1 files changed, 16 insertions, 8 deletions

diff --git a/debug_toolbar/views.py b/debug_toolbar/views.py
index 759cb66..4b4ebc9 100644
--- a/debug_toolbar/views.py
+++ b/debug_toolbar/views.py
@@ -9,11 +9,19 @@ import django.views.static
 from django.conf import settings
 from django.http import HttpResponseBadRequest
 from django.shortcuts import render_to_response
-from django.utils import simplejson
-from django.utils.hashcompat import sha_constructor
 
 from debug_toolbar.utils.compat.db import connections
 
+try:
+    import json
+except ImportError: # python < 2.6
+    from django.utils import simplejson as json
+
+try:
+    from hashlib import sha1
+except ImportError: # python < 2.5
+    from django.utils.hashcompat import sha_constructor as sha1
+
 
 class InvalidSQLError(Exception):
     def __init__(self, value):
@@ -37,11 +45,11 @@ def sql_select(request):
     sql = request.GET.get('sql', '')
     params = request.GET.get('params', '')
     alias = request.GET.get('alias', 'default')
-    hash = sha_constructor(settings.SECRET_KEY + sql + params).hexdigest()
+    hash = sha1(settings.SECRET_KEY + sql + params).hexdigest()
     if hash != request.GET.get('hash', ''):
         return HttpResponseBadRequest('Tamper alert')  # SQL Tampering alert
     if sql.lower().strip().startswith('select'):
-        params = simplejson.loads(params)
+        params = json.loads(params)
         cursor = connections[alias].cursor()
         cursor.execute(sql, params)
         headers = [d[0] for d in cursor.description]
@@ -72,11 +80,11 @@ def sql_explain(request):
     sql = request.GET.get('sql', '')
     params = request.GET.get('params', '')
     alias = request.GET.get('alias', 'default')
-    hash = sha_constructor(settings.SECRET_KEY + sql + params).hexdigest()
+    hash = sha1(settings.SECRET_KEY + sql + params).hexdigest()
     if hash != request.GET.get('hash', ''):
         return HttpResponseBadRequest('Tamper alert')  # SQL Tampering alert
     if sql.lower().strip().startswith('select'):
-        params = simplejson.loads(params)
+        params = json.loads(params)
         cursor = connections[alias].cursor()
 
         conn = connections[alias].connection
@@ -120,11 +128,11 @@ def sql_profile(request):
     sql = request.GET.get('sql', '')
     params = request.GET.get('params', '')
     alias = request.GET.get('alias', 'default')
-    hash = sha_constructor(settings.SECRET_KEY + sql + params).hexdigest()
+    hash = sha1(settings.SECRET_KEY + sql + params).hexdigest()
     if hash != request.GET.get('hash', ''):
         return HttpResponseBadRequest('Tamper alert')  # SQL Tampering alert
     if sql.lower().strip().startswith('select'):
-        params = simplejson.loads(params)
+        params = json.loads(params)
         cursor = connections[alias].cursor()
         result = None
         headers = None