- if (f.is_valid()):
- influence = f.save(commit=False)
- if (influence.character.player == request.user):
- influence.save()
- return HttpResponseRedirect(reverse('influences_influence_detail', args=[influence.id]))
- else:
- # TODO: Make this a bit more pretty. Perhaps throw an exception here and add some middleware to catch it?
- return HttpResponseForbidden("Forbidden -- Trying to submit influence for somebody else's character")
-
- # Only allow characters of the current user
+
+ # Only allow characters of the current user. Putting this here also
+ # ensures that a form will not validate when any other choice was
+ # selected (perhaps through URL crafting).