Re: CSRF Issue

On Thursday, 14 June 2012 10:00:09 UTC+1, cmac0tt wrote:

ahem, so here is the view

from wikicamp.wiki.models import Page
from django.shortcuts import render_to_response
from django.http import HttpResponseRedirect
from django.shortcuts import render
from django.shortcuts import redirect
from django import forms
import htmllib
from django.template import RequestContext, loader
from django.core.context_processors import csrf
# Create your views here.

def view_page(request, page_name):
        c = {}
        try:
                page = Page.objects.get(pk=page_name)
        except Page.DoesNotExist:
                return render_to_response("create.html", {"page_name":page_name}
, context_instance=RequestContext(request))
        content = page.content
#       content = request.GET['content']
        return render_to_response("view.html", {"page_name":page_name, "content":content})
#, context_instance=RequestContext)



def edit_page(request, page_name):
        c = {}
        try:
                page = Page.objects.get(pk=page_name)
                content = page.content
        except Page.DoesNotExist:
                name = ""
#               content = request.GET['content']
                content = ""
        return  render_to_response("edit.html", {"page_name":page_name, "content":content})

def save_page(request, page_name):
        c = {}
        content = request.POST.get['content', 'this is the default']
        try:
                page = Page.objects.get(pk=page_name)
                content = request.GET['content']
                page.content = 'content'
        except Page.DoesNotExist:
                page = Page(name-page_name, content-content)
        page.save()
        return HttpResponseRedirect("/granite/" + "page_name" + "/")

Better, but now you've got rid of the `context_instance=RequestContext(request)` stuff, which you *do* need. And you're still creating an empty `c` dict which is never referenced again - it won't cause any problems, but it's pointless. 

--

DR.

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To view this discussion on the web visit https://groups.google.com/d/msg/django-users/-/ZTm-9l8tKvEJ.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to django-users+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/django-users?hl=en.