From f7ee69917453b0ed1ab398aa70eb82a0a5f71562 Mon Sep 17 00:00:00 2001 From: "jp.av.dev" Date: Sat, 14 Nov 2020 22:11:09 -0300 Subject: [PATCH] fin23 --- 4_Formularios.md | 63 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 63 insertions(+) diff --git a/4_Formularios.md b/4_Formularios.md index 300550f..9e7f9c7 100644 --- a/4_Formularios.md +++ b/4_Formularios.md @@ -116,3 +116,66 @@ def buscar(request): ``` +### Limitar cantidad de caracteres en busqueda + +*views.py* +``` +... + +def buscar(request): + # Validación campo vacio + if request.GET["prod"]: + prod_buscar = request.GET["prod"] + if len(prod_buscar) > 20: + msj = "Termino de búsqueda demasiado largo" + else: + articulos = Articulos.objects.filter(nombre__icontains=prod_buscar) + return render(request, "resultado_busqueda.html", {"articulos":articulos, "query":prod_buscar}) + ... +``` + +### Formulario de contacto + +*views.py* + + +*contacto.html* +``` + +

Formulario de contacto

+
+ {% csrf_token %} + +

Asunto:

+

Mail :

+

Mensaje:

+

+ + +
+ +``` +***{% csrf_token %}*** Protección contra [**CSRF**](https://docs.djangoproject.com/en/3.0/ref/csrf/) +*This should not be done for POST forms that target external URLs, since that would cause the CSRF token to be leaked, leading to a vulnerability.* + +*gracias.html* +``` +... +

Gracias por contactarnos

+... +``` +*views.py* +``` +... +def contacto(request): + if request.method == "POST": + return render(request, "gracias.html") + return render(request, "contacto.html") +``` + +*urlpatterns urls.py* +``` +... + path('contacto/', views.contacto),` +... +```