On Mar 22, 2:56 pm, Mike Ramirez <gufym...@gmail.com> wrote: > On Sunday 22 March 2009 09:25:42 am Brian Neal wrote: > > > > But from what you posted, I'm guessing that line needs to read: > > > obj.user = User.objects.get(username=request.user) > > I think what you want to do with this style is: > > obj.user = User.objects.get(username=request.user.username)
Yes, my mistake, thanks. > > > or maybe just > > > obj.user = request.user > > yeah, I think this is best. Agreed. >Tho if you're the type that sanitizes everything, > the upper one is better. I don't think so. request.user gets set by Django based on cookies, so it should be trustworthy as request.user.username. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~----------~----~----~----~------~----~------~--~---