Django Form Inserts When I Want It To Update

August 09, 2024 Post a Comment

I'm new to Django but I seem to have nearly identical code working on another site. I can update a record in the Django shell, but in view.py the same code insists on INSERTing a

Solution 1:

What you are trying to do is unconventional and a possible security hole.

You should not get the instance of the object from the hidden id key you populated in the form. Users can easily change this one and get your code to overwrite some other model instance that they may not even have permission for.

The standard way to do it is to obtain the object based on the url.

Baca Juga

Should I Use Jwt Or Basic Token Authentication In Django Rest Framework?
Django Model Unique Together Both Ways
Python Built In Server Not Loading Css

defview_function(request,id):
    object_to_edit = get_object_or_404(Model,id=id) #Or slug=slug
    form = ModelForm(data = request.POST orNone, instance=object_to_edit)
    if form.is_valid():
        form.save()
        redirect()
    return render_to_response('template_name',{},RequestContext(request))

Hope it helps!

Getting Started with Python

Django Form Inserts When I Want It To Update

Solution 1:

Post a Comment for "Django Form Inserts When I Want It To Update"