{% csrf_token %} introduces a hidden field into your form that will be posted. Second, request.raw_post_data is going to be form-encoded, so it will look like "csrf_token=adsjadsf&body=<the contents of the tweat>" (generally you would only use raw_post_data for binary files and the like).
To get it working quickly, use request.POST['body'] instead (you'll need to think about sanitizing; what happens on display if a user has included Javascript in the message). tj On Monday, January 14, 2013 11:08:22 AM UTC-7, Rahul Gaur wrote: > > Hi, > I am working on a Project which implements micro blogging(river flow) > like twitter. > > I made a django app for this and here is the snippet of the models.py > > I registered the app with 'admin' > > class uPost(models.Model): > body = models.TextField(max_length=150) > author = models.ForeignKey(auth.User) > pub_date = models.DateTimeField('Date') > > def __unicode__(self): > return (self.body) > > def get_author_url(self): > return "/u/%s/p/0" % (self.author) > > class Meta: > > ordering = ['-pub_date'] > > > here is snippet from post.html page > > <form action="/tweet/" method="post"> > {% csrf_token %} > <ul> > <table> > <li><p><label for="id_body">Report a Story:</label> <textarea id="id_body" > rows="2" cols="40" name="body"></textarea></p></li> > <li><p><input type="submit" value="Post"></p></li> > </table> > </ul> > </form> > > # I use this to post the tweet and below is the > > #views.py function > > def tweet(request): > assert(request.method=='POST') > body = smart_unicode(request.raw_post_data) > topic = uPost(body=body, author=request.user) > topic.pub_date = datetime.datetime.today() > topic.save() > return HttpResponseRedirect("/riverflow") # calls the function views > function that list all post in the timeline > > > When I use the post.html > > > OutPut I get when I post any tweet with the above FORM and Views func def > tweet > > > > csrfmiddlewaretoken=eTqlKTZe9AyMiudycqENAJxoLn9WXjA9&body=hmm+just+check+ing+%21 > > @aregee Jan. 14, 2013, 11:33 a.m. > > > It has to do something with the CSRF middleware token right ? > > I tried to use @csrf_exempt decorator in my views function,that does > remove csrfmiddlewaretoken =*& post the following on the timeline > "body=MESSAGEPOSTED " > > What am I doing wrong here .? > > > > > ------------------------------------------------------------------------------------------------------- > *Rahul Gaur* > *irc : iamaregee2* > *web: *http://www.rahulgaur.info* > * > *blogs : *aregee.wordpress.com , <http://sanencynicalwriter.wordpress.com/> > http://sanencynicalwriter.wordpress.com/ > *fb:* http://facebook.com/iamaregee > *github: *https://github.com/aregee > > -- You received this message because you are subscribed to the Google Groups "Django users" group. To view this discussion on the web visit https://groups.google.com/d/msg/django-users/-/4fWZdPC1GUUJ. To post to this group, send email to django-users@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.