I have a template which allows the user to edit their user information.
<form method="post">
<table>
<tr>
<td>Username:</td>
<td>{{user['username']}}</td>
</tr>
<tr>
<td>New Password:</td>
<td> <input type="password" name="password"></td>
<td>{% if form.password.errors %} {{form.password.errors}} {% endif %}<td>
</tr>
<tr>
<td>Re-enter Password:</td>
<td> <input type="password" name="confirm_password">
</td>
</tr>
<input type='hidden' name='username' value="{{user['username']}}">
<tr>
<td><input type="submit" value="Submit"></td>
</tr>
</table>
</form>
I also have a view function for handling such edits by the user. The database I am currently using is MongoDB with the MongoKit module. I have only been able to do up to this so far in the view function, yet with no luck.
def edit():
username = request.args.get('user')
user = User.find_one({'username':username}) # Is this a correct way of doing it?
form = UserForm(**what should be placed here?**, obj=user)
if request.method == 'POST' and form.validate():
form.populate_obj(user)
user.save()
return 'updated'
return render_template('edituser.html', form=form, user=user)
I am going through populate_obj(obj) for this purpose. I couldn't find much help in this matter. What should I do in order to get populate_obj() working?
UserForm should have request.form passed into it to populate it with the values available in the POST request (if any).
form = UserForm(request.form, obj=user)
Are you using Flask-WTF? If so, check out the following sample code:
https://github.com/sean-/flask-skeleton/blob/master/skeleton/modules/aaa/views.py#L13
Specifically, you would:
def edit():
form = UserForm()
if form.validate_on_submit():
# Commit your form data
Bottom line, if you're using Flask-WTF, I'm not sure what your question is. If you aren't using Flask-WTF, use Flask-WTF.
In case of Flask-WTF, you can write like
form = UserForm(obj=user)
Thant will work!
Related
I would like that a user can change his password saved in a mongodb via a webpage he is directed from a link in email that he gets. The link includes a specific token (in my case called "uniqueID") and looks like this /user_set_new_password&uniqueID=xxx.
My app route GET function is working to read the uniqueID and find the associated useremail(which serves as ID) in my mongoDB. I see the email displayed on the webpage. also the print function gives me the corresponding values.
However, my app rout POST function is not working. I get a bad request error message. The print functions do not work, so it not even picks up the new password from the form.
Any help appreciated!
My app-route looks like this:
`#app.route('/user_set_new_pw', methods=["GET", "POST"])
def user_set_new_pw_token():
if request.method == "GET":
data = request.args
uniqueID = data["uniqueID"]
print(uniqueID)
emailfromGET = collection.find_one({"uniqueID":uniqueID})["_id"]
print(emailfromGET)
return render_template('user_set_new_pw.html',emailfromGET = emailfromGET)
if request.method == "POST":
form = request.form
email = form["emailfromGET"]
print(email)
newpassword = form["passwort_neu"]
print(newpassword)
collection.update_one({"_id":email},{"$set":{"password":newpassword}})
return redirect("/login")`
my html form looks as follows:
`<form method="POST" action="/user_set_new_pw">
<table>
<tbody>
<div class="text">set a new password.</div>
<p></p>
<tr>
<input type="hidden" name="email" value="{{ emailfromGET }}">
</tr>
<tr>
<td>Neues Passwort</td>
<td>:</td>
<td><input type="password" name="passwort_neu" required></td>
</tr>
<tr>
<td>Wiederhole dein neues Passwort</td>
<td>:</td>
<td><input type="password" name="passwort_neu_wiederholung" required>
</tr>
</tbody>
</table>
<button type="submit">Neues Passwort speichern</button>
</form>`
I am new to Django. I am working on a project where I want accept and reject button and whenever client click on the respective button that object will go into the accept or reject template. I have no idea how can I do this.
