Title Text

class BlogPost(models.Model):
    title = models.CharField(max_length=255)
    body = models.TextField()
    author = models.ForeignKey(User)

 user = User.objects.get(username='victor')

 post = BlogPost(title='Hello world', body='...', author=user)

 post.save()

 my_posts = BlogPost.objects.filter(author=user)

Title Text

urlpatterns = [
    path('posts/', views.all_posts),
    path('posts/page/<int:page_number>/', views.posts_page),
    path('posts/<author>/', views.posts_author),
]
def posts_author(request, author):
    posts = BlogPost.objects.filter(author=author)
    return render(request, 'posts/list.html', {'posts': posts})
{% extends 'base.html' %}

{% block content %}

  {% for post in posts %}
    {{ post.title }}

    {% if post.author %}
      {{ author.username }}
    {% else %}
      Anonymous
    {% endif %}
  {% endfor %}

{% endblock %}
<html>
  <head>...</head>
  <body>
    {% block content %}{% endblock %}
  </body>
</html>

 query = "SELECT * FROM users WHERE userId = " + id;
SELECT * FROM users WHERE username = admin OR 1=1; 
 SELECT * FROM Users WHERE Name ="" or ""="" AND Pass ="" or ""="" 
 {{ comment }}

deck

By victorlf

Made with Slides.com

deck

  • 280

More from victorlf

  • A brief history of Web... and web development
    victorlf
    424
  • Developing a web application with Flask
    victorlf
    1341
  • Una història de la web... i el desenvolupament web
    victorlf
    359