Opened 6 years ago

Closed 6 years ago

#30126 closed Bug (invalid)

Incorrect validation of forms.DecimalField

Reported by: Roman Paranichev Owned by: nobody
Component: Forms Version: 2.1
Severity: Normal Keywords:
Cc: Triage Stage: Unreviewed
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description

Steps to reproduce:

  1. create html form
<form action="/payment/">
<input type="number" step="0.01" name="amount" value="0.02" required>
<input type="submit" value="Submit">
</form>
  1. create django-form for validation:
from django import forms

class CreatePaymentForm(forms.Form):
    amount = forms.DecimalField(min_value=0.02, max_digits=12, decimal_places=2)
  1. Try to validate from in a view class:
import json
from django.http import HttpResponse
from django.views.generic import View
from django.contrib.auth.decorators import login_required
from django.utils.decorators import method_decorator
from django.views.decorators.csrf import csrf_exempt
from api.forms import CreatePaymentForm

@method_decorator(login_required, name='dispatch')
@method_decorator(csrf_exempt, name='dispatch')
class PaymentView(View):

    def post(self, request):
        form = CreatePaymentForm(request.POST)
        if form.is_valid():
              pass
        print("post: %s, errors: %s" % (request.POST, form.errors))
        return HttpResponse(json.dumps({'errors': form.errors}), status=400)

The output will be:
post: <QueryDict: {'amount': ['0.02']}>, errors: <ul class="errorlist"><li>amount<ul class="errorlist"><li>Ensure this value is greater than or equal to 0.02.</li></ul></li></ul>

Change History (2)

comment:1 by Roman Paranichev, 6 years ago

runserver output

System check identified no issues (0 silenced).
January 23, 2019 - 22:19:34
Django version 2.1.4, using settings 'mif2.settings'
Starting development server at http://127.0.0.1:8000/
Quit the server with CONTROL-C.
post: <QueryDict: {'amount': ['0.02']}>, errors: <ul class="errorlist"><li>amount<ul class="errorlist"><li>Убедитесь, что это значение больше либо равно 0.02.</li></ul></li></ul>
Bad Request: /api/payment/
[23/Jan/2019 22:19:38] "POST /api/payment/ HTTP/1.1" 400 269

comment:2 by Tim Graham, 6 years ago

Resolution: invalid
Status: newclosed
Type: UncategorizedBug

As I said in #30125, please try with min_value=Decimal('0.02') -- floats like 0.02 may not keep precision. Ideally, you would debug the issue yourself and explain where the issue is. Also, try to put together a more minimal example that reproduces the issue. For example, @method_decorator(login_required, name='dispatch') isn't required. Please reopen if you investigate further and find Django at fault.

Note: See TracTickets for help on using tickets.
Back to Top