烧瓶形式不生效

时间:2020-07-28 20:53:41

标签: python validation web flask web-applications

我的Flask表单未通过验证,我尝试将其更改为类似于Flask文档示例,但是我无法弄清楚什么不起作用。这是我的代码:

forms.py 

<div class="container-fluid">
  <h1>Push and Pull</h1>
  <p>Resize the browser window to see the effect.</p>
  <div class="row">
    <div class="col-sm-4 order-4" style="background-color:lavender;">.col-sm-4 .order-4</div>
    <div class="col" style="background-color:lavenderblush;">.col</div>
  </div>
</div>

models.py 

from flask_wtf import FlaskForm
from wtforms import StringField, PasswordField, BooleanField, SubmitField, validators
from wtforms.validators import DataRequired

class PostForm(FlaskForm):
body = StringField('Body', [validators.Length(min=1, max=1000)])
post_title = StringField('Post Title', [validators.Length(min=1, max=1000)])
post_genre = StringField('Post Genre', [validators.Length(min=1, max=1000)])
submit = SubmitField('Submit Post')

routes.py 

class Post(db.Model):
    id = db.Column(db.Integer, primary_key=True)
    body = db.Column(db.String(20000))
    post_genre = db.Column(db.String(150))
    post_title = db.Column(db.String(300))
    timestamp = db.Column(db.DateTime, index=True, default=datetime.utcnow)
    user_id = db.Column(db.Integer, db.ForeignKey('user.id'))

    def __repr__(self):
        return '<Post {}>'.format(self.body

Jinja / HTML

_formhelpers.html 

@app.route('/editor', methods=['GET', 'POST'])
@login_required
def editor():
    if current_user.is_authenticated:
        form = PostForm()
        if form.validate_on_submit():
            flash('HELLOOOOOO')
            post = Post(post_title=form.post_title.data, post_genre=form.post_genre.data, body=form.body.data, user_id=current_user)
            db.session.add(post)
            db.session.commit()
            return(redirect(url_for('login')))
        return render_template('editor.html', form=form)
    else:
        return redirect(url_for('index'))

editor.html 

{% macro render_field(field) %}
  <dt>{{ field.label }}
  <dd>{{ field(**kwargs)|safe }}
  {% if field.errors %}
    <ul class=errors>
    {% for error in field.errors %}
      <li>{{ error }}</li>
    {% endfor %}
    </ul>
  {% endif %}
  </dd>
{% endmacro %}

任何帮助将不胜感激。

2 个答案:

答案 0 :(得分:0)

您最有可能遇到跨站点请求伪造(CSRF)保护。在这种情况下,一个安全的猜测是需要添加

{{ form.csrf_token }}

到HTML表单。有关详细信息,请参见the Flask-WTF docs

答案 1 :(得分:0)

在您的表单中,您需要指定action。这就是它向其发送发布请求的URL。因为如果表单内的按钮上有type="submit",则按钮上的onclick事件正在寻找该操作属性。

<form method="post" action="/editor">

相关问题
最新问题