If you don't own a url, you can't delete it.

go/go/views.py

@@ -13,11 +13,12 @@ def index(request):
 
 # My-Links page.
 @login_required
-def my_links(request):
+def my_links(request, permission = True):
     links = URL.objects.filter( owner = request.user )
 
     return render(request, 'my_links.html', {
         'links' : links,
+        'permission' : permission,
     },
     )
 
@@ -27,7 +28,9 @@ def delete(request, short):
     url = URL.objects.get( short = short )
     if url.owner == request.user:
         url.delete()
-    return redirect('my_links')
+        return redirect('my_links')
+    else:
+        return my_links(request, permission = False)
 
 # About page, static.
 def about(request):

go/settings/urls.py

@@ -15,7 +15,7 @@ urlpatterns = patterns('go.views',
     url(r'^signup/?$', 'signup', name = 'signup'),
 
     # /my - My-Links page, view and review links.
-    url(r'^my/?$', 'my_links', name = 'my_links'),
+    url(r'^my/?$', 'my_links', {'permission' : True}, name = 'my_links'),
 
     # /delete - Delete a link, no content display.
     url(r'^delete/(?P<short>\w+)$', 'delete', name = 'delete'),

go/templates/my_links.html

@@ -8,8 +8,12 @@ Go - A URL Shortener
 
 {% block content %}
 
-<div id="mylinks">
+{% if not permission %}
+  <p class="error">That link does not belong to you!</p>
+{% endif %}
 
+{% if links %}
+  <div id="mylinks">
   {% for link in links %}
     <p>
       <strong>Long:</strong> <a href="{{link.target}}">{{link.target}}</a>
@@ -24,11 +28,17 @@ Go - A URL Shortener
       <strong>Expires:</strong> {{link.expires}}
       <br />
 
-      <strong><a href="{%url 'delete' link.short%}">Delete</a></strong>
-
+      <strong>
+        <a href="{%url 'delete' link.short%}"
+        onclick="return confirm('Are you sure you want to delete this link?');">
+          Delete
+        </a>
+      </strong>
     </p>
   {% endfor %}
-
-</div>
+  </div>
+{% else %}
+  <p>None found.</p>
+{% endif %}
 
 {% endblock %}