Hi Noel! Have you looked at the problem in context CSRF Protection? Please check it out
- How to use Django’s CSRF protection https://docs.djangoproject.com/en/4.1/howto/csrf/ It might be as a solution... On Monday, January 2, 2023 at 3:27:01 AM UTC+3 Noel Duffy wrote: > I'm new to Django, though not to programming. I'm using Django 4.1.4 on > AlmaLinux 9. > > My question is this. Is it possible to access a ModelForm field's value > if that form field failed validation? > > I'm writing a small ticketing system for a helpdesk to handle spam > reports. Users submit spam messages which the system will then process. > I'm using a ModelForm, and the database schema specifies that the spam > message is unique. That is, each spam message can be reported only once, > so there's just one ticket but possibly many different actions taken > depending on what's in the spam. > > This is the model: > > class AbuseReport(models.Model): > report_date = models.DateTimeField(auto_now_add=True) > report_subject = models.CharField(max_length=255) > report_msgid = models.CharField(max_length=255, unique = True) > report_spam_text = models.TextField(unique = True) > def __str__(self): > return report_subject > > class Meta: > ordering = ['-report_date'] > > Now, the problem is that a spam message will fail form validation in the > form.is_valid call if the spam message fails the "unique" constraint. > Why is this a problem? Because I want to get my hands on the spam > message if it's already in the DB so that instead of just re-showing my > form with an error message saying the spam already exists, I want to > redirect to the existing ticket. But so far I've not been able to figure > out how to do this, and when I dump the contents of the form in > debugging, the spam message just isn't there. > > I should add that the ModelForm only creates a field for the > report_spam_text field. I.e, > > class AbuseReportForm(ModelForm): > def __init__(self, *args, **kwargs): > super(ModelForm, self).__init__(*args, **kwargs) > > def clean(self): > [...] > > class Meta: > model = AbuseReport > fields = ['report_spam_text'] > widgets = {'report_spam_text': > Textarea(attrs={ > 'rows': 20, > 'class':'textarea', > 'placeholder':'Paste spam with full headers here..' > }),} > > > This is what my view looks like (stripped down for simplicity): > > def spamsubmit(request): > # if this is a POST request we need to process the form data > if request.method == 'POST': > # create a form instance and populate it with data from the > request: > form = AbuseReportForm(request.POST) > # check whether it's valid: > if form.is_valid(): > # process the data in form.cleaned_data as required > [.....] > else: > ## show the form again with errors displayed > ## if spam already exists this is what gets run. > return render(request, 'abuse/spam_form.html',{'form':form}) > > As I understand it, fields aren't bound to data until is_valid is > called, and if is_valid fails then only fields that didn't fail validity > go into cleaned_data. But it seems everything else is lost. But I'm not > 100% sure about this and this is why I'm asking. > > > > -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/2bf8db16-56f7-44f4-bfda-fa9aea477a41n%40googlegroups.com.
