Web---A:
from flask import *
app = Flask(__name__)
@app.route(‘/‘, methods=["post", "GET"])
def index():
if request.method == "POST":
username = request.form.get("username")
password = request.form.get("password")
# response = make_response()
if not all([username, password]):
return "参数错误"
else:
print(username,password)
if username == "狗子" and password == "666":
response = redirect(url_for("xxx"))
response.set_cookie("username",username)
return response
else:
print("错误")
return render_template("tp_index.html")
@app.route(‘/xxx‘,methods=["post", "GET"])
def xxx():
username = request.cookies.get("username")
if not username:
return redirect(url_for("index"))
if request.method =="POST":
to_name = request.form.get("username")
money = request.form.get("money")
csrfToken = request.form.get("csrfToken")
csrfToken_cookie = request.cookies.get("csrftoken")
if not all([to_name,money]):
return "错误"
else:
if csrfToken != csrfToken_cookie:
return "验证失败"
return "转帐%s元给%s"%(money,to_name)
csrfToken = "sdfdsfdsf"
response = make_response(render_template("zhuanzhang.html",csrfToken=csrfToken))
response.set_cookie("csrftoken",csrfToken)
return response
if __name__ == ‘__main__‘:
app.run(debug=True, port=8886)
Web---B:
from flask import *
app = Flask(__name__)
@app.route(‘/‘,methods=["POST","GET"])
def index():
return render_template("gongji.html")
if __name__ == ‘__main__‘:
app.run(debug=True,port=7777)
代码中的网页:
tp_index网页:
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Title</title>
</head>
<body>
<form method="post" >
<label>名字:</label><input type="text" name="username"><br/>
<label>密码:</label><input type="password" name="password"><br/>
<input type="submit" value="登陆">
</form>
</body>
</html>
zhuanzhang网页:
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>转帐页面</title>
</head>
<body>
<form method="post" >
<input type="hidden" name="csrfToken" value="{{ csrfToken }}">
<label>入账用户:</label><input type="text" name="username" ><br/>
<label>金额:</label><input type="number" name="money"><br/>
<input type="submit" value="转帐">
</form>
</body>
</html>
gongji网页:
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Title</title>
</head>
<body>
<form method="post" action="http://127.0.0.1:8886/xxx">
<input type="hidden" name="username" value="张新宇"><br/>
<input type="hidden" name="money" value="9999"><br/>
<input type="submit" value="点击小视频">
</form>
</body>
</html>
原文:https://www.cnblogs.com/zhangshuntao123/p/11631414.html