Re: Pass post data to UpdateView

[Darren Williams]

Talk to me


On Sun, Apr 26, 2020, 18:18 Darren Williams  wrote:

> Ain't really sure learning myself but I look into it for you
>
> On Apr 26, 2020 8:02 AM, "'MH' via Django users" <
> django-users@googlegroups.com> wrote:
>
> Hi
>
> I do not know how to access request.POST, when I call UpdateView. Just to
> avoid a misunderstanding: I do not want to process the data after updating
> a model, but I want to pass a parameter to the UpdateView, which is not
> model related when the page opens.
>
> But I get a NameError that request is not defined. How can I make the POST
> data accessible?
>
> Thanks!
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to django-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/django-users/0e13ecd0-93f9-4847-a93b-2439efe277ee%40googlegroups.com
> 
> .
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/CAHoC8YUdsivCdRpqYtQw0Zr7pQzDYPy9pbPSFW6FHaBNCcunwA%40mail.gmail.com.

Re: Pass post data to UpdateView

[Darren Williams]

Ain't really sure learning myself but I look into it for you

On Apr 26, 2020 8:02 AM, "'MH' via Django users" <
django-users@googlegroups.com> wrote:

Hi

I do not know how to access request.POST, when I call UpdateView. Just to
avoid a misunderstanding: I do not want to process the data after updating
a model, but I want to pass a parameter to the UpdateView, which is not
model related when the page opens.

But I get a NameError that request is not defined. How can I make the POST
data accessible?

Thanks!

-- 
You received this message because you are subscribed to the Google Groups
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to django-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-users/0e13ecd0-93f9-4847-a93b-2439efe277ee%40googlegroups.com

.

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/CAHoC8YW-Ha74RepLXeAaAmmsV57OKZTRXsaikf1uA35EZMctDg%40mail.gmail.com.

Re: processing POST data from jquery

[het.oosten]

That was exactly what i needed. I didn't think of changing the
javascript data.

Thank you.

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: processing POST data from jquery

[gladys]

Remember that request.POST returns a dictionary.

I think your variable should be:
message = request.POST['your_post_variable_name']

and try changing the data in javascript to
data = {'your_post_variable_name' : t.value}

Goodluck.


--
Gladys
http://bixly.com


On Apr 11, 3:58 am, "het.oosten"  wrote:
> I am trying to get a jquery form validator working. I am stuck now
> trying to work with the POST data. When i use a simple view for
> testing:
>
> def Code(request):
>         if request.method == 'POST':
>                 message = request.POST
>                 data = dict(ok=True, msg=message)
>                 from django.utils import simplejson
>                 return
> HttpResponse(simplejson.dumps(data),mimetype='application/json')
>
> The returned json is:
> {"msg": {"code": [""]}, "ok": true}
>
> This should be:
> {"msg": "code", "ok": true}
>
> The javascripts sends a POST with a dictionary containing an empty
> key. How should i handle the post data?
>
> I am trying to work out an example from this 
> page:http://jqueryfordesigners.com/using-ajax-to-validate-forms/
>
> Here is the javascript i use:
>
> $(document).ready(function () {
>   var validateUsername = $('#validatecode');
>   $('#id_code').keyup(function () {
>     var t = this;
>     if (this.value != this.lastValue) {
>       if (this.timer) clearTimeout(this.timer);
>       validateUsername.removeClass('error').html(' check$
>
>       this.timer = setTimeout(function () {
>         $.ajax({
>           url: '/code-validatie/',
>         data: t.value,
>           dataType: 'json',
>           type: 'post',
>           success: function (j) {
>             validateUsername.html(j.msg);
>           }
>         });
>       }, 200);
>
>       this.lastValue = this.value;
>     }
>   });
>
>
>
>
>
>
>
> });

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Binary Post Data to ImageField

[Markus T.]

After some digging, I finally worked it out. In case anyone is
interested, here is the code for Django:

from django.core.files.uploadedfile import SimpleUploadedFile

def set_user_image(request, img_id):
  """
  set/update a user's image
  """
  if not request.user.is_authenticated():
return HttpResponse(status=403)

  # get the profile for the logged on user
  profile = get_object_or_404(GenericProfile, user = request.user)

  # instantiate an uploaded file to be passed to the model
  upfile = SimpleUploadedFile("%s.jpg" % img_id,
  request._raw_post_data,
  "image/jpeg")

  # update the user profile
  profile.image.save("%s.jpg" % img_id, upfile, True)

  return HttpResponse()

This code lacks important functionality though, e.g. check if the file
is a valid JPEG image, check if img_id is valid, etc.

