Hi Everyone!
My question is how can I prevent illegal method calls in django web application. For example, take a method that updates the data of ExampleModel: def examplemodel_changeform(request, examplemodel_id): #Here is the source code of model updating... Clicking on the submit button, the form data will be posted from the browser with this URL: http://127.0.0.1:8000/examplemodel_changeform/40/ The ExampleModel, where examplemodel_id=40 will be updated with the posted data. This is what I expect to happen. But, Problem No1: Typing the URL above into the address bar of the browser, it will send a GET request. Problem No2: On the client side there are listed only the "active" ExampleModel items in the application. So the user will update only the active items. But with other tools it is possible to send a POST for non active items. For example, sending a post to this URL (http://127.0.0.1:8000/examplemodel_changeform/50/), when ExampleModel, where examplemodel_id=50, isn't in active status. Which is the correct django/python way to solve this problem? Do I need to check all things (GET/POST, status...) on every http request? Thank you in advance! -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To post to this group, send email to django-users@googlegroups.com. Visit this group at http://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/52ed7be5-836f-4325-88bc-b48c91738ae2%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
