En/na Benjamin Buch ha escrit:
1: Pass the ValueError like this:
if 'picture' in request.GET:
try:
pictures.insert(0, pictures.pop(int(request.GET['picture']) -1))
except IndexError:
pass
except ValueError:
pass
As a rule of thumb you must always validate values coming from the user
before using them.
With the first approach you perform some kind of (implicit) validation,
so I think that it is preferable over the second.
I case that it fits in your app, a third approach would be to change the
URL schema and let django deal with tampered URLs:
http://dorthegoeden.de/.../horch-was-waechst/4/
With the appropriate urlpattern/urlconf your view will be called only
with valid input (an string of digits). In case of URLs like:
http://dorthegoeden.de/.../horch-was-waechst/4/5/
http://dorthegoeden.de/.../horch-was-waechst/notanumber/
django will return a Not Found response.
HTH
--
You received this message because you are subscribed to the Google Groups "Django
users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en.