So basically all you have to do is create a new SimpleUploadFile
object and initialize it with the raw POST data. Of course the client
has to use the correct format; in Flex, I did something like this:

  var req:URLRequest = new URLRequest(baseURL + "setimage/" + _field);
  req.method = "POST";
  req.data = jpData; /* this is the ByteArray containing JPEG data */
  req.contentType = "image/jpeg";

  var loader:URLLoader = new URLLoader();
  loader.addEventListener(Event.COMPLETE, uploadOK);
  loader.addEventListener(IOErrorEvent.IO_ERROR, uploadFault);
  loader.load(req);

To all you Django gurus out there: is this a sensible approach?

Thanks and happy holidays!

Markus

--

You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Binary Post Data to ImageField

[邓超]

As I know Django can not save binary data with it's default orm, you can try
to select another orm like sqlalchemy, or you can try to
modify the orm to make it can save binary data.

2009/12/21 Markus T. 

> Hi,
>
> I'm trying to save binary POST data to an ImageFile field - so far
> with no satisfying success.
>
> I can't seem to convince the client (Flex based image editor) to send
> binary data as correct "multipart/form-data"; I only have the option
> to send as raw binary data or with POST variables.
>
> My view function happily receives the binary data, and it looks ok. As
> far as I understand things, if the uploaded data was sent correctly as
> multipart-form-data, Django would create an InMemoryUploadFile object
> and pass it in request.FILES. I could use this code to save the image
> then:
>
> model_instance.image.save("%s.jpg" % img_id, request.FILES
> ['user_img'], True)
>
> What sensible approach could I use to update/save the image with
> binary POST data? I do not want to create a temporary file, though.
>
> I just don't seem to have enough in-depth Django knowledge to find a
> satisfying solution...
>
> Thanks!
>
> Markus
>
> --
>
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To post to this group, send email to django-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> django-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/django-users?hl=en.
>
>
>


-- 
Deng Chao

--

You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Django POST data errors

[Matthias Kestenholz]

On Mon, Aug 31, 2009 at 3:12 AM, Greg wrote:
>
> Hi all,
>
> I have a large-ish form (40-odd fields) on a pretty busy site, and I'm
> constantly getting "ManagementForm data is missing or has been
> tampered with" or "IOError: request data read error" errors. I can't
> reproduce it, and it always seems to be IE users (sigh)
>
> Does anyone have any ideas on what might be causing this? The form has
> one image upload field, otherwise it's just select boxes and text
> inputs.
>
> Thanks in advance,
>

I'm seeing this too, in a satchmo store administration interface. I've
no idea what causes this either except that it seems related to
Internet Explorer in some way (as you noticed too).

I'd be interested in a way to debug this too, or gather hopefully
helpful information about what's causing this.


Matthias



-- 
FeinCMS Django CMS building toolkit: http://spinlock.ch/pub/feincms/

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: Retaining POST DATA

[ckar...@googlemail.com]

You should define in your template or view to enable/disable the
submit button if the user is logged in/logged out before sending POST
Data. But I think there should be a way to this what you want ;-)

On Jul 21, 7:57 am, Raashid Malik  wrote:
> hi all,
>
>   I am sending POST data to a view But this view has login_required
> decorator enabled, So if i m user is not logged in, he goes to
> /accounts/login page and when user login, al the POST data is lost. Is there
> any way to maintain the actual POST data sent for view.
>
> Regards,
> Raashid Malik

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: Retaining POST DATA

[Tim Chase]

>   I am sending POST data to a view But this view has login_required
> decorator enabled, So if i m user is not logged in, he goes to
> /accounts/login page and when user login, al the POST data is lost. Is there
> any way to maintain the actual POST data sent for view.


There was a long discussion[1] on this fairly recently.  The 
verdict is that it can be hacked, but it introduces a CSRF 
exploit.  The way around it (as I understand it) is to have it 
not carry over the actual submission, but rather just  carry over 
the data to pre-populate the form.  The user (now logged in) can 
confirm that this data really is what they entered (rather than 
nefarious data), and re-submit the form as a now-logged-in user.

