Ham*_*eem 2 python wtforms flask-sqlalchemy flask-wtforms
我已经在WTF表格上挣扎了很长一段时间了.但是这个错误,似乎永远不会消失.我什么时候尝试运行此代码,表单永远不会验证
意见:
@bundle.route('/content/add/', methods=['GET', 'POST'])
@bundle.route('/content/add', methods=['GET', 'POST'])
@bundle.route('/content/edit/<posturl>/', methods=['GET', 'POST'])
@bundle.route('/content/edit/<posturl>', methods=['GET', 'POST'])
@fas_login_required
def addcontent(posturl=None):
form = CreateContent()
form_action = url_for('content.addcontent')
if posturl is not None:
content = Content.query.filter_by(slug=posturl).first_or_404()
form = CreateContent(obj=content)
if form.slug.data == posturl and request.method == 'POST' and form.validate():
form.populate_obj(content)
db.session.commit()
return redirect(url_for('content.addcontent',
posturl=posturl, updated="True"))
else:
if request.method == 'POST' and form.validate():
query = Content(form.title.data,
form.slug.data,
form.description.data,
form.media_added_ids.data,
form.active.data,
form.tags.data,
g.fas_user['username'],
form.type_content.data
)
try:
db.session.add(query)
db.session.commit()
# Duplicate entry
except Exception as e:
return str(e)
return redirect(url_for('content.addcontent',
posturl=form.slug.data, updated="True"))
else:
print "Please validate form"
return render_template('content/edit_content.html', form=form,
form_action=form_action, title="Create Content")
表格类别:
# -*- coding: utf-8 -*-
from flask.ext.wtf import Form
from wtforms import TextField, TextAreaField
from wtforms import BooleanField, SelectField, validators
from wtforms.validators import Required
__all__ = ['CreateContent']
class CreateContent(Form):
title = TextField(
'Title', [validators.Length(min=4, max=255)])
slug = TextField(
'Url-Slug', [validators.Length(min=4, max=255)])
description = TextAreaField('Content', [validators.Length(min=4)])
media_added_ids = TextField('media')
type_content = SelectField(u'Content Type',
[Required()],
choices=[('blog', 'Blog Post'),
('media', 'Lecture'),
('doc', 'Documentation')]
)
# Comma seprated media id's
active = BooleanField('Published')
tags = TextField('Tags', [Required()])
# Comma seprated tag id's
我的模板:
{% extends "base.html" %}
{% block title %}
{{ title }}
{% endblock %}
{% block content %}
{% from "_formhelpers.html" import render_field %}
<div id="Create Content">
<center><h3> {{ updated }} </h3></center>
<h2>{{ title }}</h2>
<form method="post" action="">
<fieldset>
<legend></legend>
{{ render_field(form.title) }}
{{ render_field(form.slug ) }}
{{ render_field(form.description ) }}
{{ render_field(form.media_added_ids)}}
{{ render_field(form.type_content) }}
{{ render_field(form.active) }}
{{ render_field(form.tags )}}
</fieldset>
<input type="submit" class="button" value="Save"/>
</form>
</div>
{% endblock %}
任何帮助都将受到高度关注
如果在烧瓶应用程序设置中激活CSFR令牌,则每个表单中都包含CSFR令牌.如果开发人员已激活设置并且未将其包含在表单模板中,则烧瓶WTF将自动拒绝该请求.
此问题的解决方案是以下标记:
{{form.hidden_tag()}}
添加后,CSFR id将包含在请求中,并发送给视图以供WTForms验证.
如果您未包含此标记,则form.errors字典中不会出现任何错误.如果你遍历这个dictonary没有错误显示,但form.validate方法将返回false.
小智 5
CSRF如果在您的Flask设置中激活令牌,Flask-WTF会自动添加令牌.如果此设置处于活动状态且未在表单提交中包含,则提交将被拒绝.在这种情况下,解决方案是hidden_tag在模板中添加字段,以便它包含在表单提交中.
{{form.hidden_tag()}}
| 归档时间: |
|
| 查看次数: |
1467 次 |
| 最近记录: |