Omar Jandali
Reputation: 824
Form has been tampered with - django form validation
I have a formset that I am working with right now of a model form that has other forms included in the html template. I am submitting the form into the views.py file in order to process the form. It is saying that the form has been tampered with and I have no idea why it is saying that. I will include all of the related code below:
error:
ValidationError at /17/hello/update_expense_individual/
['ManagementForm data is missing or has been tampered with']
here is the form template:
{% extends "base.html" %}
{% block content %}
<h2>Add expense - {{ currentGroup.name }}</h2>
{% if message %}
<p>{{message}}</p>
{% endif %}
<form action="." method="POST">
{% csrf_token %}
{% for f in form %}
{% for expense in expenses %}
{% if forloop.parentloop.counter == forloop.counter %}
<p>{{ expense.user.username }}</p>
{% endif %}
{% endfor %}
{{ f.as_p }}
{% endfor %}
<p>
Tax:
<input type="number" name="tax" value="0.00">
</p>
<p>
Tip:
<input type="number" name="tip" value="0.00">
</p>
<input type="submit" name="submit" value="submit">
</form>
{% endblock %}
here is the views.py that is processing the form:
the error referenced the if form.is_valid()
def updateExpenseIndividual(request, groupId, groupName):
currentUser = loggedInUser(request)
currentProfile = Profile.objects.get(user = currentUser)
currentGroup = Group.objects.get(id = groupId)
host = Member.objects.filter(group = groupId).filter(status = 2).first()
expenses = Expense.objects.filter(group = currentGroup).filter(name = groupName).all()
expenses_count = Expense.objects.filter(group = currentGroup).filter(name = groupName).count()
SplitFormSet = formset_factory(UpdateExpenseForm, extra=expenses_count)
# form_user = zip(expenses, SplitFormSet)
if request.method == 'POST':
formSet = SplitFormSet(request.POST)
if 'tax' in request.POST:
tax = request.POST['tax']
amount = Decimal(tax)
individual_tax = SplitEven(expenses_count, amount)
if 'tip' in request.POST:
tip = request.POST['tip']
amount = Decimal(tip)
individual_tip = SplitEven(expenses_count, amount)
if formSet.is_valid():
count = 0
for form in formSet:
cd = form.cleaned_data
amount = cd['amount']
description = cd['description']
total_amount = amount + individual_tip + individual_tax
expense = expenses[count]
update_expense = expense
update_expense.amount = total_amount
update_expense.description = description
update_expense.save()
if expense.user != host.user:
user_description = 'You owe ' + host.user.username + ' ' + str(total_amount) + ' for ' + description
host_description = expense.user.username + ' owes you ' + str(total_amount) + ' for ' + description
user_activity = Activity.objects.create(
user = expense.user,
group = currentGroup,
description = user_description,
status = 1,
category = 4,
)
host_activity = Activity.objects.create(
user = host.user,
group = currentGroup,
description = host_description,
status = 1,
category = 4,
)
return redirect('group_home', groupId = currentGroup.id)
else:
form = SplitFormSet()
message = 'Please complete the form below'
parameters = {
'message':message,
'form':form,
'currentGroup':currentGroup,
'expenses':expenses,
# 'form_user':form_user,
}
return render(request, 'tabs/update_expense_individual.html', parameters)
Here is the response that I am getting from the request:
csrfmiddlewaretoken
'zn1wHtaRIITsQlEhMiDJzqVhYrTbws9Q1qbYhfd66JybPnIt0joqS2WlXQqQwqgZ'
form-0-amount
'11.00'
form-0-description
'lunch'
form-1-amount
'22.00'
form-1-description
'salad'
form-2-amount
'33.00'
form-2-description
'later'
tax
'3.00'
tip
'6.00'
submit
'submit'
Upvotes: 0
Views: 317
Answers (1)
Sandeep Balagopal
Reputation: 1983
You need to have the management form in the template
{{ form.management_form }}
Upvotes: 4