Home > Backend Development > Python Tutorial > Python development [Django]: combined search, JSONP, XSS filtering

Python development [Django]: combined search, JSONP, XSS filtering

高洛峰
Release: 2017-02-22 10:37:52
Original
2025 people have browsed it

1. Simple implementation

Associated files:

from django.conf.urls import url
from . import views

urlpatterns = [
    url(r'^index.html/$',views.index),
    url(r'^article/(?P<article_type>\d+)-(?P<category>\d+).html/$',views.article)
]

url.py
Copy after login
<!DOCTYPE html>
<html>
<head>
    <meta charset="UTF-8">
    <title>Title</title>
    <style>
        .condition a{
            display:inline-block;
            padding: 3px 5px;
            border: 1px solid black;
        }
        .condition a.active{
            background-color: brown;
        }
    </style>
</head>
<body>
    <h2>过滤条件</h2>


    <div>
        {% if kwargs.article_type == 0 %}
            <a href="/article/0-{{ kwargs.category }}.html">全部</a>
        {% else %}
            <a href="/article/0-{{ kwargs.category }}.html">全部</a>
        {% endif %}

        {% for row in article_type %}
            {% if row.id == kwargs.article_type %}
                <a href="/article/{{ row.id }}-{{ kwargs.category }}.html">{{ row.caption }}</a>
            {% else %}
                <a  href="/article/{{ row.id }}-{{ kwargs.category }}.html">{{ row.caption }}</a>
            {% endif %}
        {% endfor %}
    </div>

    <div>
        {% if kwargs.category == 0 %}
            <a href="/article/{{ kwargs.article_type }}-0.html">全部</a>
        {% else %}
            <a href="/article/{{ kwargs.article_type }}-0.html">全部</a>
        {% endif %}

        {% for row in category %}
            {% if row.id == kwargs.category %}
                <a href="/article/{{ kwargs.article_type }}-{{ row.id }}.html">{{ row.caption }}</a>
            {% else %}
                <a href="/article/{{ kwargs.article_type }}-{{ row.id }}.html">{{ row.caption }}</a>
            {% endif %}
        {% endfor %}
    </div>

    <h2>查询结果</h2>
    <ul>
    {% for row in articles %}
        <li>{{ row.id }}-{{ row.title }}------[{{ row.article_type.caption }}]-[{{ row.category.caption }}]</li>
    {% endfor %}
    </ul>
</body>
</html>

article.html
Copy after login

Database structure:

from django.db import models
 
# Create your models here.
 
class Categoery(models.Model):
    caption = models.CharField(max_length=16)
 
class ArticleType(models.Model):
    caption = models.CharField(max_length=16)
 
class Article(models.Model):
 
    title = models.CharField(max_length=32)
    content = models.CharField(max_length=255)
 
    category = models.ForeignKey(Categoery)
    article_type = models.ForeignKey(ArticleType)
Copy after login

Processing files:

from . import  models
def article(request,*args,**kwargs):
 
    search_dict = {}
    for key,value in kwargs.items():
        kwargs[key] = int(value)        # 把字符类型转化为int类型 方便前端做if a == b  这样的比较
        if value !='0':
            search_dict[key] = value
    articles = models.Article.objects.filter(**search_dict) # 字典为空时表示搜索所有
 
    article_type = models.ArticleType.objects.all()
    category = models.Categoery.objects.all()
 
    return render(request,'article.html',{'articles':articles,
                                          'article_type':article_type,
                                         'category':category ,
                                          'kwargs':kwargs})
Copy after login

Note: It is not necessary to implement this function Difficult, the most important thing is to clarify the ideas inside; first, determine the url access path format http://127.0.0.1:8000/article/0-0.html, the first 0 represents the article_type field, and the second 0 Indicates the category field. If it is zero, it means searching for all information in this field. Confirming this is the first step to success. There is retrieval processing on the processing file; the second key point is to generate a dictionary search_dict for related searches. If If it is 0, it means searching all; the third key point is also a very clever way, passing the parameter kwargs to the front end again, it is a stroke of genius!

