1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
<!DOCTYPE html>
{% load staticfiles %}
<html lang="en">
<head>
<meta charset="UTF-8">
<title>车辆违章查询</title>
<style>
* {
font: 18px/30px Arial;
}
#container {
width: 960px;
margin: 0 auto;
}
#container form {
width: 620px;
margin: 10px auto;
padding-top: 100px;
}
#container form input[type=search] {
display: inline-block;
width: 480px;
height: 30px;
}
#container form input[type=submit] {
display: inline-block;
width: 80px;
height: 40px;
border: None;
background-color: red;
color: white;
margin-left: 20px;
}
#container table {
width: 920px;
margin: 20px auto;
border-collapse: collapse;
}
#container table th {
font-weight: bolder;
border-bottom: 1px solid darkgray;
}
#container table td {
text-align: center;
height: 50px;
width: 180px;
}
</style>
</head>
<body>
<div id="container">
<form action="/search" method="post">
<!-- 跨站身份伪造: 利用浏览器存储的cookie中的用户身份标识冒充用户执行操作 -->
<!-- 防范跨站身份伪造最佳的做法就是在表单中放置随机令牌 -->
<!-- 除此之外通过设置令牌还可以防范表单重复提交以及重放攻击 -->
<!-- 隐藏域 / 隐式表单域: 页面上是无法看到该内容-->
{% csrf_token %}
<input type="search" name="carno" placeholder="请输入你的车牌号" required>
<input type="submit" value="搜索">
</form>
<hr>
{% if show_result %}
<table>
<tr>
<th>车牌号</th>
<th>违章原因</th>
<th>违章时间</th>
<th>处罚方式</th>
<th>是否受理</th>
</tr>
{% for record in record_list %}
<tr>
<td>{{ record.carno }}</td>
<td>{{ record.reason }}</td>
<td>{{ record.happen_date }}</td>
<td>{{ record.punish }}</td>
<td>
{% if record.isdone %}
<img src="{% static '/images/icon-yes.svg' %}">
{% else %}
<img src="{% static '/images/icon-no.svg' %}">
{% endif %}
</td>
</tr>
{% endfor %}
</table>
{% endif %}
</div>
</body>
</html>