1. 首頁
  2. 問答
  3. CRSF標記缺失或不正確

CRSF標記缺失或不正確

2012-03-14 76 views
0

我收到403禁止的錯誤。我已經嘗試了在論壇上已經解釋的背景thingie,但我仍然在廣場上。CRSF標記缺失或不正確

我在做什麼錯了?我的意見.py

def add_player(request, team_id): 
    template = get_template('cricket/addplayer.html') 
    loggedinuser = request.user 
    team = Team.objects.get(id=team_id) 
    if request.method== 'POST': 
     form = PlayerForm(request.POST) 
     if form.is_valid(): 
      player = Player.objects.create(
       name = form.cleaned_data['name'], 
       team = Team.objects.get(id=team_id), 
       role = form.cleaned_data['role'], 
       position = form.cleaned_data['position'] 
      ) 

      return HttpResponseRedirect('/team/%s/' % team_id) 
    else: 
     form = PlayerForm 

    page_vars = Context({ 
     'form': form, 
     'loggedinuser': loggedinuser, 
     'team': team, 
    }) 

    output = template.render(page_vars) 
    return HttpResponse(output)

和我的模板。你可以看到,它已得到了{%csrf_token%}

{% extends 'cricket/base.html' %} 
{% block title %} 
    {{ loggedinuser }} 
{% endblock %} 

{% block username %} 
    {{ loggedinuser }} 
{% endblock %} 

{% block date %} 
    {{ today }} 
{% endblock %} 

{% block content %} 
    <div class="span7"> 
     <h2>Adding player for {{ team }}</h2> 
     <form method="post" action="."> 
      {% csrf_token %} 
      {{ form.as_p }} 
      <input type="submit"> 
     </form> 
    </div> 
{% endblock %}

我敢肯定,我會很快砍我的頭的東西。

//鼠標

Okey我解決了它。你必須使用RequestContext。這裏是我的解決方案,更改代碼一部開拓創新的最後兩行包括crsfcontext

page_vars = Context({ 
    'form': form, 
    'loggedinuser': loggedinuser, 
    'team': team, 
}) 

crsfcontext = RequestContext(request, page_vars) 

output = template.render(crsfcontext) 
return HttpResponse(output)

來源

2012-03-14 debuggerpk

+1

嗨鼠標,很高興你解決了你的問題。不要編輯您的問題來包含您的解決方案,最好將其作爲單獨的答案添加。這樣其他用戶可以對其進行投票,並且可以將其標記爲已接受,這可以讓其他用戶看到您找到了答案。 – Alasdair 2012-03-15 00:21:52

+2

您可以在視圖中使用[render](https://docs.djangoproject.com/zh/dev/topics/http/shortcuts/#render)獲取更多幹淨的代碼 – ilvar 2012-03-15 01:55:10

+0

我無法回答自己的問題,只好等待8小時。 – debuggerpk 2012-03-15 15:26:04

回答

0

您還可以使用Django的基於類的通用視圖。 可能是這樣的,你的情況:(我還沒有測試它)

urls.py

urlpatterns = patterns('', 
    url(r'^your-url/(?P<teamId>\d+)/$', AddPlayerView.as_view(), name="add-player"), 
)

views.py

from django.views.generic import FormView 
from django.core.urlresolvers import reverse 
..... 

class AddPlayerView(FormView): 

    template_name = 'cricket/addplayer.html' 
    form_class = PlayerForm 

    def form_valid(self, form): 
    """ Code if the form is valid """ 
       ... 
     player = Player.objects.create(
      name = form.cleaned_data['name'], 
      team = Team.objects.get(id=form.cleaned_data['team_id']), 
      role = form.cleaned_data['role'], 
      position = form.cleaned_data['position'] 
     ) 

     # You could use url reverse here 
     url = reverse('your-view-name', args=[form.cleaned_data['team_id']]) 
     return HttpResponseRedirect(url) 


    def form_invalid(self, form): 
    """ Code if the form is invalid """ 
     ..... 


    def get_context_data(self, **kwargs): 
     context = super(AddPlayerView, self).get_context_data(**kwargs) 
     loggedinuser = self.request.user 
     team = Team.objects.get(id=self.kwargs['teamId']) 
     context['loggedinuser'] = loggedinuser 
     context['team'] = team 
     return context

來源

2012-03-15 09:24:54 umolina

0

嘗試選擇render_to_response使用函數而不是HttpResponse對象的一些的RequestContext。

來源

2012-03-15 11:58:36 inlanger

相關問題

 相關問題