Django发送消息问题
我有一个名为Message的模型,它有一个名为in_response_to的字段。我使用此字段通过在每个相关消息中存储原始消息的主键来标识哪些消息彼此相关,并列出所有消息 如果我收到你的新消息,我想回复。我会在我的文本框下创建一个隐藏的_字段,并存储新的消息主id,然后通过将主键存储在_response_to中来使用该字段创建消息,这样我就知道该消息与该消息相关,并且该方法会重复,因此每个相关消息都将具有原始主键 就这样Django发送消息问题,django,Django,我有一个名为Message的模型,它有一个名为in_response_to的字段。我使用此字段通过在每个相关消息中存储原始消息的主键来标识哪些消息彼此相关,并列出所有消息 如果我收到你的新消息,我想回复。我会在我的文本框下创建一个隐藏的_字段,并存储新的消息主id,然后通过将主键存储在_response_to中来使用该字段创建消息,这样我就知道该消息与该消息相关,并且该方法会重复,因此每个相关消息都将具有原始主键 就这样 (1) = message primary key (s) = sto
(1) = message primary key
(s) = store message primary key inside in_response_to
John(1) send mail to Peter(s)
Peter(1) send mail to John(s)
John(1) send mail to Peter(s)
if messages.in_response_to:
if messages.user != request.user:
primary = messages.in_response_to
Message.objects.create(user=request.user,recipient=messages.user,body=body,in_response_to=primary)
return HttpResponseRedirect(reverse('world:message'))
if messages.user == request.user:
Message.objects.create(user=request.user,recipient=messages.recipient.user,body=body,in_response_to=primary)
Message.objects.create(user=request.user,recipient=messages.user,body=body,in_response_to=messages)
return HttpResponseRedirect(reverse('world:message'))
class Message(models.Model):
user = models.ForeignKey(User, related_name='sender')
recipient = models.ForeignKey(User, related_name='recipient')
created = models.DateTimeField(auto_now_add=True)
subject = models.CharField(max_length=100, blank=True)
body = models.CharField(max_length=1000)
read = models.BooleanField(default=False)
trash = models.BooleanField(default=False)
sentmessage = models.BooleanField(default=False)
in_response_to = models.ForeignKey('self', null=True, blank=True)
def __unicode__(self):
return self.body
@login_required
def read(request,id):
try:
messages = Message.objects.get(pk=id,recipient=request.user.id)
except Message.DoesNotExist:
return HttpResponseRedirect(reverse('world:Display'))
if request.method =='POST':
form = NewMessageForm(request.POST)
if form.is_valid():
id = request.POST.get('hidden_field', False)
try:
messages = Message.objects.get(pk=id)
except Message.DoesNotExist:
return HttpResponseRedirect(reverse('world:LoginRequest'))
body = form.cleaned_data['body']
if messages.in_response_to:
if messages.user != request.user:
primary = messages.in_response_to
Message.objects.create(user=request.user,recipient=messages.user,body=body,in_response_to=primary)
return HttpResponseRedirect(reverse('world:message'))
if messages.user == request.user:
Message.objects.create(user=request.user,recipient=messages.recipient.user,body=body,in_response_to=primary)
Message.objects.create(user=request.user,recipient=messages.user,body=body,in_response_to=messages)
return HttpResponseRedirect(reverse('world:message'))
if messages.in_response_to:
m = messages.in_response_to.id
message = Message.objects.filter(in_response_to=messages.in_response_to ).filter(created__lte=messages.created)
initial = {}
initial.update({'hidden_field': m})
form = NewMessageForm(initial=initial)
return render(request,'read.html',{'message':message,'form':form,'m':m})
initial = {}
initial.update({'hidden_field': messages.id})
form = NewMessageForm(initial=initial)
return render(request,'read.html',{'messages':messages,'form':form})
@login_required
def message(request):
form = CheckBoxForm()
messages = Message.objects.filter(recipient=request.user.id).order_by("-created")
return render(request,'messages.html',{'messages':messages,'form':form})
{{form.body}}{{form.hidden_field}}
<input type = "submit" value= "add" class="sen"/>
</form>
嗯,你应该明白你可能是黑客的受害者。如果他们可以在_response_中将
更改为隐藏输入class NewMessageForm(forms.Form):
body = forms.CharField(widget=forms.Textarea,required=False,max_length=22000)
hidden_field = forms.CharField(widget=forms.HiddenInput())
class Meta:
model = Message