Sometimes, we need to pass hidden fields with an initial value in forms but cannot trust the returned values because it could have been tampered. So here is a form that adds an additional 'hidden' field (called 'form_hash') that hashes all the initial value of hidden fields and checks for tampering. Pretty straightforward to use.
Shows field value as plain text which can't be edited by user. Field value (or key value for foreign keys) is stored in hiddden input. Value of field is stored in hidden input and current value is placed as plain text. User can't change it's value. If field is foreign key then additional attribute 'key' should be set to True (key is stored in hidden field and unicode value is visible): self.fields['my_field'].widget = HiddenInputWithText(attrs={ 'key' : True }) There is one condition: for foreign key field its name have to be same as lowercased model name. Default 'key' value - False is correct for non-foreign key fields: self.fields['my_field'].widget = HiddenInputWithText()
This is an example of how you change a ChoiceField select widget into a hidden field if the right GET variable is passed. In this example code it would change the select widget into something like the following if something like "?d=3" was passed. `<p><label for="id_designation">Designation</label>Designation Option<input type="hidden" name="designation" value="3" id="id_designation" /></p>`
This code demonstrates two simple techniques: 1. so-called "dynamic" forms, in which the form is created at run time by the model 2. using a widget (forms.widgets.HiddenInput) for a field of the form. I feel like this could be highlighted more in the documentation. You need to do something similar to get a textarea (forms.CharField(widget=forms.widgets.Textarea()) and it took me too long to figure this out. There are, no doubt, good reasons not to do what I'm doing here the way I'm doing it. Peanut gallery?
This snippet prevents people from tampering with the data in hidden form fields. This is something you usually want unless you have some Javascript Vodoo going on on the browser side. For the people scratching their heads: This form class will dynamically create a clean function for every passed additional hidden field, which just returns the original value of the hidden field. So the data in the hidden field posted gets actually ignored when calling the (overwritten) clean_{field name} function. This class is just an example using the protected hidden field feature for all passed field variables, which is probably not what you want. You have to add the editable fields the end of the __init__ function in the class. Example: `self.fields['bestbeer'] = forms.CharField(max_length=23)`
Have your forms descend from this BaseForm if you need to be able to render a valid form as hidden fields for re-submission, e.g. when showing a preview of something generated based on the form's contents. Custom form example: >>> from django import newforms as forms >>> class MyForm(HiddenBaseForm, forms.Form): ... some_field = forms.CharField() ... >>> f = MyForm({'some_field': 'test'}) >>> f.as_hidden() u'<input type="hidden" name="some_field" value="test" id="id_some_field" />' With `form_for_model`: SomeForm = forms.form_for_model(MyModel, form=HiddenBaseForm)
6 snippets posted so far.