[英]Forbidden (403) CSRF verification failed. Request aborted
我正在嘗試將我的數據從表單發布到名為insert_data的url。 表單發布的數據應插入數據庫。 填寫表單后,當我單擊提交按鈕給出錯誤。 我在表單中包含了{%csrf_token%}。 我提到了很多關於這個錯誤的解決方案,這無濟於事。
Forbidden (403)
CSRF verification failed. Request aborted.
urls.py:
from django.conf.urls import url
from . import views
urlpatterns = [
url(r'^$', views.index, name='index'),
url(r'^chain$', views.chain, name='chain'),
url(r'^add$', views.add, name='add'),
url(r'^insert_order$', views.insert_order, name='insert_order'),
]
views.py
from django.shortcuts import render, render_to_response
from .models import Customers
from django.db import connection
def add(request):
cursor = connection.cursor()
cursor.execute('''select polls_products.modelNumber, polls_products.description, polls_products.cost from polls_products;''')
results = cursor.fetchall()
x = cursor.description
resultsList = []
for r in results:
i = 0
d = {}
while i < len(x):
d[x[i][0]] = r[i]
i = i+1
resultsList.append(d)
cursor1 = connection.cursor()
cursor1.execute('''select polls_employees.first_name, polls_employees.last_name from polls_employees;''')
results1 = cursor1.fetchall()
x = cursor1.description
resultsList1 = []
for r in results1:
i = 0
d = {}
while i < len(x):
d[x[i][0]] = r[i]
i = i+1
resultsList1.append(d)
return render_to_response('polls/add.html', {"results1":resultsList1, "results":resultsList})
def insert_order(request):
print "came"
if request.method == "POST":
print request.POST['product']
print request.POST['emp']
return render(request, 'polls/index.html', {})
add.html
<h1>Add Orders</h1>
<form action="{% url 'insert_order' %}" method="POST">
{% csrf_token %}
Product: <select name="product">
<option disabled="disabled" selected="selected">select product</option>
{% for r in results %}
<option value="{{r.key}}" >{{r.modelNumber}} {{r.description}} {{r.cost}}</option>
{% endfor %}
</select>
<br/><br/>
Employee: <select name="emp">
<option disabled="disabled" selected="selected">select Employee</option>
{% for r in results1 %}
<option value="{{r.key}}" >{{r.first_name}} {{r.last_name}} </option>
{% endfor %}
</select>
<br/><br/>
<h3>Customer Details</h3>
First Name: <input type="text" id="fname" name="fname">
<br/><br/>
last Name: <input type="text" id="fname" name="fname">
<br/><br/>
City: <input type="text" id="fname" name="fname">
<br/><br/>
State: <input type="text" id="fname" name="fname">
<br/><br/>
Phone No: <input type="text" id="fname" name="fname">
<br/><br/>
<input type="submit" value="Save Order">
</form>
請幫忙。 我真的陷入了困境。
每次使用renter_to_response
必須使用renter_to_response
RequestContext(request)
return render_to_response("login.html", {"registration_id":registration_id}, context_instance=RequestContext(request))
你必須導入身份驗證和登錄:
from django.contrib.auth import authenticate, login
在設置更新中
SESSION_COOKIE_SECURE = True
CSRF_COOKIE_SECURE = True
SESSION_EXPIRE_AT_BROWSER_CLOSE = True
MIDDLEWARE_CLASSES = [
"django.middleware.csrf.CsrfViewMiddleware",
"django.middleware.common.CommonMiddleware",
"django.contrib.sessions.middleware.SessionMiddleware",
"django.contrib.auth.middleware.AuthenticationMiddleware",
"django.contrib.messages.middleware.MessageMiddleware",
'django.middleware.clickjacking.XFrameOptionsMiddleware',
]
如果你沒有在你的應用程序中使用用戶身份驗證,請嘗試使用django decorator @crsf_exempt
例如:
from django.views.decorators.csrf import csrf_exempt
@csrf_exempt
def add(request):
...
@csrf_exempt
def insert_order(request):
...
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.