-tim

[1]
http://groups.google.com/group/django-users/browse_thread/thread/15faa2c0a57c1adf/







--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: Manipulating post data before sending?

[killsto]

Thanks, that worked.

On Jul 10, 1:44 pm, Jonathan Buchanan 
wrote:
> > I'm making a small app which is kind of like a blog. I have an Entry
> > class which has "ForeignKey(User)" as one of its members. I'm using
> > ModelForm to generate the form and I'm excluding the User ForeignKey
> > because it will just ask for you to pick a user from a drop-down
> > list.
>
> > Where do I tell it that the User ForeignKey should be request.user?
> > I've tried using "initial = {'author'  : request.user}". That
> > generates an "author_id may not be null." Any ideas?
>
> Use the "commit" argument to the ModelForm's save() method to get a
> hold of the resulting model instance without saving it, make any
> changes you want to the instance and then call save() on it yourself.
>
> There's an example of this in the docs:
>
>    http://docs.djangoproject.com/en/dev/topics/forms/modelforms/#the-sav...
>
> Regards,
> Jonathan.
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: Manipulating post data before sending?

[Jonathan Buchanan]

> I'm making a small app which is kind of like a blog. I have an Entry
> class which has "ForeignKey(User)" as one of its members. I'm using
> ModelForm to generate the form and I'm excluding the User ForeignKey
> because it will just ask for you to pick a user from a drop-down
> list.
>
> Where do I tell it that the User ForeignKey should be request.user?
> I've tried using "initial = {'author'  : request.user}". That
> generates an "author_id may not be null." Any ideas?

Use the "commit" argument to the ModelForm's save() method to get a
hold of the resulting model instance without saving it, make any
changes you want to the instance and then call save() on it yourself.

There's an example of this in the docs:


http://docs.djangoproject.com/en/dev/topics/forms/modelforms/#the-save-method

Regards,
Jonathan.

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: Sending POST data and Redirecting to external website from a view

[Lacrima]

Hello!

This is impossible to redirect a user to external site with post.
urllib and urllib2 can only help to fetch data, but not to redirect a
user.
So if you do not use ssl, you have to use hidden fields where you
should specify id and pin.

You can make payments much secure using hash algorithms. But your
payment provider must provide corresponding API.

I had near your problem in one project... And below is what have been
done.
First, a user fills in a form with general order information. Then,
this form is validated in my view. After that user is redirected to
order confirmation page on my site. Among submitted general order
information this page includes "Checkout" button and two hidden fields
(action url of the form is set to payment provider site). One hidden
field is all order info encoded with base64 function, and other field
is signature, which is a hash of secret key + order info. When the
user clicks "Checkout" he is sent to payment provider site. Then the
server decodes order info and checks signature. If that is ok, the
user fills payment info ... and so on...
This will protect from tampering data.

With regards,
Max.
(sorry if my English isn't very proper)

