Overview
Jeff was happy to work with Kendyl on PCEP prep this past Saturday. If you'd like to take another crack at it, next Saturday, January 17 from 9 am to 12 noon will be your last opportunity to do so.
Friday, January 16th
We'll start with a quiz to make sure you're keeping up with Django's URL Routing and MVT structure
Discussion - Security
Today we'll chat about security - we know enough now to be dangerous, so there is some responsibility involved in building the kinds of dynamic web applications what we'll build this semester.
We'll spend a few minutes reviewing Dr. Chuck's danger example and then we'll play with some of our own examples. Specifically, we'll layer in our knowledge of SQL to investigate SQL Injection Attacks and our knowledge of JavaScript to investigate Cross-site scripting attacks
Once we understand the theory, we'll try it out by hacking a bank (... a pretend one!) Here's our victim
Finally, we'll look at the silly story of Little Bobby Tables
Classwork - Templates
Now that we know to use the escape() function, we'll start building some of our own django templates. For this activity, we'll return to our blank DJango apps that you setup with Jeff in week 14 (see the instructions here: Setting Up Your Local Workstation for Django Development)
We'll walk through the process of setting up our first view together, and then you'll repeat the process on your own for homework.
Homework
No homework! The assignment that I originally planned for homework today will be moved to next week. Check out next Wednesday's less on plan for that assignment.
Wednesday, January 14th
Classwork
Today is a short day, so we'll dive in quickly! Our goal today is to make sure we understand how all three parts of the Django app come together.
First, we'll all clone Dr. Chuck's DJ4E sample repo, and we'll get it running.
From there, we'll slowly walk through a few of the samples:
- views/game, tmpl/game, and views/rest
- views/danger/
There is a lot to know about the "danger" example. We'll play with it a lot more next time.
Homework
Continue working on your book review SSG from last time. Two activities this time:
- Add a second type of review. You can choose from movies, albums, or you can choose anything else you might want to review. Your new review template should inherit from the same base template, but should have some unique fields.
- Spruce up your base template. Add some more header content and some CSS to make your reviews website look nice!
Monday, January 12th
Classwork
For this class, we'll play with Django's Template Engine, and then for homework you'll watch Dr. Chuck's videos about Django Views, which are the glue that holds all of Django together.
We'll start today with a quiz on the template videos.
After that, we'll have a little chat about template engines, and how useful for all kinds of things. Chris **loves** template engines, so he'll have a lot to say here =).
To practice with template engines, we'll create a simple Static site generator(SSG) , which uses a template engine to minimize repetition. We wrote some starter code for a book review website here:
starter code. And for homework, you should work on adding a few more books to your website.
Homework
Now that we understand Models and Templates, it's time to learn about views. This will be an exciting time, because we'll finally be able to put everything together and start building complete Django apps.
For homework, watch and take notes on these videos:
- In the lesson
"Understanding Model View Controller", watch:
- "Model View Controller in Django (7:07)"
- In the lesson
"Django Views and Templates", watch:
- URL Routing in Django (6:59)
- Django Views (6:19)