一、复习数据库操作
字段类型 字符串 EmailField(CharField): IPAddressField(Field) URLField(CharField) SlugField(CharField) UUIDField(Field) FilePathField(Field) FileField(Field) ImageField(FileField) CommaSeparatedIntegerField(CharField) 时间类: models.DateTimeField(null=True) 数字: num = models.IntegerField() num = models.FloatField() mum = models.DecimalField(max_digits=30,decimal_places=10) 枚举(Django): color_list = ( (1,'黑色'), (2,'白色'), (3,'蓝色') ) color = models.IntegerField(choices=color_list) 1. 自己操作: 自己取,自己用 2. 给Django admin使用 应用场景:选项固定 PS: FK选项动态 字段参数: null=True, default='1111', db_index=True, unique=True class Meta: # unique_together = ( # ('email','ctime'), # ) # index_together = ( # ('email','ctime'), # ) - 操作: - 增删改查 - filter(),update(),create() - all() values values_list() - FK 正向: filter() values,values_list() -> 跨表 fk__xxx objs = all() for obj in objs: obj.fk. 反向: filter() values,values_list() -> 跨表 小写表名称__xxx objs = all() for obj in objs: obj.小写表名称_set.all() - M2M: M2M 自定义 M2M+自定义 正向(有M2M): obj = ... obj.m.add() obj.m.remove() obj.m.set() obj.m.clear() obj.m.all()... 反向: obj ... obj.表名_set.add ... M2M+自定义 CSRF:POST时,需要用户携带随机字符 - Form - {% csrf_token %} - Ajax - data - cookie中获取,添加到请求头 XSS: - 不用safe - mark_safe - 过滤关键字 Cookie: - 放在用户浏览器端的键值对 - 可以放很多,但是对于敏感信息
二. 复习模板
- 基本使用 - 母版 - 页面继承 - include - 导入小组件 pub.html <div> <h3>特别漂亮的组件</h3> <div class="title">标题:{{ name }}</div> <div class="content">内容:{{ name }}</div> </div> test.html <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title></title> </head> <body> {% include 'pub.html' %} {% include 'pub.html' %} {% include 'pub.html' %} </body> </html> - 函数-> 自动执行 - 模板自定义函数:xxx.py from django import template register = template.Library() @register.filter def my_upper(value,arg): return value + arg @register.filter def my_bool(value): return False @register.simple_tag def my_lower(value,a1,a2,a3): return value + a1 + a2 + a3 - simple_filter - 最多两个参数,方式: {{第一个参数|函数名称:"第二个参数"}} - 可以做条件判断 - simple_tag - 参数无限制: {% 函数名 参数 参数%}
三、seccion
from django.shortcuts import render,HttpResponse,redirect def login(request): if request.method=='GET': return render(request, 'login.html') else: user = request.POST.get('username') pwd = request.POST.get('passwd') gender = request.POST.get('gender') rmb = request.POST.get('rmb') if user=='alex' and pwd=='123': #1.生成随机字符串 #2.通过cookie发给客户端 #3.服务端保存随机字符串{'随机字符串':{'username':'alex','age':'36'}} request.session['username'] = user request.session['passwd'] = pwd return redirect('/index/') else: return render(request, 'login.html', {'msg': '用户名或密码错误'}) # def abc(request): # request.session.delete(request.session.session_key) # v = request.session.session_key # if not v: # return HttpResponse('清空session成功') # else: # return HttpResponse(str(v)) def index(request): if request.method=='GET': #1.获取客户端cookie中的随机字符串 #2.去session中查找有没有随机字符串 #3.去session对应key的value中查找是否有username v = request.session.get('username') if v: return render(request, 'index.html') else: return HttpResponse('登录失败') 问题: Invalid HTTP_HOST header: '127.0.0.1:8000'. You may need to add '127.0.0.1' to ALLOWED_HOSTS. 解决方法: myapp settings.py 在ALLOWED_HOSTS = []里改成ALLOWED_HOSTS = ["127.0.0.1"]