2. Another attempt (loading memory tuning)

Since the ArticleType type is fixed data for the blog, it will not be changed later, so you can load the data into the memory to speed up the query

<!DOCTYPE html>
<html>
<head>
    <meta charset="UTF-8">
    <title>Title</title>
    <style>
        .condition a{
            display:inline-block;
            padding: 3px 5px;
            border: 1px solid black;
        }
        .condition a.active{
            background-color: brown;
        }
    </style>
</head>
<body>
    <h2>过滤条件</h2>

    <div>
        {% if kwargs.article_type_id == 0 %}
            <a href="/article/0-{{ kwargs.category_id }}.html">全部</a>
        {% else %}
            <a href="/article/0-{{ kwargs.category_id }}.html">全部</a>
        {% endif %}

        {% for row in article_type%}
            {% if row.0 == kwargs.article_type_id %}
                <a href="/article/{{ row.0 }}-{{ kwargs.category_id }}.html">{{ row.1 }}</a>
            {% else %}
                <a  href="/article/{{ row.0 }}-{{ kwargs.category_id }}.html">{{ row.1 }}</a>
            {% endif %}
        {% endfor %}
    </div>

    <div>
        {% if kwargs.category_id == 0 %}
            <a href="/article/{{ kwargs.article_type_id }}-0.html">全部</a>
        {% else %}
            <a href="/article/{{ kwargs.article_type_id }}-0.html">全部</a>
        {% endif %}

        {% for row in category %}
            {% if row.id == kwargs.category_id %}
                <a href="/article/{{ kwargs.article_type_id }}-{{ row.id }}.html">{{ row.caption }}</a>
            {% else %}
                <a href="/article/{{ kwargs.article_type_id }}-{{ row.id }}.html">{{ row.caption }}</a>
            {% endif %}
        {% endfor %}
    </div>

    <h2>查询结果</h2>
    <ul>
    {% for row in articles %}
        <li>{{ row.id }}-{{ row.title }}------[{{ row.article_type }}]-[{{ row.category.caption }}]</li>
    {% endfor %}
    </ul>
</body>
</html>

article.html
Copy after login
from django.shortcuts import render
from django.shortcuts import HttpResponse

# Create your views here.

def index(request):


    return HttpResponse('Ok')


from . import  models
def article(request,*args,**kwargs):

    search_dict = {}
    for key,value in kwargs.items():
        kwargs[key] = int(value)        # 把字符类型转化为int类型 方便前端做if a == b  这样的比较
        if value !='0':
            search_dict[key] = value
    print(kwargs)
    articles = models.Article.objects.filter(**search_dict) # 字典为空时表示搜索所有

    article_type = models.Article.type_choice

    print(article_type)
    category = models.Categoery.objects.all()

    return render(request,'article.html',{'articles':articles,
                                          'article_type':article_type,
                                         'category':category ,
                                          'kwargs':kwargs})

处理文件.py
Copy after login

Database file:

from django.db import models
# Create your models here.
class Categoery(models.Model):
    caption = models.CharField(max_length=16)
 
# class ArticleType(models.Model):
#     caption = models.CharField(max_length=16)
 
class Article(models.Model):
    title = models.CharField(max_length=32)
    content = models.CharField(max_length=255)
 
    category = models.ForeignKey(Categoery)
    # article_type = models.ForeignKey(ArticleType)
    type_choice  = [
        (1,'Python'),
        (2,'Linux'),
        (3,'大数据'),
        (4,'架构'),
    ]
    article_type_id = models.IntegerField(choices=type_choice)
Copy after login

3. Use simple_tag to optimize the code

Associated files:

from django.db import models
# Create your models here.
class Categoery(models.Model):
    caption = models.CharField(max_length=16)

class ArticleType(models.Model):
    caption = models.CharField(max_length=16)

class Article(models.Model):
    title = models.CharField(max_length=32)
    content = models.CharField(max_length=255)

    category = models.ForeignKey(Categoery)
    article_type = models.ForeignKey(ArticleType)
    # type_choice  = [
    #     (1,'Python'),
    #     (2,'Linux'),
    #     (3,'大数据'),
    #     (4,'架构'),
    # ]
    # article_type_id = models.IntegerField(choices=type_choice)

数据库文件.py
Copy after login
from django.shortcuts import render
from django.shortcuts import HttpResponse