On May 29, 7:52 pm, M Godshall  wrote:
> Based on everything that I've read on the subject the last few days,
> it sounds like it's impossible to redirect a user to an external url
> with POST data.  If that's the case, I really need some help figuring
> out a secure solution to the following scenario:
>
> My client wants to use the secure payment form provided by their
> payment provider's website.  Here's how the process should work:
>
> 1. User submits form with basic information (no personal data) on
> client site
> 2. Client site validates the data from the form
> 3. Add sensitive account credentials to data (id and pin so the
> payment provider can identify my client's account)
> 4. Send user to payment provider's secure https website with basic
> information and client account credentials
> 5. User fills out payment information on payment provider's website
>
> The documentation only shows examples of sending this data (client id
> and pin) as hidden fields in a form, posting directly to the
> provider's url, but they don't recommend that approach for production
> environments for obvious security reasons.  Unfortunately, their
> documentation and tech support don't offer any secure alternatives, so
> hopefully the Django community will be able to offer better insight.
>
> I explored urllib/urllib2, but I couldn't figure out a way to direct
> the user to the payment providers secure web page along with the data
> mentioned above.  I'm certainly not an expert with these tools, so if
> you're aware of a solution please point me in the right direction.
>
> As a point of reference, the following code will give you an idea of
> what I'm trying to accomplish:
>
> def select_payment(request):
>     if request.method == 'POST':
>         form = PaymentForm(request.POST)
>         if form.is_valid():
>             values = {...} #cleaned form data, add client id and pin
>             data = urllib.urlencode(values)
>             url = 'https://www.xxx.com'#payment providers website
>
>             #Idea 1
>             full_url = url + '?' + data
>             return HttpResponseRedirect(full_url) #Successfully redirects
> with data, but exposes client data in url.  Not good.
>
>             #Idea 2
>             response = urllib2.urlopen(url, data)
>             the_page = response.read()
>             return HttpResponse(the_page) #This actually shows the form from
> the payment provider's website with the data I sent, but it shows it
> in my client's url.  Instead, I need to send the user to the payment
> provider's website with this data so they can fill out the form on a
> secure page.  This seems like it should be possible since I can post
> data to the url and get a response this way.
>
>     else:
>         form = PaymentForm()
>     return render_to_response('payments.html', {'form': form},
> context_instance=RequestContext(request))
>
> If I can't find a way to make this work, I'll have to setup an SSL
> certificate for my client and have them host the form, but I'd really
> like to avoid this if possible.  A big thanks to everyone from the
> Django irc who has helped me with this already.  Hopefully I'll find
> some closure soon.
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: Sending POST data and Redirecting to external website from a view

[M Godshall]

This particular client is non-profit and they have a minimal budget
for this, so they requested that I use the payment provider's form
since it already has an SSL certificate.  I realize getting a SSL
certificate and hosting the checkout process on the client's website
makes the most sense, but I'm trying to make this work the way they
asked me to do it before going in that direction.  The only
information a user provides on the client's website is what event they
are giving money toward, so the actual checkout is done on the payment
provider's website.  I'll look into the token suggestion you gave, but
my hopes are pretty low at this point.  Thanks for taking the time to
reply.

On May 29, 12:11 pm, Tom Evans  wrote:
> On Fri, 2009-05-29 at 09:52 -0700, M Godshall wrote:
> > Based on everything that I've read on the subject the last few days,
> > it sounds like it's impossible to redirect a user to an external url
> > with POST data.  If that's the case, I really need some help figuring
> > out a secure solution to the following scenario:
>
> > My client wants to use the secure payment form provided by their
> > payment provider's website.  Here's how the process should work:
>
> > 1. User submits form with basic information (no personal data) on
> > client site
> > 2. Client site validates the data from the form
> > 3. Add sensitive account credentials to data (id and pin so the
> > payment provider can identify my client's account)
> > 4. Send user to payment provider's secure https website with basic
> > information and client account credentials
> > 5. User fills out payment information on payment provider's website
>
> > The documentation only shows examples of sending this data (client id
> > and pin) as hidden fields in a form, posting directly to the
> > provider's url, but they don't recommend that approach for production
> > environments for obvious security reasons.  Unfortunately, their
> > documentation and tech support don't offer any secure alternatives, so
> > hopefully the Django community will be able to offer better insight.
>
> > I explored urllib/urllib2, but I couldn't figure out a way to direct
> > the user to the payment providers secure web page along with the data
> > mentioned above.  I'm certainly not an expert with these tools, so if
> > you're aware of a solution please point me in the right direction.
>
> > As a point of reference, the following code will give you an idea of
> > what I'm trying to accomplish:
>
> > def select_payment(request):
> >     if request.method == 'POST':
> >         form = PaymentForm(request.POST)
> >         if form.is_valid():
> >             values = {...} #cleaned form data, add client id and pin
> >             data = urllib.urlencode(values)
> >             url = 'https://www.xxx.com'#payment providers website
>
> >             #Idea 1
> >        full_url = url + '?' + data
> >        return HttpResponseRedirect(full_url) #Successfully redirects
> > with data, but exposes client data in url.  Not good.
>
> >             #Idea 2
> >        response = urllib2.urlopen(url, data)
> >        the_page = response.read()
> >        return HttpResponse(the_page) #This actually shows the form from
> > the payment provider's website with the data I sent, but it shows it
> > in my client's url.  Instead, I need to send the user to the payment
> > provider's website with this data so they can fill out the form on a
> > secure page.  This seems like it should be possible since I can post
> > data to the url and get a response this way.
>
> >     else:
> >         form = PaymentForm()
> >     return render_to_response('payments.html', {'form': form},
> > context_instance=RequestContext(request))
>
> > If I can't find a way to make this work, I'll have to setup an SSL
> > certificate for my client and have them host the form, but I'd really
> > like to avoid this if possible.  A big thanks to everyone from the
> > Django irc who has helped me with this already.  Hopefully I'll find
> > some closure soon.
>
> I'm not sure I understand completely, so correct me if I'm wrong, but it
> seems like you want to avoid the obvious way of doing this, by writing
> out a form on an SSL protected page, and having the user submit it, or
> auto submitting it, and you want to avoid this to avoid having to get an
> SSL certificate?
>
> If you think about it, this is impossible. You have the extra secret
> information, and it is the user who must present this extra information
> to the payment processor. Without having your own SSL certificate, there
> would be no way to securely get that information to the user. Finally,
> users are not impressed by commerce sites who don't do the checkout
> process over SSL, so its worth doing just to 'get the padlock'.
>
> Is there service provided by the payment processor for you to pass the
> data to the payment processor over a back channel, exchange for a token,
> and then redirect the user to their site 

