexdigest()
  39