Django (2)

商業，創業，業務，職涯，美食，葡萄酒，閱讀，網路科技。

從 Larry 創業以及商業的經驗，希望以白話的口吻，介紹給大家這個商業的世界。

FB粉專會頻繁地更新 Larry 對於商業、社會、人生的觀察與心得，歡迎大家追蹤互動~

https://docs.djangoproject.com/en/1.6/intro/tutorial04/

首先是 HTML form 的 method 屬性, 節錄上面 tutorial 4 的兩段:

“We set the form’s action to {% url ‘polls:vote’ poll.id %}, and we set method=”post”. Using method=”post” (as opposed to method=”get”) is very important, because the act of submitting this form will alter data server-side. Whenever you create a form that alters data server-side, use method=”post”. This tip isn’t specific to Django; it’s just good Web development practice.”

“Since we’re creating a POST form (which can have the effect of modifying data), we need to worry about Cross Site Request Forgeries. Thankfully, you don’t have to worry too hard, because Django comes with a very easy-to-use system for protecting against it. In short, all POST forms that are targeted at internal URLs should use the {% csrf_token %} template tag.”

HTML form 的 method 屬性有兩種: “post” and “get”, 下面這 link 有一些很好的說明與比較:

http://www.w3school.com.cn/tags/att_form_method.asp

另外是 tutorial 4 中 HttpResponseRedirect 的部分:

“As the Python comment above points out, you should always return an HttpResponseRedirect after successfully dealing with POST data. This tip isn’t specific to Django; it’s just good Web development practice.”

再來是 Generic View 的部分, by tutorial 4:

“These views represent a common case of basic Web development: getting data from the database according to a parameter passed in the URL, loading a template and returning the rendered template. Because this is so common, Django provides a shortcut, called the “generic views” system.”

簡單來說就是把高相似度的動作用 generic view 來取代掉. 所以多數 view handler 只要繼承 generic.view 並指定 property 即可.