django: form

本讲开始介绍 Django 中表单的应用。

依然以前面的工程为例继续演示。

一，创建 url 映射，编辑 csvt03/urls.py:

from django.conf.urls import patterns, include, url

# Uncomment the next two lines to enable the admin:
from django.contrib import admin
admin.autodiscover()

urlpatterns = patterns('',
    # Examples:
    # url(r'^$', 'csvt03.views.home', name='home'),
    # url(r'^csvt03/', include('csvt03.foo.urls')),

    # Uncomment the admin/doc line below to enable admin documentation:
    # url(r'^admin/doc/', include('django.contrib.admindocs.urls')),

    # Uncomment the next line to enable the admin:
    url(r'^admin/', include(admin.site.urls)),
    url(r'^index/$','blog.views.index'),
    url(r'^blog/show_author/$', 'blog.views.show_author'),
    url(r'blog/register/$', 'blog.views.register'),  # Django Form
)

二，编辑 blog/views.py:

from django.shortcuts import render_to_response as r2r
from blog.models import Employee, Author, Book

def index(req):
    emps = Employee.objects.all()
    return r2r('index.html', {'emps':emps})

def show_author(req):
    authors = Author.objects.all()
    return r2r('show_author.html', {'authors':authors})

from django import forms
from django.http import HttpResponse

class UserForm(forms.Form):
    name = forms.CharField()

def register(req):
    if req.method == 'POST':
        form = UserForm(req.POST)   # Binding
        if form.is_valid():
            print form.cleaned_data
            return HttpResponse('ok')
    else:
        form = UserForm()
    return r2r('register.html', {'form':form})

三，模板文件 blog/templates/register.html:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
    <title>Django DB</title>
    </head>
    <body>
    <form method='post'>
        {{form}}
        <input type='submit' value='ok'/>
    </form>
    </body>
</html>

四，访问 127.0.0.1:8000/blog/register 可以见到表单了。但提交内容会显示 403 错误：“CSRF verification failed. Request aborted.”

　　CSRF 是 Cross Site Request Forgery （跨站点请求欺骗）的缩写，这里先简单修改 setting.py，禁用 CSRF 中间件。

MIDDLEWARE_CLASSES = (
    'django.middleware.common.CommonMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
#    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    # Uncomment the next line for simple clickjacking protection:
    # 'django.middleware.clickjacking.XFrameOptionsMiddleware',
)

这样，访问页面并提交后，后台会打印出提交的内容：

0 errors found
October 16, 2013 - 08:59:15
Django version 1.5.4, using settings 'csvt03.settings'
Development server is running at http://127.0.0.1:8000/
Quit the server with CONTROL-C.
{'name': u'data posting...'}
[16/Oct/2013 08:59:24] "POST /blog/register/ HTTP/1.0" 200 2