我有以下模板
{% block content %}
<form enctype="multipart/form-data" action="" method="post">{% csrf_token %}
{% for field in form %}
{{ field.label_tag }} {{ field }}
{% endfor %}
<input type="submit" value="Submit">
</form>
{% endblock %}
使用此模型构建
class TProfiles(models.Model):
id = models.IntegerField(primary_key=True) # AutoField?
first_name = models.CharField(max_length=45, blank=True)
surname = models.CharField(max_length=45, blank=True)
email = models.CharField(max_length=45, blank=True)
class Meta:
managed = False
db_table = 'profiles'
class TProfilesForm(ModelForm):
class Meta:
model = TProfiles
fields = ['first_name', 'surname', 'email']
哪个传递给视图
def register(request):
form = TProfilesForm()
if request.method == 'POST':
form = TProfilesForm(request.POST)
if form.is_valid():
form.save()
return render_to_response("register.html", {
"form": form,
})
但是,在尝试保存字段时,我一直遇到错误。 CSRF错误似乎有很多种...
编辑 - 错误消息
Forbidden (403)
CSRF verification failed. Request aborted.
Help
Reason given for failure:
CSRF token missing or incorrect.
In general, this can occur when there is a genuine Cross Site Request Forgery, or when Django's CSRF mechanism has not been used correctly. For POST forms, you need to ensure:
Your browser is accepting cookies.
The view function uses RequestContext for the template, instead of Context.
In the template, there is a {% csrf_token %} template tag inside each POST form that targets an internal URL.
If you are not using CsrfViewMiddleware, then you must use csrf_protect on any views that use the csrf_token template tag, as well as those that accept the POST data.
You're seeing the help section of this page because you have DEBUG = True in your Django settings file. Change that to False, and only the initial error message will be displayed.
You can customize this page using the CSRF_FAILURE_VIEW setting.
答案 0 :(得分:0)
答案似乎是将RequestContext(request)
添加到return语句中。所以我的代码看起来像:
def register(request):
form = TProfilesForm()
if request.method == 'POST':
form = TProfilesForm(request.POST)
if form.is_valid():
form.save()
return render_to_response("register.html", {
"form": form,
}, RequestContext(request))
找到了答案here
答案 1 :(得分:0)
或者简单地使用render而不是render_to_response:
return render(request,"register.html", {"form": form,})
使用导入:
from django.shortcuts import render