Fixed #7814 -- Fixed a number of style inconsistencies in the docs. Thanks, uzi and programmerq

   - `Request/response objects`_.

   - `Sending email`_.

   - `Sending e-mail`_.

   - `Sessions`_.

.. _mod_python integration: ../modpython/

.. _redirects: ../redirects/

.. _request/response objects: ../request_response/

.. _sending email: ../email/

.. _sending e-mail: ../email/

.. _sessions: ../sessions/

.. _settings: ../settings/

.. _syndication: ../syndication_feeds/

**Description:**

Allows a user to reset their password, and sends them the new password

in an email.

in an e-mail.

**Optional arguments:**

      ``registration/password_reset_form.html`` if not supplied.

    * ``email_template_name``: The full name of a template to use for

      generating the email with the new password. This will default to

      generating the e-mail with the new password. This will default to

      ``registration/password_reset_email.html`` if not supplied.

**Template context:**

      user to change their password.

    * ``django.contrib.auth.forms.PasswordResetForm``: A form for resetting a

      user's password and emailing the new password to them.

      user's password and e-mailing the new password to them.

    * ``django.contrib.auth.forms.UserCreationForm``: A form for creating a

      new user.

The CsrfMiddleware class provides easy-to-use protection against

`Cross Site Request Forgeries`_.  This type of attack occurs when a malicious

web site creates a link or form button that is intended to perform some action

on your web site, using the credentials of a logged-in user who is tricked

Web site creates a link or form button that is intended to perform some action

on your Web site, using the credentials of a logged-in user who is tricked

into clicking on the link in their browser.

The first defense against CSRF attacks is to ensure that GET requests

   checks that the 'csrfmiddlewaretoken' is present and correct. If it

   isn't, the user will get a 403 error.

This ensures that only forms that have originated from your web site

This ensures that only forms that have originated from your Web site

can be used to POST data back.

It deliberately only targets HTTP POST requests (and the corresponding POST

CSRF attack with a GET request ought to be harmless.

POST requests that are not accompanied by a session cookie are not protected,

but they do not need to be protected, since the 'attacking' web site

but they do not need to be protected, since the 'attacking' Web site

could make these kind of requests anyway.

The Content-Type is checked before modifying the response, and only

may or may not make sense. If you are using custom SQL fragments in your

``extra()`` calls, Django will not inspect these fragments to see if they need

to be rewritten because of changes in the merged query. So test the effects

carefully. Also realise that if you are combining two ``QuerySets`` with

carefully. Also realize that if you are combining two ``QuerySets`` with

``|``, you cannot use ``extra(select=...)`` or ``extra(where=...)`` on *both*

``QuerySets``. You can only use those calls on one or the other (Django will

raise a ``ValueError`` if you try to use this incorrectly).

Runs over the entire source tree of the current directory and pulls out all

strings marked for translation. It creates (or updates) a message file in the

conf/locale (in the django tree) or locale (for project and application)

conf/locale (in the Django tree) or locale (for project and application)

directory. After making changes to the messages files you need to compile them

with ``compilemessages`` for use with the builtin gettext support. See the

`i18n documentation`_ for details.