On May 17, 2009, at 1:26 AM, Apple wrote:
>
> I write some code like following:
> ************************************************************************************************************************
> #coding=utf8
> from django.shortcuts import render_to_response
> from django.http import *
> from django.contrib.auth.models import User
> from django.contrib.auth.decorators import login_required
> import datetime
> import md5
>
> def to_reg(request):
> section = '欢迎注册为本系统的合法用户'
> return render_to_response('user_manage/to_reg.html',
> {'section':section})
> def reg(request):
> username = request.POST['user_name']
> first_name = request.POST['first_name']
> last_name = request.POST['last_name']
> email = request.POST['email']
> password = request.POST['password']
> re_password = request.POST['re_password']
> #获取当前时间
> nowtime = datetime.datetime.now()
>
> try:
> user = User.objects.get(username=username)
> msg = '此用户名已经被注册,请选用其他的用户名'
> return HttpResponse('<script>alert(\'' + msg +
> '\');history.go(-1)</script>')
> except:
> pass
>
> if password != re_password:
> msg = '您两次输入的密码不一致,请重新输入!'
> return HttpResponse('<script>alert(\'' + msg +
> '\');history.go(-1)</script>')
> else:
> try:
> user = User()
> user.username = username
> user.first_name = first_name
> user.last_name = last_name
> user.email = email
> user.password = md5.md5(password).hexdigest()#出于安全
> 性的考虑
> user.is_staff = 0 #没有管理权限
> user.is_active = 1 #默认注册即激活
> user.is_superuser = 0 #不是超级用户
> user.last_login = nowtime #当前时间即最后登陆时间
> user.date_joined = nowtime #注册时间
> user.save()
> msg = '注册成功,请登陆后使用系统提供的各项功能!'
> return HttpResponse('<script>alert(\'' + msg +
> '\');window.location.href="/"</script>')
> except:
> msg = '注册失败,请重新尝试!'
> return HttpResponse('<script>alert(\'' + msg +
> '\');history.go(-1)</script>')
>
> def login(request):
> username = request.POST['user_name']
> password = request.POST['password']
> password = md5.md5(password).hexdigest()
> try:
> user = User.objects.get(username=username)
> real_password = user.password
> if password == real_password and user.is_active == 1:
> msg = '登陆成功,您将进入会员中心!'
> return HttpResponse('<script>alert(\'' + msg +
> '\');window.location.href="/user/user_center/"</script>')
All you're doing here is checking that the password matches, you're
not actually logging the user in (which requires sessions and cookies
and all that). Take a look at this section of the docs to see how to
do that:
http://docs.djangoproject.com/en/dev/topics/auth/#how-to-log-a-user-in
If you don't need your login view to do anything special, you can just
use the built-in view that comes with the auth contrib app, found at
django.contrib.auth.views.login. You can tie that directly into your
url config.
Hope that helps,
Eric
> else:
> return HttpResponse("密码不正确")
> except:
> msg = '此用户不存在,或者因其他原因被禁止!'
> return HttpResponse('<script>alert(\'' + msg + '\');history.go
> (-1)</script>')
>
> @login_required
> def user_center(request):
> section = '用户中心'
> user = request.user
> user_id = user.id
> return render_to_response('user_manage/user_center.html',
> {'section':section},context_instance=RequestContext(request))
> *******************************************************************************************************************************
>
> I login the system successfully ,but when I redirect to the url that
> processed by the function user_center ,it said that i didn't login and
> redirect the page to the login page . why ? I really logged in ! Where
> is the point ?
> >
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en
-~----------~----~----~----~------~----~------~--~---
