code in views.py
=================================
from django.http import HttpResponseRedirect
from django.core.mail import send_mail
from django.core.context_processors import csrf
from django.template import RequestContext
def contact1(request):
errors = []
if request.method == 'POST':
if not request.POST.get('subject', ''):
errors.append('Enter a subject.')
if not request.POST.get('message', ''):
errors.append('Enter a message.')
if request.POST.get('email') and '@' not in request.POST['email']:
errors.append('Enter a valid e-mail address.')
if not errors:
send_mail(
request.POST['subject'],
request.POST['message'],
request.POST.get('email', '[email protected]'),
['[email protected]'],
)
return HttpResponseRedirect('/contact/thanks/')
return render(request, 'contact_form.html',{'errors': errors})
===================================================================
code in contact_form.html
=========================================================================
<html>
<head>
<title>Contact us</title>
</head>
<body>
<h1>Contact us</h1>
{% if errors %}
<ul>
{% for error in errors %}
<li>{{ error }}</li>
{% endfor %}
</ul>
{% endif %}
<form action="/contact/" method="post">
<p>Subject: <input type="text" name="subject"></p>
<p>Your e-mail (optional): <input type="text" name="email"></p>
<p>Message: <textarea name="message" rows="10"
cols="50"></textarea></p>
<input type="submit" value="Submit">
</form>
</body>
</html>
=========================================
error
Forbidden (403)
CSRF verification failed. Request aborted.
Help
Reason given for failure:
CSRF cookie not set.
In general, this can occur when there is a genuine Cross Site Request
Forgery, or when Django's CSRF
mechanism<http://docs.djangoproject.com/en/dev/ref/contrib/csrf/#ref-contrib-csrf>has
not been used correctly. For POST forms, you need to ensure:
- Your browser is accepting cookies.
- The view function uses
RequestContext<http://docs.djangoproject.com/en/dev/ref/templates/api/#subclassing-context-requestcontext>for
the template, instead of
Context.
- In the template, there is a {% csrf_token %} template tag inside each
POST form that targets an internal URL.
- If you are not using CsrfViewMiddleware, then you must use csrf_protecton
any views that use the
csrf_token template tag, as well as those that accept the POST data.
You're seeing the help section of this page because you have DEBUG = Truein
your Django settings file. Change that to
False, and only the initial error message will be displayed.
You can customize this page using the CSRF_FAILURE_VIEW setting.
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/django-users.
For more options, visit https://groups.google.com/groups/opt_out.
