from django import forms
class MessageForm(forms.Form):
name = forms.CharField(
max_length=100,
)
title = forms.CharField(
max_length=100, required=False,
)
content = forms.CharField(
widget=forms.Textarea,
)
Slide 19
Slide 19 text
from .forms import MessageForm
def message_board(request):
form = MessageForm()
return render(
request, 'message_board.html',
{'form': form},
)
Slide 20
Slide 20 text
{% csrf_token %}
{{ form.as_p }}
ૹग़
Slide 21
Slide 21 text
{% csrf_token %}
{{ form.as_p }}
ૹग़
?
Slide 22
Slide 22 text
CSRF Token
• Cross Site Request Forgery
protection
• “Recognise” whether a form is legit
• Protect the server from malicious
changes
Slide 23
Slide 23 text
No content
Slide 24
Slide 24 text
No content
Slide 25
Slide 25 text
class Message(models.Model):
name = models.CharField(
max_length=100,
)
title = models.CharField(
max_length=100, blank=True,
)
content = models.TextField()
created_at = models.DateTimeField(
auto_now_add=True,
)
Slide 26
Slide 26 text
class Message(models.Model):
name = models.CharField(
max_length=100,
)
title = models.CharField(
max_length=100, blank=True,
)
content = models.TextField()
created_at = models.DateTimeField(
auto_now_add=True,
)
Slide 27
Slide 27 text
class MessageForm(forms.Form):
# ...
def save(self):
data = self.cleaned_data
message = Message(
name=data['name'],
title=data['title'],
content=data['content'],
)
message.save()
return message
Slide 28
Slide 28 text
class MessageForm(forms.Form):
# ...
def save(self):
data = self.cleaned_data
message = Message(
name=data['name'],
title=data['title'],
content=data['content'],
)
message.save()
return message
Slide 29
Slide 29 text
def message_board(request):
if request.method == 'POST':
form = MessageForm(request.POST)
if form.is_valid():
form.save()
else:
form = MessageForm()
return render(
request, 'message_board.html',
{'form': form},
)
Slide 30
Slide 30 text
Further Reading
• Model forms
• Form factories
• Custom “cleaning”
Slide 31
Slide 31 text
Exercises
• Implement message form
• Implement message model,
save POST-ed form to it
• Get messages from database
• Display messages in template