Django Forms

Transcript

1. Django Forms

2. Django Forms • Forms? • Forms! • Model forms

3. Web Page

4. Web Page with Form submit

5. <form action="/path/to/send" method="POST" enctype="multipart/form-data"> <!-- form content --> <input type="submit">

   </form>
6. None

7. <form action="/path/to/send" method="post" enctype="multipart/form-data"> • Where to send • URL

   • Default: "" (current URL)

8. <form action="/path/to/send" method="post" enctype="multipart/form-data"> • How to send • Either

   get or post • Get: postcard • Post: Enveloped • Default: get

9. <form action="/path/to/send" method="post" enctype="multipart/form-data"> • How to read • application/x-www-form-urlencoded

   • Default • multipart/form-data • Form contains file

10. GET Submission Query string

11. POST Submission "GET /admin/ HTTP/1.1" 302 0 "GET /admin/login/?next=/admin/ HTTP/1.1"

    200 1679 "POST /admin/login/?next=/admin/ HTTP/1.1" 302 0 "GET /admin/ HTTP/1.1" 200 3407

12. <form action="/path/to/send" method="POST" enctype="multipart/form-data"> <!-- form content --> <input type="submit">

    </form>

13. <input type="submit"> <button type="submit"> Submit </button>

14. <input type="submit"> <button type="submit"> Submit </button>

15. <form action="/path/to/send" method="POST" enctype="multipart/form-data"> <!-- form content --> <input type="submit">

    </form>

16. Django Forms!

17. Models Database Django forms HTML forms

18. from django import forms class MessageForm(forms.Form): name = forms.CharField( max_length=100,

    ) title = forms.CharField( max_length=100, required=False, ) content = forms.CharField( widget=forms.Textarea, )

19. from .forms import MessageForm def message_board(request): form = MessageForm() return

    render( request, 'message_board.html', {'form': form}, )

20. <form method="post"> {% csrf_token %} {{ form.as_p }} <button>ૹग़</button> </form>

21. <form method="post"> {% csrf_token %} {{ form.as_p }} <button>ૹग़</button> </form>

    ?

22. CSRF Token • Cross Site Request Forgery protection • “Recognise”

    whether a form is legit • Protect the server from malicious changes
23. None
24. None

25. class Message(models.Model): name = models.CharField( max_length=100, ) title = models.CharField(

    max_length=100, blank=True, ) content = models.TextField() created_at = models.DateTimeField( auto_now_add=True, )

26. class Message(models.Model): name = models.CharField( max_length=100, ) title = models.CharField(

    max_length=100, blank=True, ) content = models.TextField() created_at = models.DateTimeField( auto_now_add=True, )

27. class MessageForm(forms.Form): # ... def save(self): data = self.cleaned_data message

    = Message( name=data['name'], title=data['title'], content=data['content'], ) message.save() return message

28. class MessageForm(forms.Form): # ... def save(self): data = self.cleaned_data message

    = Message( name=data['name'], title=data['title'], content=data['content'], ) message.save() return message

29. def message_board(request): if request.method == 'POST': form = MessageForm(request.POST) if

    form.is_valid(): form.save() else: form = MessageForm() return render( request, 'message_board.html', {'form': form}, )

30. Further Reading • Model forms • Form factories • Custom

    “cleaning”

31. Exercises • Implement message form • Implement message model, save

    POST-ed form to it • Get messages from database • Display messages in template

32. Hint {% for m in messages %} <div class="message"> <p>{{

    m.name }}</p> <h5>{{ m.title }}</h5> <div>{{ m.content|linebreaks }}</div> </div> {% endfor %} Message.obejcts.order_by('-created_at')