我正在尝试创建一个Web应用程序,在单击某些按钮时进行Ajax调用,更新模型中的数据并显示更新的数据。这是我的模板:
<html>
<head>
<script src="http://code.jquery.com/jquery-1.9.1.min.js"></script>
<script src="{{ STATIC_URL }}/workout1.js"></script>
</head>
<body>
<span id="squats">Squats: {{ user.weekOne.squats }} done.<br/></span>
<span id="lunges">Lunges: {{ user.weekOne.lunges }} done.<br /></span>
<span id="stairDays">Stair Days: {{ user.weekOne.stairDaysCount }}<br/></span>
<span id="skipStairs">Skip Stairs: {{ user.weekOne.skipStairs }}<br /></span>
<form>
{% csrf_token %}
<input type="text" name="squats" id="squatsVal" value="Squats" />
<input type="submit" id="submitSquats" value="Add Squats"/><br />
</form>
<form>
<input type="text" name="lunges" value="Lunges" />
<input type="submit" value="Add Lunges" /><br />
</form>
<form>
<input type="submit" value="Stairs skipped."><br />
</form>
</body>
</html>
我使用Django的suggested code来处理Ajax和CSRF。这是我的结果jQuery:
$(document).ready(function(){
// Boilerplate for handling CSRF, from Django's website
function getCookie(name) {
var cookieValue = null;
if (document.cookie && document.cookie != '') {
var cookies = document.cookie.split(';');
for (var i = 0; i < cookies.length; i++) {
var cookie = jQuery.trim(cookies[i]);
// Does this cookie string begin with the name we want?
if (cookie.substring(0, name.length + 1) == (name + '=')) {
cookieValue = decodeURIComponent(cookie.substring(name.length + 1));
break;
}
}
}
return cookieValue;
};
var csrftoken = getCookie('csrftoken');
$.ajaxSetup({
crossDomain: false, // obviates need for sameOrigin test
beforeSend: function(xhr, settings) {
if (!csrfSafeMethod(settings.type)) {
xhr.setRequestHeader("X-CSRFToken", csrftoken);
}
}
});
// the actual Ajax
$("#submitSquats").click(function() {
var exercise = "squats";
var amount = $('#squats').val();
var data = {'exercise': exercise, 'amount': amount};
$.ajax({
type:"POST",
url:"submitWorkout1",
data: data,
success: function() {
$('#squats').html('<span>Success</span>');
}
});
return false;
});
});
最后,这是处理传入Ajax请求并返回Ajax响应的视图:
def submitWorkout1(request):
exercise = request.POST['exercise']
amount = request.POST['amount']
user = UserProfile.objects.get(user=request.user)
exercise, amount = user.WeekOne.updateExercise(exercise, amount)
return HttpResponse(simplejson.dumps({'result': 'success', exercise: amount}))
不幸的是,当我尝试单击Submit Squats按钮并运行jQuery时,我收到一条CSRF Token Missing or Incorrect
错误消息。此外,如果我在我的视图上使用@csrf_exempt标识符进行测试,我会收到此错误:
"Key 'exercise' not found in <QueryDict: {u'undefined': [u'', u'']}>"
所以,即使我要修复CSRF问题,我的Ajax代码似乎还有其他问题。但我想解决这两个问题。救命!
