Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Deleting objects in Django

Tags:

In a mini blog app, I want to create a delete function, so that the owner of the blog can delete his entries (and only his entries). I guess that the only methods for doing do, is using a form. Though my the deletion code seems clear and correct, it doesn't work. My code:

def delete_new(request,id):    u = New.objects.get(pk=id).delete()    if request.method == 'POST':        form = DeleteNewForm(request.POST)            form.u.delete()                     form.save()       return render_to_response('news/deleteNew.html', {            'form': form,            },          context_instance=RequestContext(request))

and in the template:

<a href='/news/delete_new/{{object.id}}/'> Delete</a> <br />

Is this a correct approach? I mean, creating a form for this? also, the only way to take the blog post associated with the deletion link is having an id as a parameter. Is it right? I mean, maybe any user can type another id, in the url, and delete another entry (eventually not one of his)

like image 425
dana Avatar asked Jun 26 '10 16:06

dana

People also ask

How do I delete a model in Django?

Now doing “python manage.py migrate” will migrate the old models data and its relations to the new one. Then do “makemigrations” and “migrate”! That's it. You have successfully removed a Django model and its relations without introducing any errors in your project.

How do I delete data in Django?

To delete a record we do not need a new template, but we need to make some changes to the members template. Of course, you can chose how you want to add a delete button, but in this example, we will add a "delete" link for each record in a new table column. The "delete" link will also contain the ID of each record.

How does Django on delete work?

This option works the same as the name suggests; it takes the default value set when defining the relationship. When we delete the referred object, then the referencing object value will be assigned with the default value that we have created.

1 Answers

You need to use a form, or you're vulnerable to CSRF attacks. You're also deleting the model before you've checked whether the request was a GET or a POST.

Create a simple ModelForm:

from django import forms  from .models import New  class DeleteNewForm(forms.ModelForm):     class Meta:         model = New         fields = []

In your views.py in the same Django app:

from django.shortcuts import render, get_object_or_404  from .forms import DeleteNewForm from .models import New  def delete_new(request, new_id):     new_to_delete = get_object_or_404(New, id=new_id)     #+some code to check if this object belongs to the logged in user      if request.method == 'POST':         form = DeleteNewForm(request.POST, instance=new_to_delete)          if form.is_valid(): # checks CSRF             new_to_delete.delete()             return HttpResponseRedirect("/") # wherever to go after deleting      else:         form = DeleteNewForm(instance=new_to_delete)      template_vars = {'form': form}     return render(request, 'news/deleteNew.html', template_vars)
like image 181
Wilfred Hughes Avatar answered Oct 09 '22 03:10

Wilfred Hughes
Sign in to Comment

Related questions

Python String Formats with SQL Wildcards and LIKE
How to Add/Edit the Iteration Field in Team Foundation Server Scrum v1.0 beta Workflow
Formatting a complete project in NetBeans
How to get request uri from location.href in javascript?
Eclipse ==> Ant plugin?
ParNew gc will stop the world?
Where can I change the Asp.net MVC 3 Razor syntax highlighting in VS10?
Python / Django - If statement in template around extends
In C++ is there a way to go to a specific line in a text file?
Preventing cache on back-button in Safari 5
Create a parameter in rdlc report
smush.it vs OptiPNG / pngcrush [closed]

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!