This is my .html file which is displaying all the objects and have a accept and reject button:
<div class="body table-responsive">
<form id="form" method="POST" action = "{% url 'admin_team_detail' %}">
{% csrf_token %}
<table class="table table-hover">
<thead>
<tr>
<th>S No.</th>
<th>COMPANY NAME</th>
<th>TEAM MEMBER</th>
<th>EMAIL</th>
<th>STATUS</th>
<th><center>#</center></th>
</tr>
</thead>
<tbody>
{%for team in object%}
<tr>
<th scope="row"> {{ forloop.counter }}</th>
<td>{{team.company_name}}</td>
<td>{{team.team_member}}</td>
<td>{{team.email}}</td>
<td>-</td>
<td><center><input type="submit" value="accept" name="accept">
<input type="submit" value="reject" name="reject"></center></td>
</tr>
{% endfor %}
</tbody>
</table>
</form>
Here is views.py:
def admin_team_detail(request):
obj= Create_Team.objects.all()
print(request.method)
if request.method == 'POST':
if 'reject' in request.POST :
Create_Team.status = 'reject'
else:
Create_Team.status = 'accept'
Create_Team.save()
return render(request, "admin/team-details.html", {"object": obj})
This is rendering all the objects from database and displaying on the website.
I know that I have to make two templates for accept and reject but I don't know how it will take the objects that have a accept or reject response.
And I also want that if client click on the button then that response will be saved in the database.
And I also want to know that whether I have to add a field in my model.py for status.
First your two buttons should send the desired value to your views.py and one hidden input in order to pass the team id
<input type="submit" value="reject" name="status">
<input type="submit" value="accept" name="status">
<input type="hidden" name="id" value={{ team.id }}>
Next, in your views.py
def admin_team_detail(request):
if request.method == 'POST':
# First, you should retrieve the team instance you want to update
team = Create_Team.objects.get(id=request.POST('id'))
# Next, you update the status
if request.POST.get('status'):
team.status = request.POST.get('status')
team.save()
Note: this example assumes your Team model has a status field in order to store the reject/accept value.
class Team(models.Model):
# You existing fields...
status = models.CharField(max_length=30)
First You need to create a form for each object inside the template.
{%for team in object%}
<form method="POST">
{%csrf_token%}
<input type="hidden" name="team_id" value={{ team.id }}>
<input type="submit" value="reject" name="status">
<input type="submit" value="accept" name="status">
</form>
{% endfor %}
Now in View.py, you need to do something like this:
def admin_team_detail(request):
if request.method == 'POST':
# I am assuming Create_Team is your model where all team's are present.
team = Create_Team.objects.get(id=request.POST.get("team_id"))
team.status = request.POST.get("status")
team.save()
In my HTML file, I have:
<table>
{% for user in user_data_html %}
<tr>
<td>
<input id="firstname" name="firstname" type="text" value='{{ user.FirstName }}' />
</td>
<td>
<input name="submit" type="submit" value='update' />
</td>
</tr>
{% else %}
<tr><td>no user found</td></tr>
{% endfor %}
</table>
I want to modify the user name in the webpage by clicking update button in each row. But I always get the first "firstname" using the following python code in the backend:
firstname = request.form['firstname']
How can I solve this problem?
Forms get confused when you use the same name for each input name. You could either create a separate form around each table cell with the first name or you can use the jinja2 loop index to create unique input names...
<input id="firstname{{ loop.index }}" name="firstname{{ loop.index }}" type="text" value='{{ user.FirstName }}' />
Hope this helps!
request.form is a werkzeug.datastructures.MultiDict. You can get out all the values for a field with its getlist method:
a_firstname = request.form['firstname']
all_firstnames = request.form.getlist('firstname')
If you need the names to be in the order they were defined in the form you need to subclass flask.Request and set its parameter_storage_class to an instance of ImmutableOrderedMultiDict. Then you need to set the request_class field on your Flask instance:
from flask import Flask, Request
from werkzeug.datastructures import ImmutableOrderedMultiDict
class OrderedRequest(Request):
parameter_storage_class = ImmutableOrderedMultiDict
app = Flask(__name__)
app.request_class = OrderedRequest
Then request.form.getlist('firstname') will return the fields in the order the browser sent them (which is conventionally in the order they are defined in the HTML).
