标签:img 防止 多行注释 逻辑 models ddl 中间件 escape 密码
DIRS=[os.path.join(BASE_DIR,"templates")]
loader.get_template(template_name),返回一个Template对象
Template对象的render(RequestContext)方法,使用context渲染模板
from django.template import loader, RequestContext
from django.http import HttpResponse
def index(request):
    tem = loader.get_template(‘temtest/index.html‘)
    context = RequestContext(request, {})
    return HttpResponse(tem.render(context))
from django.shortcuts import render
def index(request):
    return render(request, ‘temtest/index.html‘)
{{ variable }}
from django.db import models
class HeroInfo(models.Model):
    ...
    def showName(self):
        return self.hname
from django.shortcuts import render
from models import *
def index(request):
    hero = HeroInfo(hname=‘abc‘)
    context = {‘hero‘: hero}
    return render(request, ‘temtest/detail.html‘, context)
{{hero.showName}}
{ %for ... in ...%}
循环逻辑
{{forloop.counter}}表示当前是第几次循环
{ %empty%}
给出的列表为或列表不存在时,执行此处
{ %endfor%}
{ %if ...%}
逻辑1
{ %elif ...%}
逻辑2
{ %else%}
逻辑3
{ %endif%}
{ % comment % }
多行注释
{ % endcomment % }
{ %include "foo/bar.html" % }
{ % url ‘name‘ p1 p2 %}
{ % csrf_token %}
if list1|length > 1
name|lower|upper
list|join:", "
value|default:"什么也没有"
value|date:‘Y-m-d‘
{#...#}
{# { % if foo % }bar{ % else % } #}
 { %block block_name%}
这里可以定义默认值
如果不定义默认值,则表示空字符串
{ %endblock%}
{ % extends "base.html" %}
{ %block block_name%}
实际填充内容
{ %endblock%}
{ % block block_name %}
区域内容
{ % endblock block_name %}

<!DOCTYPE html>
<html>
<head>
    <title>{%block title%}{%endblock%} 水果超市</title>
</head>
<body>
top--{{logo}}
<hr/>
{%block left%}{%endblock%}
{%block content%}{%endblock%}
<hr/>
bottom
</body>
</html>
{%extends ‘temtest/base.html‘%}
{%block title%}商品{%endblock%}
{%block left%}
<h1>goods left</h1>
{%endblock%}
{%extends ‘temtest/base.html‘%}
{%block title%}用户中心{%endblock%}
{%block left%}
<font color=‘blue‘>user left</font>
{%endblock%}
{%extends ‘temtest/base.html‘%}
{%block content%}
首页内容
{%endblock content%}
{%extends ‘temtest/base_goods.html‘%}
{%block content%}
商品正文列表
{%endblock content%}
{%extends ‘temtest/base_user.html‘%}
{%block content%}
用户密码修改
{%endblock content%}
logo=‘welcome to itcast‘
def index(request):
    return render(request, ‘temtest/index.html‘, {‘logo‘: logo})
def goodslist(request):
    return render(request, ‘temtest/goodslist.html‘, {‘logo‘: logo})
def userpwd(request):
    return render(request, ‘temtest/userpwd.html‘, {‘logo‘: logo})
from django.conf.urls import url
from . import views
urlpatterns = [
    url(r‘^$‘, views.index, name=‘index‘),
    url(r‘^list/$‘, views.goodslist, name=‘list‘),
    url(r‘^pwd/$‘, views.userpwd, name=‘pwd‘),
]
视图代码:
def index(request):
    return render(request, ‘temtest/index2.html‘,
                  {
                      ‘t1‘: ‘<h1>hello</h1>‘
                  })
模板代码:
{{t1}}

< 会转换为<
> 会转换为>
‘ (单引号) 会转换为'
" (双引号)会转换为 "
& 会转换为 &
{{t1|escape}}
{{ data|safe }}
{ % autoescape off %}
{{ body }}
{ % endautoescape %}
{ { data|default:"<b>123</b>" }}
{ { data|default:"<b>123</b>" }}def csrf1(request):
    return render(request,‘booktest/csrf1.html‘)
def csrf2(request):
    uname=request.POST[‘uname‘]
    return render(request,‘booktest/csrf2.html‘,{‘uname‘:uname})
url(r‘^csrf1/$‘, views.csrf1),
url(r‘^csrf2/$‘, views.csrf2),
<html>
<head>
    <title>Title</title>
</head>
<body>
<form method="post" action="/crsf2/">
    <input name="uname"><br>
    <input type="submit" value="提交"/>
</form>
</body>
</html>
<html>
<head>
    <title>Title</title>
</head>
<body>
{{ uname }}
</body>
</html>

<form>
{% csrf_token %}
...
</form>

from django.views.decorators.csrf import csrf_exempt
@csrf_exempt
def csrf2(request):
    uname=request.POST[‘uname‘]
    return render(request,‘booktest/csrf2.html‘,{‘uname‘:uname})
<input type=‘hidden‘ name=‘csrfmiddlewaretoken‘ value=‘nGjAB3Md9ZSb4NmG1sXDolPmh3bR2g59‘ />

标签:img 防止 多行注释 逻辑 models ddl 中间件 escape 密码
原文地址:http://www.cnblogs.com/DarrenChan/p/7903764.html