thanks for your answer.
by point one, it doesnt contain the csrf_token parameter, but i dont know
why. ^^
to see the html better, i give the full now:
portal------------------------------
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN">
<html lang="en">
<head>
<!--suppress HtmlUnknownTarget -->
<link rel="stylesheet"
href="P:Daten/Projects/Vorbild/templates/css/style.css" type="text/css">
<title>Kunde</title>
</head>
<body>
<img src="P:/Daten/Projects/Vorbild/templates/pics/logo.png" alt="Sefar
logo" width=156 height=56/>
<h1>Kunde</h1>
{% block content %}<p>Zeit der Aktualisierung {{ current_date }}.</p>{%
endblock %}
<div class="test">
<form method="post" action="/kundendaten/">
{% csrf_token %}
<fieldset>
<legend>Anfrage</legend>
<p>Bitte Kundennamen eingeben</p>
<label>
<input type="text" name="kunde" size="30" required="required">
</label>
<br>
<br>
<input type="submit" name="senden" value="Senden"
href="kundendaten">
</fieldset>
</form>
</div>
<hr>
<p>Danke fuer die Benutzung meiner Seite.</p>
</body>
</html>
----------------------------------------------------
source code by right clicking...------------------------
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN">
<html lang="en">
<head>
<!--suppress HtmlUnknownTarget -->
<link rel="stylesheet"
href="P:Daten/Projects/Vorbild/templates/css/style.css" type="text/css">
<title>Kunde</title>
</head>
<body>
<img src="P:/Daten/Projects/Vorbild/templates/pics/logo.png" alt="Sefar
logo" width=156 height=56/>
<h1>Kunde</h1>
<p>Zeit der Aktualisierung Nov. 13, 2012, 11:49 a.m..</p>
<div class="test">
<form method="post" action="/kundendaten/">
<fieldset>
<legend>Anfrage</legend>
<p>Bitte Kundennamen eingeben</p>
<label>
<input type="text" name="kunde" size="30" required="required">
</label>
<br>
<br>
<input type="submit" name="senden" value="Senden"
href="kundendaten">
</fieldset>
</form>
</div>
<hr>
<p>Danke fuer die Benutzung meiner Seite.</p>
</body>
</html>
----------------------------------------------------------------
Am Dienstag, 13. November 2012 09:36:34 UTC+1 schrieb JirkaV:
> I may be wrong, but I don't see you using {% csrf_token %} anywhere.
> You're posting random snippets from your code that only loosely relate - I
> have trouble finding full code for the view and all components of HTML
> templates causing you trouble.
>
> So I'll just post a few tips:
>
> - before submitting the form in your browser, show the rendered HTML for
> the page "right click, then View Source (or similar) - does it contain the
> csrf_token parameter? (Just search for "csrf_token").
> - you can easily verify that your CSRF token is posted with the form by
> putting "print request" on the first line of the view that receives the
> form submission - then you should see "csrf_token" among the posted
> paramaters.
> - better version is to install a module to the browser you use for
> debugging to view what's actually being sent. For Firefox, you could use
> the excellent Firebug.
>
>
>
> On Tue, Nov 13, 2012 at 9:05 AM, Nebros <markusch...@gmail.com<javascript:>
> > wrote:
>
>> kundendaten-----------------------------
>> {% include "header.html" %}
>> <title>Kundendaten</title>
>> {% include "header2.html" %}
>> <h1>Portal</h1>
>> <h2>Ausgabe Kundendaten</h2>
>> {% include "sql.html" %}
>> <table border="1">
>> <tr><th>Name</th><th>E-Mail</th></tr>
>> <tr><td>'.$result['t_name'].'</td><td>'.$result['t_mail'].'</td></tr>
>> </table>
>> {% include "footer.html" %}
>> -----------------------------------------------
>>
>> (header , header2 and footer are only for the html tags !doctype...
>> blabla)
>>
>> Forbidden (403)---------------------------------
>>
>> CSRF verification failed. Request aborted.
