html - Personalized/random URLs in Python/Django -


i'm python beginner (and english language beginner too, way). created simple form in python/django creates, edit , remove items. have html links refers urls like:

file.html:

<input type="button" value="edit" onclick="window.location.href='/edit/{{ object.id }}/'">

urls.py:

url(r'^edit/(?p<id>\d+)/$', 'app.views.editobj'),

views.py:

def editobj(request, id):

but of course, there's problem, wouldn't people go direct on url (only if button clicked) because type on url: /removeobj/1 , remove object id=1. create differente urls, maybe random, user never guess url button open, , of course, work id argument, when it's goind edit/remove, opens right object. i'm hoping clear on needs. thanks.

generating random url's highly inefficient, not mention unnecessarily difficult implement. common way asking post url. think should little more reading on django posting, better understanding of does. in case, here example of using this:

urls.py

url(r'^delete/$', 'app.views.delete_object', name="delete_obj"),

views.py

def delete_object(request): """ id of object via post, delete it. """     if request.method == 'post'  # makes sure request post         obj_id = request.post['obj_id']         obj = modelname.objects.get(id=obj_id)  # use model name here          # can use if conditions here make sure object         # retrieved allowed deleted user, or in general.          obj.delete()          messages.success(request, 'object deleted!')     return redirect(reverse('index'))  # make sure use name exists

.html

<form method="post" action="{% url 'delete_obj' %}">     {% csrf_token %}     <input type="hidden" value="{{ obj.id }}" name="obj_id" />     <button type="submit">submit</submit> </form>

you can use more logic in views.py make sure object allowed deletable, part, code wrote should give of understanding of way create post -> delete object workflow. feel free ask questions in comment section below answer.


-

Popular posts from this blog