Re: Sending POST data and Redirecting to external website from a view

[Tom Evans]

On Fri, 2009-05-29 at 09:52 -0700, M Godshall wrote:
> Based on everything that I've read on the subject the last few days,
> it sounds like it's impossible to redirect a user to an external url
> with POST data.  If that's the case, I really need some help figuring
> out a secure solution to the following scenario:
> 
> My client wants to use the secure payment form provided by their
> payment provider's website.  Here's how the process should work:
> 
> 1. User submits form with basic information (no personal data) on
> client site
> 2. Client site validates the data from the form
> 3. Add sensitive account credentials to data (id and pin so the
> payment provider can identify my client's account)
> 4. Send user to payment provider's secure https website with basic
> information and client account credentials
> 5. User fills out payment information on payment provider's website
> 
> The documentation only shows examples of sending this data (client id
> and pin) as hidden fields in a form, posting directly to the
> provider's url, but they don't recommend that approach for production
> environments for obvious security reasons.  Unfortunately, their
> documentation and tech support don't offer any secure alternatives, so
> hopefully the Django community will be able to offer better insight.
> 
> I explored urllib/urllib2, but I couldn't figure out a way to direct
> the user to the payment providers secure web page along with the data
> mentioned above.  I'm certainly not an expert with these tools, so if
> you're aware of a solution please point me in the right direction.
> 
> As a point of reference, the following code will give you an idea of
> what I'm trying to accomplish:
> 
> def select_payment(request):
> if request.method == 'POST':
> form = PaymentForm(request.POST)
> if form.is_valid():
> values = {...} #cleaned form data, add client id and pin
> data = urllib.urlencode(values)
> url = 'https://www.xxx.com' #payment providers website
> 
> #Idea 1
>   full_url = url + '?' + data
>   return HttpResponseRedirect(full_url) #Successfully redirects
> with data, but exposes client data in url.  Not good.
> 
> #Idea 2
>   response = urllib2.urlopen(url, data)
>   the_page = response.read()
>   return HttpResponse(the_page) #This actually shows the form from
> the payment provider's website with the data I sent, but it shows it
> in my client's url.  Instead, I need to send the user to the payment
> provider's website with this data so they can fill out the form on a
> secure page.  This seems like it should be possible since I can post
> data to the url and get a response this way.
> 
> else:
> form = PaymentForm()
> return render_to_response('payments.html', {'form': form},
> context_instance=RequestContext(request))
> 
> If I can't find a way to make this work, I'll have to setup an SSL
> certificate for my client and have them host the form, but I'd really
> like to avoid this if possible.  A big thanks to everyone from the
> Django irc who has helped me with this already.  Hopefully I'll find
> some closure soon.

I'm not sure I understand completely, so correct me if I'm wrong, but it
seems like you want to avoid the obvious way of doing this, by writing
out a form on an SSL protected page, and having the user submit it, or
auto submitting it, and you want to avoid this to avoid having to get an
SSL certificate?

