Flask-WTF表单成功发布,但验证永远不会发生

时间:2014-05-27 09:27:26

标签: python flask-sqlalchemy wtforms flask-wtforms

我现在已经在WTF表格上挣扎了很长一段时间。但是这个错误,似乎永远不会消失。我当我尝试运行此代码时,表单永远不会验证

观点:

@bundle.route('/content/add/', methods=['GET', 'POST'])
@bundle.route('/content/add', methods=['GET', 'POST'])
@bundle.route('/content/edit/<posturl>/', methods=['GET', 'POST'])
@bundle.route('/content/edit/<posturl>', methods=['GET', 'POST'])
@fas_login_required
def addcontent(posturl=None):
    form = CreateContent()
    form_action = url_for('content.addcontent')
    if posturl is not None:
        content = Content.query.filter_by(slug=posturl).first_or_404()
        form = CreateContent(obj=content)
        if form.slug.data == posturl and request.method == 'POST' and form.validate():
            form.populate_obj(content)
            db.session.commit()
            return redirect(url_for('content.addcontent',
                                    posturl=posturl, updated="True"))

    else:
        if request.method == 'POST' and form.validate():
            query = Content(form.title.data,
                            form.slug.data,
                            form.description.data,
                            form.media_added_ids.data,
                            form.active.data,
                            form.tags.data,
                            g.fas_user['username'],
                            form.type_content.data
                            )
            try:
                db.session.add(query)
                db.session.commit()
                # Duplicate entry
            except Exception as e:
                return str(e)
            return redirect(url_for('content.addcontent',
                                    posturl=form.slug.data, updated="True"))
        else:
            print "Please validate form"
    return render_template('content/edit_content.html', form=form,
                           form_action=form_action, title="Create Content")

表格类:

# -*- coding: utf-8 -*-
from flask.ext.wtf import Form
from wtforms import TextField, TextAreaField
from wtforms import BooleanField, SelectField, validators
from wtforms.validators import Required

__all__ = ['CreateContent']


class CreateContent(Form):
    title = TextField(
        'Title',  [validators.Length(min=4, max=255)])
    slug = TextField(
        'Url-Slug', [validators.Length(min=4, max=255)])
    description = TextAreaField('Content', [validators.Length(min=4)])
    media_added_ids = TextField('media')
    type_content = SelectField(u'Content Type',
                               [Required()],
                               choices=[('blog', 'Blog Post'),
                                        ('media', 'Lecture'),
                                        ('doc', 'Documentation')]
                               )
    # Comma seprated media id's
    active = BooleanField('Published')
    tags = TextField('Tags', [Required()])
    # Comma seprated tag id's

我的模板:

    {% extends "base.html" %}
    {% block title %}
        {{ title }}
    {% endblock %}
    {% block content %}
    {% from "_formhelpers.html" import render_field %}
    <div id="Create Content">
        <center><h3> {{ updated }} </h3></center>
        <h2>{{  title  }}</h2>
        <form method="post" action="">
            <fieldset>
                <legend></legend>
                {{ render_field(form.title) }}
                {{ render_field(form.slug ) }}
                {{ render_field(form.description ) }}
                {{ render_field(form.media_added_ids)}}
                {{ render_field(form.type_content) }}
                {{ render_field(form.active) }}
                {{ render_field(form.tags )}}
        </fieldset>
        <input type="submit" class="button" value="Save"/>
    </form>
    </div>
    {% endblock %}

任何帮助都将受到高度关注

2 个答案:

答案 0 :(得分:6)

如果在烧瓶应用程序设置中激活CSFR令牌,则每个表单中都包含CSFR令牌。如果开发人员已激活设置并且未将其包含在表单模板中,则烧瓶WTF将自动拒绝该请求。

此问题的解决方案是以下标记:

{{form.hidden_tag()}}

添加后,CSFR id包含在请求中并发送到视图以供WTForms验证。

如果您还没有包含此令牌,则form.errors字典中不会显示任何错误。如果你遍历这个dictonary没有错误显示,但form.validate方法将返回false。

答案 1 :(得分:5)

如果在CSRF设置中激活,则Flask-WTF会自动添加Flask令牌。如果此设置处于活动状态且未包含在表单提交中,则提交将被拒绝。在这种情况下,解决方案是在模板中添加hidden_tag字段,以便它包含在表单提交中。

{{form.hidden_tag()}}
相关问题
最新问题