X-Git-Url: https://git.mdrn.pl/edumed.git/blobdiff_plain/d85918d2efce30a1d9898b03c982fa545b56db37..ba00be28d6f3a8f33069b2e9774776ed0fadf7ca:/wtem/views.py?ds=sidebyside

diff --git a/wtem/views.py b/wtem/views.py
index 546ec5b..fbef888 100644
--- a/wtem/views.py
+++ b/wtem/views.py
@@ -4,6 +4,7 @@ from django.shortcuts import render
 from django.utils import simplejson
 from django.conf import settings
 from django.http import Http404, HttpResponseForbidden
+from django.views.decorators.cache import never_cache
 from django.views.decorators.csrf import csrf_exempt
 
 from .models import Submission, DEBUG_KEY, exercises
@@ -17,16 +18,22 @@ def form(request, key):
     return globals()['form_' + WTEM_CONTEST_STAGE](request, key)
     
 def form_before(request, key):
-    return render(request, 'wtem/main_before.html')
+    try:
+        submission = Submission.objects.get(key = key)
+    except:
+        return render(request, 'wtem/key_not_found_before.html')
+    else:
+        return render(request, 'wtem/main_before.html')
 
 def form_after(request, key):
     return render(request, 'wtem/main_after.html')
 
+@never_cache
 @csrf_exempt
 def form_during(request, key):
 
     if WTEM_CONTEST_STAGE != 'during':
-        if request.META['REMOTE_ADDR'] != getattr(settings, 'WTEM_CONTEST_IP_ALLOW', 'xxx'):
+        if request.META['REMOTE_ADDR'] not in getattr(settings, 'WTEM_CONTEST_IP_ALLOW', []):
             return HttpResponseForbidden('Not allowed')
 
     try: