1

I'm trying to post my data from the form to the url called insert_data. The data which form is posting should insert to the database. After filling the form when i click submit button gives error. I included {% csrf_token %} in my form. I referred many solutions regarding this error, which couldn't help. 

Forbidden (403)
CSRF verification failed. Request aborted.

urls.py:

from django.conf.urls import url
from . import views

urlpatterns = [
    url(r'^$', views.index, name='index'),
    url(r'^chain$', views.chain, name='chain'),
    url(r'^add$', views.add, name='add'),
    url(r'^insert_order$', views.insert_order, name='insert_order'),
]

views.py

from django.shortcuts import render, render_to_response
from .models import Customers
from django.db import connection

def add(request):
    cursor = connection.cursor()
    cursor.execute('''select polls_products.modelNumber, polls_products.description, polls_products.cost from polls_products;''')
    results = cursor.fetchall()
    x = cursor.description
        resultsList = []   
        for r in results:
            i = 0
            d = {}
            while i < len(x):
                d[x[i][0]] = r[i]
                i = i+1
            resultsList.append(d)

    cursor1 = connection.cursor()
    cursor1.execute('''select polls_employees.first_name, polls_employees.last_name from polls_employees;''')
    results1 = cursor1.fetchall()
    x = cursor1.description
        resultsList1 = []   
        for r in results1:
            i = 0
            d = {}
            while i < len(x):
                d[x[i][0]] = r[i]
                i = i+1
            resultsList1.append(d)
    return render_to_response('polls/add.html', {"results1":resultsList1, "results":resultsList})

def insert_order(request):
    print "came"
    if request.method == "POST":
            print request.POST['product']
            print request.POST['emp']

        return render(request, 'polls/index.html', {})

add.html

<h1>Add Orders</h1>

<form action="{% url 'insert_order' %}" method="POST">
    {% csrf_token %}
Product: <select name="product">
<option disabled="disabled" selected="selected">select product</option>
    {% for r in results %}

            <option value="{{r.key}}" >{{r.modelNumber}} {{r.description}} {{r.cost}}</option>

    {% endfor %}
</select>
<br/><br/>
Employee: <select name="emp">
<option disabled="disabled" selected="selected">select Employee</option>
{% for r in results1 %}
     <option value="{{r.key}}" >{{r.first_name}} {{r.last_name}} </option>
{% endfor %}
</select>
<br/><br/>
<h3>Customer Details</h3>
First Name: <input type="text" id="fname" name="fname">
<br/><br/>
last Name: <input type="text" id="fname" name="fname">
<br/><br/>
City: <input type="text" id="fname" name="fname">
<br/><br/>
State: <input type="text" id="fname" name="fname">
<br/><br/>
Phone No: <input type="text" id="fname" name="fname">
<br/><br/>
<input type="submit" value="Save Order">
</form>

Please help. I really got stuck in this point.

Shwetha R S
  • 119
  • 1
  • 8

2 Answers2

0

You have to use RequestContext(request) everytime you use renter_to_response

return render_to_response("login.html", {"registration_id":registration_id}, context_instance=RequestContext(request))

And you have to import authenticate and login :

from django.contrib.auth import authenticate, login

In settings update

SESSION_COOKIE_SECURE = True
CSRF_COOKIE_SECURE = True
SESSION_EXPIRE_AT_BROWSER_CLOSE = True
MIDDLEWARE_CLASSES = [
    "django.middleware.csrf.CsrfViewMiddleware",
    "django.middleware.common.CommonMiddleware",
    "django.contrib.sessions.middleware.SessionMiddleware",
    "django.contrib.auth.middleware.AuthenticationMiddleware",
    "django.contrib.messages.middleware.MessageMiddleware",
    'django.middleware.clickjacking.XFrameOptionsMiddleware',
]

Please refer https://docs.djangoproject.com/ja/1.9/ref/csrf/

Hafees Kazhunkil
  • 115
  • 1
  • 7
0

If you don't use User authentification into your app try to use the django decorator @crsf_exempt

Ex : 

from django.views.decorators.csrf import csrf_exempt

@csrf_exempt
def add(request):
   ...

@csrf_exempt
def insert_order(request):
       ...
Babacar Gningue
  • 1,304
  • 1
  • 9
  • 10
  • Thank you.. I came out from csrf verification error. But I'm not getting the values of post data. Can you please help – Shwetha R S May 03 '16 at 04:12
  • To test your POST request just use `if request.POST:` and use `request.POST.get('product')` instead of `request.POST['product']` – Babacar Gningue May 03 '16 at 16:35