Jav*_*aaa 9 python django http-post django-1.3
嘿,我正在学习本教程,学习用Django制作一个wiki页面.但是,它是在django 0.96中制作的,我使用的是Django 1.3,所以有些东西是不同的.有些我已经修好了自己,然而这个我似乎无法使它成功.
我制作了一个将数据提交给视图的表单.这是形式:
<form method="post" action"/wikicamp/{{page_name}}/save/">{% csrf_token %}
<textarea name="content" rows="20" cols="60">{{content}}</textarea><br>
<input type="submit" value="Save Page"/>
</form>
和/ wikicamp/{{page_name}}/save/url重定向到save_page视图:
from django.http import HttpResponseRedirect
from django.core.context_processors import csrf
def save_page(request, page_name):
c = {}
c.update(csrf(request))
content = c.POST["content"]
try:
page = Page.objects.get(pk=page_name)
page.content = content
except Page.DoesNotExist:
page = Page(name=page_name, content=content)
page.save()
return HttpResponseRedirect("wikicamp/" + page_name + "/")
但问题是我收到此错误:
Help
Reason given for failure:
CSRF token missing or incorrect.
In general, this can occur when there is a genuine Cross Site Request Forgery, or when Django's CSRF mechanism has not been used correctly. For POST forms, you need to ensure:
The view function uses RequestContext for the template, instead of Context.
In the template, there is a {% csrf_token %} template tag inside each POST form that targets an internal URL.
If you are not using CsrfViewMiddleware, then you must use csrf_protect on any views that use the csrf_token template tag, as well as those that accept the POST data.
You're seeing the help section of this page because you have DEBUG = True in your Django settings file. Change that to False, and only the initial error message will be displayed.
You can customize this page using the CSRF_FAILURE_VIEW setting.
所以我读了一些文档,比如http://docs.djangoproject.com/en/dev/ref/contrib/csrf/#how-to-use-it.我尝试这样做但它仍然给出了同样的错误.
所以:任何人都知道如何使用Django 1.3很好地处理表单发布数据?
我认为它与之有关:视图函数使用RequestContext作为模板,而不是Context.但我现在不知道它是什么.
顺便说一句,在我的终端显示本地主机的http请求时,它说:模板中使用了{%csrf_token%},但上下文没有提供值.这通常是由于不使用RequestContext引起的.
您必须{% csrf_token %}在<form>标签之间包含表单模板.
<form method="post" action"/wikicamp/{{page_name}}/save/">
{% csrf_token %}
<textarea name="content" rows="20" cols="60">{{content}}</textarea><br>
<input type="submit" value="Save Page"/>
</form>
如果csrf_token未将其呈现到您的表单中,请确保您RequestContext在视图的响应中提供:
from django.shortcuts import render_to_response
from django.template import RequestContext
def app_view(request):
return render_to_response('app_template.html',
app_data_dictionary,
context_instance=RequestContext(request))
或者,使用此快捷方式:
from django.views.generic.simple import direct_to_template
def app_view(request):
return direct_to_template(request, 'app_template.html', app_data_dictionary)
在RequestContext当你使用通用视图始终可用.
您需要在代码之间包含{%csrf_token%}模板标记
django.middleware.csrf.CsrfViewMiddleware
django.middleware.csrf.CsrfResponseMiddleware
在应用程序settings.py中的MIDDLEWARE_CLASSES中
添加一些示例后期数据处理:
这是我在视图中使用POST数据的一个例子.我通常会依赖表单类来通过cleaning_data数组进行验证.
if request.method == 'POST':
form = ForgotPassword(data=request.POST)
if form.is_valid():
try:
new_user = backend.forgot_password(request, **form.cleaned_data)
except IntegrityError:
context = {'form':form}
form._errors[''] = ErrorList(['It appears you have already requested a password reset, please \
check ' + request.POST['email2'] + ' for the reset link.'])
return render_template(request,'passwordReset/forgot_password.html',context)
if success_url is None:
to, args, kwargs = backend.post_forgot_password(request, new_user)
return redirect(to, *args, **kwargs)
else:
return redirect(success_url)