我正在嘗試使用 pk 洗掉整個模型,但是當我點擊“洗掉”時,我被重定向到給定的頁面,但沒有任何反應模型仍然存在并且沒有被洗掉,但是當我寫入“room_name”而不是“pk”時'它確實有效,(提前致謝)
*Views.py:
def delete_room(request, pk):
Room.objects.filter(name=pk).delete()
return redirect('home')
Urls.py:
path("delete/<int:pk>/", views.delete_room, name="delete_room")
Models.py:
class Room(models.Model):
name = models.CharField(max_length=100)
about = models.TextField(max_length=500, null=True, blank=True)
creator = models.ForeignKey(User, on_delete=models.CASCADE, null=True, blank=True, related_name='room_creator')
members = models.ManyToManyField(User, through="RoomMember")
class RoomMember(models.Model):
approved = models.BooleanField(default=False, blank=False)
room = models.ForeignKey(Room, related_name='memberships', on_delete=models.CASCADE)
user = models.ForeignKey(User, related_name='user_groups', on_delete=models.CASCADE)
class Messages(models.Model):
user = models.ForeignKey(User, on_delete=models.CASCADE, null=False, blank=False)
text = models.CharField(max_length=10000, blank=False, null=False)
date = models.DateTimeField(default=datetime.now)
room = models.ForeignKey(Room, null=True, blank=False, on_delete=models.CASCADE)
Html:
<a class="btn btn-danger" href="{% url 'delete_room' pk=room.pk %}">Delete Room</a>*
uj5u.com熱心網友回復:
雖然@Willem 的回答完全沒問題,但我還可以向您展示一種更簡單且對初學者友好的方法來處理來自請求物件的請求方法。
def delete_room(request):
if request.method == "POST" or request.method == "DELETE":
#Handle your post and delete requests here
#e.g, deleting as was in the question
Room.objects.filter(pk=pk).delete()
#user will never get in here unless they hit via .delete or .post
#requests
return redirect('home')
uj5u.com熱心網友回復:
您可以過濾pk專案的主鍵,因此:
def delete_room(request, pk):
Room.objects.filter(pk=pk).delete()
return redirect('home')
但是,你應該不是一個GET請求做到這一點。洗掉專案應通過 POST 請求或 DELETE 請求完成。正如 W3 組織所說:
特別是,已經建立了約定,即GET 和 HEAD 方法不應具有執行除檢索以外的操作的意義。這些方法應該被認為是“安全的”。
如果您接受 GET 請求,搜索引擎和一些已經檢索頁面鏈接的瀏覽器可能會意外訪問該視圖,從而意外洗掉資料。
因此,您應該通過以下方式限制 HTTP 方法:
from django.views.decorators.http import require_http_methods
@require_http_methods(['DELETE', 'POST'])
def delete_room(request, pk):
Room.objects.filter(pk=pk).delete()
return redirect('home')
對于 HTML,您應該制作一個迷你表單,例如:
<form method="post" action="{% url 'delete_room' pk=room.pk %}">
{% csrf_token %}
<button type="submit" class="btn btn-danger">Delete Room</button>
</form>
轉載請註明出處,本文鏈接:https://www.uj5u.com/qita/360192.html