If you think about it, this is impossible. You have the extra secret
information, and it is the user who must present this extra information
to the payment processor. Without having your own SSL certificate, there
would be no way to securely get that information to the user. Finally,
users are not impressed by commerce sites who don't do the checkout
process over SSL, so its worth doing just to 'get the padlock'.

Is there service provided by the payment processor for you to pass the
data to the payment processor over a back channel, exchange for a token,
and then redirect the user to their site with said token? Otherwise, you
have to certificate up. Sorry.

Cheers

Tom


--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: Weird POST data issues

[Karen Tracey]

On Fri, Mar 28, 2008 at 12:10 PM, homebrew79 <[EMAIL PROTECTED]> wrote:

> A friend of mine that has been helping me look at this just showed me
> ticket 6256: http://code.djangoproject.com/ticket/6256.  So I guess no
> need to reply.  Thanks!
>

You're the second person to re-discover this bug in the last week.   It's
extremely hard to diagnose (or even search for in the tracker, since you
almost have to figure out what is going on to discover some likely keywords
to search on), so if any of the core devs have some time (yeah, I know) it'd
be really nice to get a fix for this into Django.

Karen

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: Weird POST data issues

[homebrew79]

A friend of mine that has been helping me look at this just showed me
ticket 6256: http://code.djangoproject.com/ticket/6256.  So I guess no
need to reply.  Thanks!

On Mar 28, 11:02 am, homebrew79 <[EMAIL PROTECTED]> wrote:
> Hi,
>
> I'm having a really strange problem with the django admin, and POST
> data.
> This is with trunk.  On rev 7364.  But this has been happening for a
> long time on older builds.
>
> There is an edit_inline that has several hundred associated records.
>
> When saving, it frequently fails validation an gives the "Please
> correct the error below" message.
> I'll use firebug to search on the term "error" and it will show me the
> field that caused the error.
> Typically the field is filled out as should be, or in the case of a
> select option, it will be the '', no selection.
> What's really crazy is that this happens if you just load the page and
> save without making any changes.
> It doesn't happen every time, and the field that it errs on is totally
> random.
>
> I finally got so frustrated that I put some logging in the
> change_stage view of the admin to write the post data out to a file.
> What I found is that the fields that it is erring on are getting a '\r
> \n' prepended to the data.
>
> So for example the request.POST data that is coming into the view has
> a value that looks like this:
> u'style.41.color_cat': [u'\r\n11']
>
> But the request.raw_post_data from the same place looks like this:
> Content-Disposition: form-data; name="style.41.color_cat"^M
> ^M
> 11^M
>
> So it looks to me like django is inserting the \r\n somewhere between
> when the POST data leaves the browser and when it gets to the view as
> request.POST.
>
> I have disabled all middleware but
> 'django.contrib.sessions.middleware.SessionMiddleware' and
> 'django.contrib.auth.middleware.AuthenticationMiddleware' because I
> belive those are needed to use the admin.
>
> The context processers in use are just the default context processors.
>
> This is happening with mod_python and the django development server.
> This is happening with Firefox 2 and 3b4.  Also happening with IE 7.
>
> Any ideas or advice on how to debug this would be really appreciated.
> It is driving me nuts and I am at the point of obsession.
>
> Many Thanks!
>
> -Brian Morgan
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: No POST data

[Brian Luft]

>From http://www.w3.org/TR/html4/interact/forms.html#h-17.12:

"In this example, the INPUT element is disabled. Therefore, it cannot
receive user input nor will its value be submitted with the form."

Try removing the disabled attribute from the input.

If you still need to submit the value from that form you might try
some pre-submit processing and transfer the value to a hidden field.

