as described in error message your view function have to use
RequestContext<http://docs.djangoproject.com/en/dev/ref/templates/api/#subclassing-context-requestcontext>
for
the template, instead of Context.
your view should looks like
def about(request):
if request.method == 'POST':
return HttpResponseRedirect('/about/')
elif request.method == 'GET':
return render_to_response('about.html',
context_instance=RequestContext(request))
else:
raise Http404()
note that you redirect (HttpResponseRedirect) to url, but
render (render_to_response) template with context
also I changed action for form in tempalte to /about/ to handle POST and
GET requests in same view
hope this helps
2012/7/10 JJ Zolper <codinga...@gmail.com>
> Here is the error I received with debug set to true for Django:
>
> Forbidden (403)
>
> CSRF verification failed. Request aborted.
> Help
>
> Reason given for failure:
>
> CSRF token missing or incorrect.
>
>
> In general, this can occur when there is a genuine Cross Site Request
> Forgery, or when Django's CSRF
> mechanism<http://docs.djangoproject.com/en/dev/ref/contrib/csrf/#ref-contrib-csrf>
> has
> not been used correctly. For POST forms, you need to ensure:
>
> - The view function uses
> RequestContext<http://docs.djangoproject.com/en/dev/ref/templates/api/#subclassing-context-requestcontext>
> for
> the template, instead of Context.
> - In the template, there is a {% csrf_token %} template tag inside
> each POST form that targets an internal URL.
> - If you are not using CsrfViewMiddleware, then you must use
> csrf_protect on any views that use the csrf_token template tag, as
> well as those that accept the POST data.
>
> You're seeing the help section of this page because you have DEBUG = True in
> your Django settings file. Change that to False, and only the initial
> error message will be displayed.
>
> You can customize this page using the CSRF_FAILURE_VIEW setting.
>
>
> I'm wondering if this is caused because I don't have a redirect page for
> my 'POST' HTML submit.
>
> Now my code...
>
> URLCONF:
>
> from django.conf.urls.defaults import patterns, include, url
>
> from MadTrak.manageabout.views import about, about_form
>
>
> # Uncomment the next two lines to enable the admin:
>
> from django.contrib import admin
>
> admin.autodiscover()
>
>
> urlpatterns = patterns('',
>
>
> (r'^about_form/', about_form),
>
> (r'^about/', about),
>
>
> # Examples:
>
> # url(r'^$', 'MadTrak.views.home', name='home'),
>
> # url(r'^MadTrak/', include('MadTrak.foo.urls')),
>
>
> ## url(r'^$', 'MadTrak.views.home', name='home'), with a view named home
>
> ## url(r'^listen/', 'MadTrak.views.home', name='home'), with a view named
> home
>
> ## url(r'^home/', 'MadTrak.views.home', name='home'), with a view named
> home
>
>
> # Uncomment the admin/doc line below to enable admin documentation:
>
> # url(r'^admin/doc/', include('django.contrib.admindocs.urls')),
>
>
> # Uncomment the next line to enable the admin:
>
> url(r'^admin/', include(admin.site.urls)),
>
> )
>
>
> views.py in my manageabout app:
>
> from django.http import HttpResponseRedirect
>
> from django.shortcuts import render_to_response
>
> from MadTrak.manageabout.models import AboutMadtrak
>
>
> def about_form(request):
>
> return render_to_response('about_form.html')
>
>
> def about(request):
>
> if request.method == 'POST':
>
> # do_something_for_post()
>
> return HttpResponseRedirect('about.html')
>
> elif request.method == 'GET':
>
> return render_to_response('/')
>
> else:
>
> raise Http404()
>
>
> model where i tried to set up my database to recieve the information
> posted:
>
> from django.db import models
>
>
> class AboutMadtrak(models.Model):
>
> name = models.CharField(max_length=30)
>
> title = models.CharField(max_length=60)
>
> bio = models.CharField(max_length=200)
>
> website = models.URLField()
>
>
> def __unicode__(self):
>
> return self.nam
>
>
> my template for the about form submission:
>
>
> <html>
>
> <title>About-Form</title>
>
> <head>
>
>
> </head>
>
> <body>
>
>
> MadTrak About Page, Yo!
>
>
> <p></p>
>
>
> <form action="/about_form/" method="post">
>
> {% csrf_token %}
>
> <p>Name: <input type="text" name="name" value=""></p>
>
> <p>Title: <input type="text" name="title" value=""></p>
>
> <p>Bio: <textarea name="bio" rows="10" cols="50"></textarea></p>
>
> <p>Website: <input type="text" name="website" value=""></p>
>
> <input type="submit" value="Submit">
>
> </form>
>
>
> </body>
>
> </html>
>
>
>
> In conclusion I am fairly new to even 'POST' and 'GET' operations so I
> apologize haha. Anyways, I see the CSRF error and I was confused because i
> recall that having to do with security? An open operation from submission
> to a redirect page? I'm not sure.
>
> All I wanted to accomplish was to be able to post the data in that
> template and see the result in my in my MadTrak database. That's it. Just
> see the data as an item in my database. Any help is welcomed as I try to
> iron this out!
>
> Cheers to all the Django developers out there!
>
> JJ Zolper
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/django-users/-/DChOPlS2aAsJ.
> To post to this group, send email to django-users@googlegroups.com.
> To unsubscribe from this group, send email to
> django-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/django-users?hl=en.
>
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en.
