Here they say it's not supported out of the box.
在这里,他们说它不支持开箱即用。
Do you know a way to make HTML input form fields use the 'readonly' attribute with WTForms?
您是否知道一种使HTML输入表单字段使用WTForms的'readonly'属性的方法?
4 个解决方案
#1
15
I assume you are talking about the <input readonly>
attribute in HTML/XHTML, which is not what that discussion thread you linked is about. (the linked thread is about a lower-level issue with how to ignore passed form input)
我假设您正在讨论HTML / XHTML中的属性,这不是您链接的讨论主题的内容。 (链接的线程是关于如何忽略传递的表单输入的低级问题)
The way to set a readonly attribute (and indeed any attribute on a field) is as a keyword-arg in your template. If using Jinja, this looks like (html5):
设置readonly属性(实际上是字段上的任何属性)的方法是在模板中作为keyword-arg。如果使用Jinja,这看起来像(html5):
{{ form.myfield(readonly=true) }}
And for XHTML or versions of WTForms older than 0.6.3:
对于XHTML或早于0.6.3的WTForms版本:
{{ form.myfield(readonly="readonly") }}
Just note that the 'readonly' attribute is only a hint to the browser, and it has no impact on what the user submits. This is to say, a malicious user (or someone using a browser with custom JS a la greasemonkey or a JS console or a DOM tree) could generate a POST request changing the value of a field regardless of whether the readonly attribute is set on the input tag.
请注意,'readonly'属性只是浏览器的一个提示,它对用户提交的内容没有任何影响。也就是说,恶意用户(或者使用带有自定义JS浏览器或者JS控制台或DOM树的浏览器)可以生成更改字段值的POST请求,而不管是否在readonly属性上设置了输入标签。
For this reason, the readonly attribute is only useful as an option to modify the user experience (for example, disabling a field based on some event/action using JS) and the input coming from a 'readonly' field is no more trust-able than any other form input.
出于这个原因,readonly属性仅用作修改用户体验的选项(例如,使用JS禁用基于某些事件/操作的字段),来自'readonly'字段的输入不再可信任比任何其他形式的输入。
#2
9
The solution is using render_kw
in form field declaration.
解决方案是在表单字段声明中使用render_kw。
my_field = fields.StringField('Label', render_kw={'readonly': True})
#3
4
https://wtforms-components.readthedocs.org/en/latest/#
from wtforms import Form, DateField, TextField
from wtforms_components import TimeField, read_only
class EventForm(Form):
name = TextField('Name')
start_date = DateField('Start date')
start_time = TimeField('Start time')
def __init__(self, *args, **kwargs):
super(EventForm, self).__init__(*args, **kwargs)
read_only(self.name)
#4
0
Another possibility is to use a hidden field, and then in your view, you can print out {{ form.field.data }}
to display as text.
另一种可能是使用隐藏字段,然后在您的视图中,您可以打印出{{form.field.data}}以显示为文本。
#1
15
I assume you are talking about the <input readonly>
attribute in HTML/XHTML, which is not what that discussion thread you linked is about. (the linked thread is about a lower-level issue with how to ignore passed form input)
我假设您正在讨论HTML / XHTML中的属性,这不是您链接的讨论主题的内容。 (链接的线程是关于如何忽略传递的表单输入的低级问题)
The way to set a readonly attribute (and indeed any attribute on a field) is as a keyword-arg in your template. If using Jinja, this looks like (html5):
设置readonly属性(实际上是字段上的任何属性)的方法是在模板中作为keyword-arg。如果使用Jinja,这看起来像(html5):
{{ form.myfield(readonly=true) }}
And for XHTML or versions of WTForms older than 0.6.3:
对于XHTML或早于0.6.3的WTForms版本:
{{ form.myfield(readonly="readonly") }}
Just note that the 'readonly' attribute is only a hint to the browser, and it has no impact on what the user submits. This is to say, a malicious user (or someone using a browser with custom JS a la greasemonkey or a JS console or a DOM tree) could generate a POST request changing the value of a field regardless of whether the readonly attribute is set on the input tag.
请注意,'readonly'属性只是浏览器的一个提示,它对用户提交的内容没有任何影响。也就是说,恶意用户(或者使用带有自定义JS浏览器或者JS控制台或DOM树的浏览器)可以生成更改字段值的POST请求,而不管是否在readonly属性上设置了输入标签。
For this reason, the readonly attribute is only useful as an option to modify the user experience (for example, disabling a field based on some event/action using JS) and the input coming from a 'readonly' field is no more trust-able than any other form input.
出于这个原因,readonly属性仅用作修改用户体验的选项(例如,使用JS禁用基于某些事件/操作的字段),来自'readonly'字段的输入不再可信任比任何其他形式的输入。
#2
9
The solution is using render_kw
in form field declaration.
解决方案是在表单字段声明中使用render_kw。
my_field = fields.StringField('Label', render_kw={'readonly': True})
#3
4
https://wtforms-components.readthedocs.org/en/latest/#
from wtforms import Form, DateField, TextField
from wtforms_components import TimeField, read_only
class EventForm(Form):
name = TextField('Name')
start_date = DateField('Start date')
start_time = TimeField('Start time')
def __init__(self, *args, **kwargs):
super(EventForm, self).__init__(*args, **kwargs)
read_only(self.name)
#4
0
Another possibility is to use a hidden field, and then in your view, you can print out {{ form.field.data }}
to display as text.
另一种可能是使用隐藏字段,然后在您的视图中,您可以打印出{{form.field.data}}以显示为文本。