Cheers
-Brian

On May 3, 11:36 am, tomass <[EMAIL PROTECTED]> wrote:
> I realise this is likely something trivial I am missing, and I'm aware
> ofhttp://code.djangoproject.com/wiki/NewbieMistakes...
>
> However, I have a form that's set up like this:
>
> From:  disabled id="date_from" name="date_from" value="04/25/2007" size="10"
> maxlength="12" readonly="readonly" />Calendar.setup({ inputField : "date_from", button :
> "date_from_cal" }); To:  name="date_to" value="04/28/2007" size="10" maxlength="12"
> readonly="readonly" /> id="date_to_cal" style="cursor: pointer; vertical-align: top !
> important;" />Calendar.setup({ inputField : "date_to", button :
> "date_to_cal" });  (Oldest Log: Wed, 25 Apr 2007 09:12:26 +2000, Newest Log Fri,
> 27 Apr 2007 10:31:56 +2000)
>
> my urls.py looks like this:
>
> urlpatterns += patterns('monitor.zopelog.views',
> (r'^landscape/logs/$', 'index'),
> (r'^landscape/logs/(?P\d{8})/(?P\d{8})/$',
> 'index'),
> (r'^landscape/logs/daterange/$', 'parsedate'),
> )
>
> and here's my parsedate function:
>
> def parsedate(request):
>
> date_from = request.POST['date_from']
> date_from = date_from.split('/')
> date_to = "%s%s%s" % (date_from[2], date_from[0],
> date_from[1])
>
> date_to = request.POST['date_to']
> date_to = date_to.split('/')
> date_to = "%s%s%s" % (date_to[2], date_to[0], date_to[1])
>
> return HttpResponseRedirect('/landscape/logs/%s/%s/' %
> (date_from, date_to))
>
> However, when I try to submit data from this form I get:
>
> "Key 'date_from' not found in "
>
> Basically telling me there's no post data.
>
> Can anyone let me know what I'm missing. I have the trailing slash,
> and I've also tried removing the URL altogether and posting to "" and
> then picking up on it there, but no dice...
>
> Thanks for any help.
>
> Tom


--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: No POST data

[tomass]

Turns out it was the "disabled" directive in the form. Weird, as I'm
pretty sure it works on other forms in other applications, but when I
remove it, it works great.

On May 3, 11:36 am, tomass <[EMAIL PROTECTED]> wrote:
> I realise this is likely something trivial I am missing, and I'm aware
> ofhttp://code.djangoproject.com/wiki/NewbieMistakes...
>
> However, I have a form that's set up like this:
>
> From:  disabled id="date_from" name="date_from" value="04/25/2007" size="10"
> maxlength="12" readonly="readonly" />Calendar.setup({ inputField : "date_from", button :
> "date_from_cal" }); To:  name="date_to" value="04/28/2007" size="10" maxlength="12"
> readonly="readonly" /> id="date_to_cal" style="cursor: pointer; vertical-align: top !
> important;" />Calendar.setup({ inputField : "date_to", button :
> "date_to_cal" });  (Oldest Log: Wed, 25 Apr 2007 09:12:26 +2000, Newest Log Fri,
> 27 Apr 2007 10:31:56 +2000)
>
> my urls.py looks like this:
>
> urlpatterns += patterns('monitor.zopelog.views',
> (r'^landscape/logs/$', 'index'),
> (r'^landscape/logs/(?P\d{8})/(?P\d{8})/$',
> 'index'),
> (r'^landscape/logs/daterange/$', 'parsedate'),
> )
>
> and here's my parsedate function:
>
> def parsedate(request):
>
> date_from = request.POST['date_from']
> date_from = date_from.split('/')
> date_to = "%s%s%s" % (date_from[2], date_from[0],
> date_from[1])
>
> date_to = request.POST['date_to']
> date_to = date_to.split('/')
> date_to = "%s%s%s" % (date_to[2], date_to[0], date_to[1])
>
> return HttpResponseRedirect('/landscape/logs/%s/%s/' %
> (date_from, date_to))
>
> However, when I try to submit data from this form I get:
>
> "Key 'date_from' not found in "
>
> Basically telling me there's no post data.
>
> Can anyone let me know what I'm missing. I have the trailing slash,
> and I've also tried removing the URL altogether and posting to "" and
> then picking up on it there, but no dice...
>
> Thanks for any help.
>
> Tom


--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: No POST data

[Jeremy Dunck]

On 5/3/07, tomass <[EMAIL PROTECTED]> wrote:
...
> return HttpResponseRedirect('/landscape/logs/%s/%s/' %
> (date_from, date_to))

Are you certain 'index' isn't trying to use request.POST?

You're redirecting there in 'parsedate'.