I'm completely new to Django and I'm also developing a very important project in this framework with some friends. I'm having problems in submitting a "POST" method form in Django.
I'm having the "403 Forbidden" error. It says that my CSRF token isn't configured correctly. I'm pretty sure that I did setup it correctly, though.
My form is about updating an django user account in the database (MySQL). I also don't know if my program logic is right in the view. I didn't even had the opportunity to test it because of this dumb error.
The image and codes below exemplificate my problem.
My form:
<form method="POST" action="/validacao/" name="user" class="current2"> {% csrf_token %}
<table>
<tr>
<td>Nome:</td><td>
<input type='text' name='first_name' maxlength='30' value='{{usuario.first_name}}' class="campo2" />
</td>
<td>Permissão: <font style="color: red;">
{% if usuario.is_staff %} Admin {% else %} Comum {% endif %}</font>
</td>
</tr>
<tr>
<td>Sobrenome:</td>
<td><input type='text' name='last_name' maxlength='30' value='{{usuario.last_name}}' class="campo2" /></td>
</tr>
<tr>
<td>Email:</td>
<td><input type='text' name='email' maxlength='75' value='{{usuario.email}}' class="campo2"/></td>
</tr>
<tr>
<td>Senha:</td><td> <input type='password' name='password' maxlength='120' class="campo2"/></td>
</tr>
<tr>
<td>Confirmar Senha:</td><td><input type='password' name='password2' maxlength='120' class="campo2"/></td>
</tr>
<tr><td></td><td><input type='submit' name='salvar' value='Salvar' class="botao2"/></td></tr>
</table>
</form>
My view:
def validacao_perfil(request):
if request.POST:
try:
request.user.first_name = request.POST['first_name']
request.user.last_name = request.POST['last_name']
request.user.email = request.POST['email']
request.user.password = request.POST['password']
request.user.save()
validacao=1
except:
validacao=0
variaveis_resposta={ 'usuario':request.user,
'MEDIA_URL':settings.MEDIA_URL,
'height_backgroud':'900',
'rodape':'position:relative; top: 148px;',
'ordem':0,
'validacao':validacao,
'context_instance':RequestContext(request),
}
return render_to_response("perfil_usuario.html", variaveis_resposta)
Obs.: the "urls.py" is set correctly and the bizarre thing is that I can see the csrftoken cookie var using Django Debug Toolbar.
just put #csrf_exempt on your def validacao_perfil(request):, to see if this work,and also try to read the doc of django .It's very good!!
I have the following django template (http://IP/admin/start/ is assigned to a hypothetical view called view):
{% for source in sources %}
<tr>
<td>{{ source }}</td>
<td>
<form action="/admin/start/" method="post">
{% csrf_token %}
<input type="hidden" name="{{ source.title }}">
<input type="submit" value="Start" class="btn btn-primary">
</form>
</td>
</tr>
{% endfor %}
sources is the objects.all() of a Django model being referenced in the view. Whenever a "Start" submit input is clicked, I want the "start" view to use the {{ source.title}} data in a function before returning a rendered page. How do I gather information POSTed (in this case, in the hidden input) into Python variables?
Read about request objects that your views receive: https://docs.djangoproject.com/en/dev/ref/request-response/#httprequest-objects
Also your hidden field needs a reliable name and then a value:
<input type="hidden" name="title" value="{{ source.title }}">
Then in a view:
request.POST.get("title", "")
If you need to do something on the front end you can respond to the onsubmit event of your form. If you are just posting to admin/start you can access post variables in your view through the request object. request.POST which is a dictionary of post variables
For django forms you can do this;
form = UserLoginForm(data=request.POST) #getting the whole data from the user.
user = form.save() #saving the details obtained from the user.
username = user.cleaned_data.get("username") #where "username" in parenthesis is the name of the Charfield (the variale name i.e, username = forms.Charfield(max_length=64))
You can use:
request.POST['title']
it will easily fetch the data with that title.