def login(request):
if request.method == 'POST':
user = request.POST.get('username',None)
pwd = request.POST.get('password',None)
if user == 'alex' and pwd =='123':
request.session['is_login'] = {'user':user}
return redirect('/app02/index/')
else:
return render_to_response('/app02/login.html',{'msg':'用户名或密码错误'},context_instance=RequestContext(request))
return render_to_response('app02/login.html',context_instance=RequestContext(request))
====================
login.html
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title></title>
</head>
<body>
<form action="/app02/login/" method="POST">
{% csrf_token %}
<p><input name = 'username'/></p>
<p><input name = 'password'/></p>
<p><input type = 'submit' value="提交"/><label style="color:red">{{ msg }}</label></p>
</form>
</body>
</html>
django 跨站请求伪造
最新推荐文章于 2024-06-18 17:09:25 发布