Showing posts with label web programming. Show all posts
Showing posts with label web programming. Show all posts

Wednesday, March 5, 2014

Site matching query does not exist -- Django

Background: 

When migrating from sqlite3 to postgresql, after running

 python manage.py syncdb

 got error message “Site matching query does not exist.

The cause: 

Table django_site does not have any entry.

The fix: 

python manage.py shell
from django.contrib.sites.models import Site
Site.objects.all()
Site.objects.create(pk=1, domain='127.0.0.1:8000', name='localhost'



Credit : 


http://stackoverflow.com/questions/6957360/admin-login-stopped-functioning-django










Posted by



at





No comments:
  


















Labels:
,

















          

        

          

        

Tuesday, September 6, 2011


          

        









Django Csrf verification failed














The first problem is met when I am connecting Django with MySql.



Installing MySqldb (or MySql-python) from the site:









The second problem is Forbidden (403) CSRF verification failed. Request aborted.



Assuming everything else is fine.



The solution is to add into "settings.py=>MIDDLEWARE_CLASSES"

the line



'django.middleware.csrf.CsrfResponseMiddleware',
















How to use CSRF



To enable CSRF protection for your views, follow these steps:


    

  1. 
Add the middleware 'django.middleware.csrf.CsrfViewMiddleware' to your list of middleware classes,MIDDLEWARE_CLASSES. (It should come and before any view middleware that assume that CSRF attacks have been dealt with.)
    

    
Alternatively, you can use the decorator csrf_protect() on particular views you want to protect (see below).
    

    2. 

  2. 
In any template that uses a POST form, use the csrf_token tag inside the
    

    
element if the form is for an internal URL, e.g.:
    

    

    {% csrf_token %}
    

    

    
This should not be done for POST forms that target external URLs, since that would cause the CSRF token to be leaked, leading to a vulnerability.
    

    

    3. 

  3. 
In the corresponding view functions, ensure that the 'django.core.context_processors.csrf' context processor is being used. Usually, this can be done in one of two ways:
    

      

    1. 
Use RequestContext, which always uses 'django.core.context_processors.csrf' (no matter what your TEMPLATE_CONTEXT_PROCESSORS setting). If you are using generic views or contrib apps, you are covered already, since these apps use RequestContext throughout.
      

      2. 

    2. 
Manually import and use the processor to generate the CSRF token and add it to the template context. e.g.:
      

      

      

      from django.core.context_processors import csrf from django.shortcuts import render_to_response  def my_view(request):     c = {}     c.update(csrf(request))     # ... view code here     return render_to_response("a_template.html", c) 
      

      

      

      
You may want to write your own render_to_response() wrapper that takes care of this step for you.
      

      3. 

    

    4. 




The utility script extras/csrf_migration_helper.py can help to automate the finding of code and templates that may need these steps. It contains full help on how to use it.














Posted by



at





No comments:
  


















Labels:
,
,
,
,

















        

      









Subscribe to:
Posts (Atom)