我正在尝试创建一个页面,用户可以在其中键入他/她的消息并保存。 同时该页面还会显示其中的现有消息。
我无法保存邮件。 此处显示的消息已保存在数据库中。
单击“提交”按钮,将打开一个Fobidden页面,说明CSRF验证失败。请求中止。
请指导我在哪里犯错误。
查看页面编码是:
# # Create your views here.
from django.http import HttpResponse
from home.models import dbmassage
from django.template import Context, loader
def index(request):
#shows messages from the database
home_message = dbmassage.objects.all()
t = loader.get_template('C:/Users/NILESH/Desktop/Django-1.5.1/templates/home/index.html')
c = Context({'home_message': home_message,})
return HttpResponse(t.render(c))
# handle submit message
if request.method == 'POST':
if request.POST['submit_action'] == 'Submit Message':
# attempt to do submit
b = home_message(request.POST)
if b.is_valid():
b.save()
message = 'Message Submitted.'
else:
# validation failed: show submitted values in form
f = submit_b
return HttpResponse(t.render(c))
And the INDEX page coding I did is :
<h1>The Messages</h1>
<h3>Type Your Message:</h3>
<form action='{{ request.path }}' method='POST'>
{% csrf_token %}
<input type="text" maxlength=80 style="width:300px">
<table>
{{ form }}
<tr>
<td colspan=2 align=right>
<h5>Maximum Length = 80</h5><input name="submit_action" type="submit" value="Submit Message">
</td>
</tr>
</table>
</form>
<h3>The Existing Messages:</h3>
{% if home_message %}
<ul>
{% for b in home_message %}
<li>{{ b.massage }}</li>
{% endfor %}
</ul>
{% endif %}
AND settings.py CODE只是MIDDLEWARE的东西::
MIDDLEWARE_CLASSES = (
'django.middleware.common.CommonMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
# Uncomment the next line for simple clickjacking protection:
# 'django.middleware.clickjacking.XFrameOptionsMiddleware',
)
答案 0 :(得分:4)
您应在{% csrf_token %}标记下添加此行form:
<form action='{{ request.path }}' method='POST'>
{% csrf_token %}
...
正如Samuele所说,您的代码永远不会到达return HttpResponse(t.render(c))
可以将视图重新组织为:
#shows messages from the database
home_message = dbmassage.objects.all()
t = loader.get_template('C:/Users/NILESH/Desktop/Django- 1.5.1/templates/home/index.html')
c = Context({'home_message': home_message,})
# handle submit message
if request.method == 'POST':
if request.POST['submit_action'] == 'Submit Message':
# attempt to do submit
submit_b = home_message(request.POST)
if submit_b.is_valid():
submit_b.save()
message = 'Message Submitted.'
else:
# validation failed: show submitted values in form
f = submit_b
return HttpResponse(t.render(c))
只需将return语句传递给方法的末尾即可。 POST逻辑仅在表单提交后执行。
希望这有帮助!
答案 1 :(得分:1)
我打电话给你回复你的功能。我希望这段代码有帮助
in views.py
def index(request):
home_message = dbmassage.objects.all()
if request.method == 'POST':
form = YourForm(request.POST)
if form.is_valid():
cd = form.cleaned_data
message = dbmassage(...call your dbmassage field like cd['message'] ...)
message.save()
else:
form = Your Form()
return render(request, 'your_template.html', {'form': form, 'home_message': home_message})
<h1>The Messages</h1>
<h3>Type Your Message:</h3>
<form action='{{ request.path }}' method='POST'>
{% csrf_token %}
<input type="text" maxlength=80 style="width:300px">
<table>
{{ form }}
<tr>
<td colspan=2 align=right>
<h5>Maximum Length = 80</h5><input name="submit_action" type="submit" value="Submit Message">
</td>
</tr>
</table>
</form>
<h3>The Existing Messages:</h3>
{% if home_message %}
<ul>
{% for b in home_message %}
<li>{{ b.massage }}</li>
{% endfor %}
</ul>
{% endif %}
在form.py
中class YourForm(forms.Form):
message = forms.CharField()