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---

Re: Send POST data for unchecked checkboxes

[Luke Plant]

On Monday 01 May 2006 21:47, Sam Tran wrote:

> On 5/1/06, Luke Plant <[EMAIL PROTECTED]> wrote:
> > On Monday 01 May 2006 20:03, Sam Tran wrote:
> > > I am having the problem described in ticket 1045:
> > > http://code.djangoproject.com/ticket/1045
> > >
> > > Was this problem fixed in Django 0.91?
> >
> > It was closed as a WONTFIX, so I doubt it (the patch certainly has
> > not been applied).  The problem you are having is inherent in HTML
> > forms, and the solution is to have a view function that knows what
> > data should have been filled in.
>
> Hi Luke,
>
> Thank you for the information.
>
> However I am not sure how I would write such a view.

I think you would have to write a custom manipulator that knows not to 
expect certain fields.  However, I've never actually done this myself 
(I've barely used the 'forms' stuff in Django), so I can't really be 
more specific.

Luke

-- 
"In my opinion, we don't devote nearly enough scientific research to 
finding a cure for jerks." (Calvin and Hobbes)

Luke Plant || L.Plant.98 (at) cantab.net || http://lukeplant.me.uk/

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users
-~--~~~~--~~--~--~---

Re: Send POST data for unchecked checkboxes

[Sam Tran]

On 5/1/06, Luke Plant <[EMAIL PROTECTED]> wrote:
>
> On Monday 01 May 2006 20:03, Sam Tran wrote:
>
> > I am having the problem described in ticket 1045:
> > http://code.djangoproject.com/ticket/1045
> >
> > Was this problem fixed in Django 0.91?
>
> It was closed as a WONTFIX, so I doubt it (the patch certainly has not
> been applied).  The problem you are having is inherent in HTML forms,
> and the solution is to have a view function that knows what data should
> have been filled in.
>

Hi Luke,

Thank you for the information.

However I am not sure how I would write such a view.

Here is my model:

class hierarchy_usr(meta.Model):
id = meta.AutoField(primary_key=True)
mgr_id = meta.CharField(maxlength=20, db_column="mgr_id")
usr_id = meta.CharField(maxlength=20, db_column="usr_id")
inherits = meta.BooleanField(blank=False, default=False)

I want to represent all manager/user relationships. For a given
relationship, if 'inherits' is True, then the manager inherits the
user's permissions.

I want to edit each manager/relationship by turning off or on, the
'inherits' boolean variable.

Here is the view I wrote so far:

def edit(request, mgr_id, usr_id):
  # Get the h_usr in question from the database and create a
  # ChangeManipulator at the same time.
  h_usr_obj = get_object_or_404(hierarchy_usrs,
mgr_id__exact=mgr_id,
usr_id__exact=usr_id)
  try:
manipulator = hierarchy_usrs.ChangeManipulator(h_usr_obj.id)
  except hierarchy_usrs.DoesNotExist:
raise Http404

  if request.POST:
new_data = request.POST.copy()

new_data['mgr_id'] = str(mgr_id)
new_data['usr_id'] = str(usr_id)

errors = manipulator.get_validation_errors(new_data)
if not errors:
  manipulator.do_html2python(new_data)
  manipulator.save(new_data)

  # Do a post-after-redirect so that reload works, etc.
  #return HttpResponseRedirect(request.path)
  return HttpResponseRedirect("/access/hierarchy_usr/")
  else:
errors = {}
# This makes sure the form accurate represents the fields of the h_usr.
new_data = manipulator.flatten_data()

  form = formfields.FormWrapper(manipulator, new_data, errors)
  return render_to_response('access/hierarchy_usr_edit', {'form': form})

I would appreciate any help.

Thanks.
Sam

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users
-~--~~~~--~~--~--~---

Re: Send POST data for unchecked checkboxes

[Luke Plant]

On Monday 01 May 2006 20:03, Sam Tran wrote:

> I am having the problem described in ticket 1045:
> http://code.djangoproject.com/ticket/1045
>
> Was this problem fixed in Django 0.91?

It was closed as a WONTFIX, so I doubt it (the patch certainly has not 
been applied).  The problem you are having is inherent in HTML forms, 
and the solution is to have a view function that knows what data should 
have been filled in.

Luke

-- 
"In my opinion, we don't devote nearly enough scientific research to 
finding a cure for jerks." (Calvin and Hobbes)

Luke Plant || L.Plant.98 (at) cantab.net || http://lukeplant.me.uk/

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-users
-~--~~~~--~~--~--~---