replace: if form.accepts(request.vars, session):
with if form.accepts(request.vars): or if form.accepts(request.vars, session, formname='xxx%s' % item_id): else all forms have the same name and the mechanism to prevent CSRF gets confused on which form is which. On Sep 6, 7:20 am, "david.waldrop" <[email protected]> wrote: > I am using the LOAD command to invoke a custom comment module in a > view like this: > > {{=LOAD('comments','comment',args=(r.id), ajax=True)}}{{pass}} > > The LOAD statement is called for each row displayed on the view . > Note there are multiple rows. > > The controller is very straight forward and looks like this: > --------------------------------------------------------------------------------------------------------------- > def comment(): > print 'in comment controller with item_id = ', request.args(0) > > item_id=request.args(0) > db.itemcomments.item_ref.default=item_id > db.itemcomments.created_by.represent=lambda id: > db.auth_user[id].email > form=SQLFORM(db.itemcomments, submit_button='Add') > > if form.accepts(request.vars, session): > print request.vars > sink=1 > elif form.errors: > response.flash = 'Invalid data.' > > comments=db(db.itemcomments.item_ref==item_id).select(orderby=db.itemcomments.created_on) > return dict(form = form,comments=comments) > ------------------------------------------------------------------------------------------ > > At 1st appearance everything looks fine. The items are displayed > along with their corresponding comments. The input text box is > displayed along with the add button. The problem is that for any > given record the 1st time i try and add a new comment nothing > happens. However, the 2nd and subsequent times I add comments for a > record it works.
