I have used a form in a view and want to update a record after submit:
View:
{{=SQLFORM(db.activity, record = a.id, deletable = True,
hidden=dict(attr='chgact'))}}
controller:
if (request.vars['attr'] == 'chgact') and
(request.vars['delete_this_record'] != 'on'):
The book says in
http://web2py.com/books/default/chapter/29/07/forms-and-validators
causes the hidden fields to be passed with the submission, no more, no
less. form.accepts(...) is not intended to read the received hidden fields
and move them into form.vars. The reason is security. Hidden fields
2 matches
Mail list logo
