Reputation: 15463
Django | passing form values
I want to create a user sign up process that requires two different forms with the same data one (1st form) is for filling out the data and other one (2nd form) is for displaying the filled data as a summery (before actually saving the data) so then user can view what he/she has filled up... my problem is that how do I pass 1st form's data in to the 2nd one .. I have used the basic Django form manipulation mechanism and passed the form field values to the next form using Django template tags..
if request.method == 'POST':
form = Users(request.POST)
if form.is_valid():
cd = form.cleaned_data
try:
name = cd['fullName']
email = cd['emailAdd']
password1 = cd['password']
password2 = cd['password2']
phoneNumber = cd['phoneNumber']
return render_to_response('signup2.html', {'name': name, 'email': email, 'password1': password1, 'password2': password2, 'phone': phone, 'pt': phoneType})
except Exception, ex:
return HttpResponse("Error %s" % str(ex))
and from the second from I just displayed those field values using tags and also used hidden fields in order to submit the form with values, like this:
<label for="">Email:</label> {{ email }} <input type="hidden" id="" name="email" class="width250" value="{{ email }}" readonly />
It works nicely from the out look, but the real problem is that if someone view the source of the html he can simply get the password even hackers can get through this easily. So how do I avoid this issue.. and I don't want to use Django session since this is just a simple sign up process and no other interactions involved.
Thanks.
Upvotes: 0
Views: 1442
Answers (3)
Reputation: 36181
You can save the password in the user session and don't print it in the form at all. If the user wants to change its password afterwards (which is very rare in the sign-up process, admit it.), you can add a link "Back to the step 1 to change my password".
TL;DR: In my opinion, if the user has validated the form, it won't change the password on the second step, so you don't need to show fields for it.
Upvotes: 0
Reputation: 331
I'm not sure why you wouldn't want to use the session. As far as the user is concerned, then will not see it or interact with it. If you have the session middleware installed, it will be active.
Upvotes: 0
Reputation: 799490
Put the password in the session. Show a "strange" default value in the password box and check to see if it's changed.
Upvotes: 1
Related Questions
- Pass values between Forms
- Passing value along with form in POST data in Django
- Pass variable from view to form in Django
- Passing and accessing value in Django form
- Django passing variable to a form
- Passing data through Django forms
- Django Form - Passing Values
- Passing values into django forms
- Pass variable to a form
- Passing data into django forms