# Create your views here.

def index(request):


    return HttpResponse('Ok')


from . import models
def article(request, *args, **kwargs):
    search_dict = {}
    for key, value in kwargs.items():
        kwargs[key] = int(value)  # 把字符类型转化为int类型 方便前端做if a == b  这样的比较
        if value != '0':
            search_dict[key] = value
    articles = models.Article.objects.filter(**search_dict)  # 字典为空时表示搜索所有

    article_type = models.ArticleType.objects.all()

    print(article_type)
    category = models.Categoery.objects.all()


    return render(request, 'article.html', {'articles': articles,
                                            'article_type': article_type,
                                            'category': category,
                                            'kwargs': kwargs})

处理文件.py
Copy after login
{% load filter %}
<!DOCTYPE html>
<html>
<head>
    <meta charset="UTF-8">
    <title>Title</title>
    <style>
        .condition a{
            display:inline-block;
            padding: 3px 5px;
            border: 1px solid black;
        }
        .condition a.active{
            background-color: brown;
        }
    </style>
</head>
<body>
    <h2>过滤条件</h2>
    <div>
        {% filter_all  kwargs 'article_type'%}

        {% filter_single article_type kwargs 'article_type'%}
    </div>
    <div>
        {% filter_all  kwargs 'category'%}
        {% filter_single category kwargs 'category'%}
    </div>

    <h2>查询结果</h2>
    <ul>
    {% for row in articles %}
        <li>{{ row.id }}-{{ row.title }}------[{{ row.article_type.caption }}]-[{{ row.category.caption }}]</li>
    {% endfor %}
    </ul>
</body>
</html>

article.html
Copy after login

Create templatetags directory , create the filter.py file in the directory:

from django import template
from django.utils.safestring import mark_safe
register = template.Library()
 
@register.simple_tag
def filter_all(kwargs,type_str):
    print(type_str)
    if type_str == 'article_type':
        if kwargs['article_type'] == 0:
            tmp = '<a href = "/article/0-%s.html" class ="active" > 全部 </a>'%(kwargs['category'])
        else:
            tmp = '<a href = "/article/0-%s.html"> 全部 </a>'%(kwargs['category'])
 
    elif type_str == 'category':
        if kwargs['category'] == 0:
            tmp = '<a href = "/article/%s-0.html" class ="active" > 全部 </a>' % (kwargs['article_type'])
        else:
            tmp = '<a href = "/article/%s-0.html"> 全部 </a>' % (kwargs['article_type'])
 
    return mark_safe(tmp)
 
@register.simple_tag()
def filter_single(type_obj,kwargs,type_str):
 
    print(type_str)
    tmp = ''
    if type_str == 'article_type':
        for row in type_obj:
            if row.id == kwargs['article_type']:
                tag = '<a class="active" href="/article/%s-%s.html">%s</a>\n'%(row.id,kwargs['category'],row.caption)
            else:
                tag = '<a href="/article/%s-%s.html">%s</a>\n' % (row.id, kwargs['category'],row.caption)
            tmp +=tag
    elif type_str == 'category':
        for row in type_obj:
            if row.id == kwargs['category']:
                tag = '<a class="active" href="/article/%s-%s.html">%s</a>\n' % (kwargs['article_type'],row.id, row.caption)
            else:
                tag = '<a href="/article/%s-%s.html">%s</a>\n' % (kwargs['article_type'], row.id, row.caption)
            tmp += tag
 
    return mark_safe(tmp)
Copy after login

HTML file main content:

{% load filter %}
<body>
    <h2>过滤条件</h2>
    <div class="condition">
        {% filter_all  kwargs 'article_type'%}
 
        {% filter_single article_type kwargs 'article_type'%}
    </div>
    <div class="condition">
        {% filter_all  kwargs 'category'%}
        {% filter_single category kwargs 'category'%}
    </div>
 
    <h2>查询结果</h2>
    <ul>
    {% for row in articles %}
        <li>{{ row.id }}-{{ row.title }}------[{{ row.article_type.caption }}]-[{{ row.category.caption }}]</li>
    {% endfor %}
    </ul>
</body>
Copy after login

JSONP

JSONP (JSON with Padding) is a "usage mode" of JSON ”, which can be used to solve the problem of cross-domain data access by mainstream browsers. Due to the same-origin policy, generally speaking, web pages located at server1.example.com cannot communicate with servers other than server1.example.com, with the exception of the HTML

Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template