>> Help
>>
>> Reason given for failure:
>>
>> CSRF cookie not set.
>>
>>
>> In general, this can occur when there is a genuine Cross Site Request
>> Forgery, or when *Django's CSRF
>> mechanism*<http://docs.djangoproject.com/en/dev/ref/contrib/csrf/#ref-contrib-csrf>has
>> not been used correctly. For POST forms, you need to ensure:
>>
>> - Your browser is accepting cookies.
>> - The view function uses
>> *RequestContext*<http://docs.djangoproject.com/en/dev/ref/templates/api/#subclassing-context-requestcontext>for
>> the template, instead of
>> Context.
>> - In the template, there is a {% csrf_token %} template tag inside
>> each POST form that targets an internal URL.
>> - If you are not using CsrfViewMiddleware, then you must use
>> csrf_protect on any views that use the csrf_token template tag, as
>> well as those that accept the POST data.
>>
>> You're seeing the help section of this page because you have DEBUG = Truein
>> your Django settings file. Change that to
>> False, and only the initial error message will be displayed.
>>
>> You can customize this page using the CSRF_FAILURE_VIEW setting.
>>
>> ---------------------------------------------------------------------
>>
>>
>> Am Montag, 12. November 2012 15:00:48 UTC+1 schrieb Nebros:
>>
>>> I know this is an old problem with many answers... but no one helps me.
>>> ^^
>>> what i have:
>>>
>>> Settings----------------------**----------
>>> MIDDLEWARE_CLASSES = (
>>> 'django.middleware.csrf.**CsrfViewMiddleware',
>>> 'django.middleware.common.**CommonMiddleware',
>>> 'django.contrib.sessions.**middleware.SessionMiddleware',
>>> 'django.contrib.auth.**middleware.**AuthenticationMiddleware',
>>> 'django.contrib.messages.**middleware.MessageMiddleware',
>>> # Uncomment the next line for simple clickjacking protection:
>>> # 'django.middleware.**clickjacking.**XFrameOptionsMiddleware',
>>> )
>>> ------------------------------**-------------
>>>
>>> urls--------------------------**------------
>>> from django.conf.urls import patterns
>>> from klasse.views import portal, kundendaten
>>> urlpatterns = patterns('',
>>> (r'^portal/$', portal),
>>> (r'^kundendaten/$', kundendaten),
>>> )
>>> ------------------------------**-------------
>>>
>>> views-------------------------**----------
>>> from django.shortcuts import render_to_response
>>> from django.core.context_processors import csrf
>>> from django.views.decorators.csrf import csrf_protect
>>> import datetime
>>> import pyodbc
>>> @csrf_protect
>>> def portal(request):
>>> now = datetime.datetime.now()
>>> return render_to_response('portal.**html', {'current_date': now})
>>> ------------------------------**--------------
>>>
>>> portal.html-------------------**-----------
>>> <form method="post" action="/kundendaten/">
>>> {% csrf_token %}
>>> <fieldset>
>>> <legend>Anfrage</legend>
>>> <p>Bitte Kundennamen eingeben</p>
>>> <label>
>>> <input type="text" name="kunde" size="30"
>>> required="required">
>>> </label>
>>> <br>
>>> <br>
>>> <input type="submit" name="senden" value="Senden"
>>> href="kundendaten">
>>> </fieldset>
>>> </form>
>>> ------------------------------**--------------
>>>
>>> I tryed a lot of variants to fix my "post" problem, but without success.
>>> can anybody help me? ^^
>>> thx
>>> *pls ignore my englisch fails
>>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Django users" group.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msg/django-users/-/K1p4e5lY1B4J.
>>
>> To post to this group, send email to django...@googlegroups.com<javascript:>
>> .
>> To unsubscribe from this group, send email to
>> django-users...@googlegroups.com <javascript:>.
>> For more options, visit this group at
>> http://groups.google.com/group/django-users?hl=en.
>>
>
>
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To view this discussion on the web visit
https://groups.google.com/d/msg/django-users/-/KBAn56nHLcoJ.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en.
