CODEWITHSUNDEEP
pythondjangoforms
COOLBEANS
COOLBEANS

Reputation: 757

Django/Python: How to pass a variable from a form to a python script with POST method?

I'm getting this error when submit: 

CSRF verification failed. Request aborted.

I've got this far following the documentation, but I don't fully understand it and it's definitely wrong. I just want to take a query word from my search box(form) and pass it to a python script as an argument. I'm new to Django and getting stuck on the easiest things.

In models.py:

class QueryForm(forms.Form):
    query = forms.CharField(label='query',max_length=100)

I added this line to my urls.py

url(r'^results/$', 'tweemo.views.results'),

On my homepage where my search box is I have this code for my form:

<form action="/home/results/" method="post">
    <label for="query">Search:</label>
    <input id="query" type="text" name="query" value="{{ current_query }}">
    <input type="submit" value="ok">
</form>

In views.py I added these two functions:

def get_query(request):
    if request.method == 'POST':
        form = QueryForm(request.POST)
        if form.isvalid():
             return HttpResponseRedirect('/thanks/')
    else:
         form = QueryForm()
    return render(request, 'results.html', {'form': form})

def results(request):
    return render_to_response('results.html',{'here':TwitterStream.objects.all() })

MY results.html contains just this:

<form action="/home/results/" method="post">
    {% csrf_token %}
    {{ form }}
    <input type="submit" value="Submit"/>
</form>

Upvotes: 1

Views: 1747

Answers (2)

thecreator232
thecreator232

Reputation: 2185

Well the problem is that you are not passing the csrf token to the form , you need to pass the csrf token to the render function in order for it to be applied in the form . To accomplish this you need to associate the csrf token to the request.

def get_query(request):
    if request.method == 'POST':
        form = QueryForm(request.POST)
        if form.isvalid():
             return HttpResponseRedirect('/thanks/')
    else:
         form = QueryForm()
    args = {}
    args.update(csrf(request))
    args['form'] = form
    return render_to_response('results.html', args)

def results(request):
    return render_to_response('results.html',{'here':TwitterStream.objects.all() })

Upvotes: 1

Alfred Huang
Alfred Huang

Reputation: 18255

You must just add the {% csrf_token %} tag inside EVERY <form></form> tag which has method to be post in your template.

So the below markup should be corrected:

<form action="/home/results/" method="post">
    {% csrf_token %}
    <label for="query">Search:</label>
    <input id="query" type="text" name="query" value="{{ current_query }}">
    <input type="submit" value="ok">
</form>

Upvotes: 2

Related Questions