更新了代码(请参阅下面的凯瑟琳帖子):
HTML:
<body>
<span id="squats">Squats: {{ user.weekOne.squats }} done.<br/></span>
<span id="lunges">Lunges: {{ user.weekOne.lunges }} done.<br /></span>
<span id="stairDays">Stair Days: {{ user.weekOne.stairDaysCount }}<br/></span>
<span id="skipStairs">Skip Stairs: {{ user.weekOne.skipStairs }}<br /></span>
<form method="POST" action="{% url workout_game_app.views.submitWorkout1 %}">
{% csrf_token %}
<input type="text" name="squats" id="squatsVal" value="Squats" />
<input type="submit" id="submitSquats" value="Add Squats"/><br />
</form>
</body>
jQuery的:
$(document).ready(function() {
$("#submitSquats").click(function() {
var exercise = "squats";
var amount = $('#squats').val();
$.ajax({
type:"POST",
url:"/workout_game_app/workouts/submitWorkout1/",
data: {'exercise': exercise,
'amount:': amount,
'csrfmiddlewaretoken': '{{csrf_token}}'},
contentType: "application/json;charset=utf-8",
dataType: "json",
success: function() {
$('#squats').html('<span>Success</span>');
}
});
return false;
});
});
视图:
def submitWorkout1(request):
if request.method == 'POST':
exercise = request.POST['exercise']
amount = request.POST['amount']
user = UserProfile.objects.get(user=request.user)
exercise, amount = user.WeekOne.updateExercise(exercise, amount)
data = simplejson.dumps({
'result': 'success',
'exercise': exercise,
'amount': amount
}, indent=4)
return HttpResponse(data, mimetype="application/javascript")
URL:
urlpatterns = patterns('',
url(r'^$', 'workout_game_app.views.index'),
url(r'^signup$/', 'workout_game_app.views.signup'),
url(r'^login$/', 'workout_game_app.views.login_view'),
url(r'^logout/$', 'workout_game_app.views.logout_view'),
url(r'^workouts/workout1/$', 'workout_game_app.views.workout1'),
url(r'^workouts/submitWorkout1/$',
'workout_game_app.views.submitWorkout1'),
答案 0 :(得分:3)
如果我是你,我会删除“//用于处理CSRF的Boilerplate,从Django的网站”下面的AJAX注释并用这个替换“实际的ajax”:
// the actual Ajax
$("#submitSquats").click(function() {
var form = $(this).parent();
$.post(
"submitWorkout1", //url
form.serialize(), //data
function() { //success method
$('#squats').html('<span>Success</span>');
}
);
return false;
});
如果您收到403错误,那一定是因为您没有发送csrf令牌......这可以通过form.serialize()
和所有表单数据轻松完成....
答案 1 :(得分:2)
删除csrf_token实现的脚本。只需在ajax函数中添加csrf_token即可。
<强>脚本强>
$(document).ready(function() {
$("#submitSquats").click(function() {
var exercise = "squats";
var amount = $('#squatsVal').val();
$.ajax({
type:"POST",
url:"/workout_game_app/workouts/submitWorkout1/",
data: {
'exercise': exercise,
'amount': amount,
'csrfmiddlewaretoken': '{{csrf_token}}'
},
contentType: "application/json;charset=utf-8",
dataType: "json",
success: function(data) {
$('#squats').html('<span>Success</span>');
alert(data); //for testing
},
error: function(ts) {
alert(ts.responseText);
}
});
return false;
});
});
在你的views.py
中def submitWorkout1(request):
if request.method == 'POST':
exercise = request.POST['exercise']
amount = request.POST['amount']
user = UserProfile.objects.get(user=request.user)
exercise, amount = user.WeekOne.updateExercise(exercise, amount)
data = simplejson.dumps({
'result': 'success',
'exercise': exercise,
'amount': amount
}, indent=4)
return HttpResponse(data, mimetype="application/javascript")
<强> urls.py 强>
别忘了在/
$
urlpatterns = patterns('',
url(r'^$', 'workout_game_app.views.index'),
url(r'^signup/$', 'workout_game_app.views.signup'),
url(r'^login/$', 'workout_game_app.views.login_view'),
url(r'^logout/$', 'workout_game_app.views.logout_view'),
url(r'^workouts/workout1/$', 'workout_game_app.views.workout1'),
url(r'^workouts/submitWorkout1/$',
'workout_game_app.views.submitWorkout1'),
<强>模板强>
<form method="POST" action="{% url workout_game_app.views.submitWorkout1 %}">
{% csrf_token %}
<input type="text" name="squats" id="squatsVal" value="Squats" />
<input type="submit" id="submitSquats" value="Add Squats"/><br />
</form>