django POST表單的使用


環境如下:django 1.7.8 版本.

1.在POST表單的時候會出現這個錯誤提示.

禁止訪問 (403)

CSRF驗證失敗. 相應中斷.
Help

Reason given for failure:

    CSRF token missing or incorrect.
    

In general, this can occur when there is a genuine Cross Site Request Forgery, or when Django's CSRF mechanism has not been used correctly. 
For POST forms, you need to ensure:
Your browser is accepting cookies. The view function passes a request to the template's render method. In the template, there is a {% csrf_token %} template tag inside each POST form that targets an internal URL. If you are not using CsrfViewMiddleware, then you must use csrf_protect on any views that use the csrf_token template tag, as well
as those that accept the POST data. You
're seeing the help section of this page because you have DEBUG = True in your Django settings file. Change that to False, and
only the initial error message will be displayed.
You can customize this page using the CSRF_FAILURE_VIEW setting.

無耐.看上面的提示是防止CSRF.也就是安全方面的,防止跨站請求偽造.

根據上面的提示來.需要有{% csrf_token %},那就在from表單中添加下

添加后的html代碼如下.

{% extends "base.html" %}
{% block title %}
    hello
{% endblock %}
{% block content %}
    <div class="container">

      <form class="form-signin" action="/login_webmail/" method='post'>{% csrf_token %}
        <h2 class="form-signin-heading">Please sign in</h2>
        <label class="sr-only" for="inputUserName">Email address/UserName</label>
        <input type="text" autofocus="" required="" placeholder="Email address/UserName" class="form-control" id="inputUserName" name="inputUserName">
        <label class="sr-only" for="inputPassword">Password</label>
        <input type="password" required="" placeholder="Password" class="form-control" id="inputPassword">
        <div class="checkbox">
          <label>
            <input type="checkbox" value="remember-me"> Remember me
          </label>
        </div>
        <button type="submit" class="btn btn-lg btn-primary btn-block">Sign in</button>
      </form>

    </div> <!-- /container -->

{% endblock %}

重點是from后面的{% csrf_token %}

根據官網的提示及百度.

views.py的代碼更改如下,主要的是return render_to_response('index.html',context_instance=RequestContext(request))

后面的 **context_instance=RequestContext(request)**

 

from django.http import HttpResponse
import datetime
from django.shortcuts import render_to_response
#post
from django.template import RequestContext
#post

def webindex(request):
    return render_to_response('index.html',context_instance=RequestContext(request))    

 

接收的views視圖方法

def login_webmail(request):
    if 'inputUserName' in request.POST:
        message = request.POST['inputUserName']
    else:
        message = "Not inputUserName"
    return render_to_response('test_post.html',{'test_post_name':message})
    

再測試.是否OK了.總結.只有兩個步驟.

1.在from 表單中添加 {% csrf_token %}

2.在視圖中添加 from django.template import RequestContext 導入項,並且在return 返回中添加context_instance=RequestContext(request)

然后就OK了.看來也是很簡單的.新手可以參考.

---下面修改於2016-12-08好吧!要修改下上面的說法,好久以前的文章了,但還是要修改下,以免有再為此糾結的同學。

上面views的方法中,使用render_to_response的時候,仍可能會有問題的現象的話,使用下面的render則不會有問題,如:

return render(request,'test.html',{'uname':request.user,'error':error,'jc':jc})

其它的不用修改,僅將render_to_response修改為render,並且返回的值也相應的修改下,則就可以了。

這樣在from下面會有一個隱藏的input的標簽:

 

個人總結下,注意settings中的引用,還有html文件表單后{% csrf_token %},及在views中使用render進行返回就可以了。如果再有問題,歡迎留言下面,小伙伴一起看一下。

 


免責聲明!

本站轉載的文章為個人學習借鑒使用,本站對版權不負任何法律責任。如果侵犯了您的隱私權益,請聯系本站郵箱yoyou2525@163.com刪除。



 
粵ICP備18138465號   © 2018-2025 CODEPRJ.COM