search2.html

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>车辆违章查询</title>
    <style>
        * {
            font: 18px/30px Arial;
        }
        #container {
            width: 960px;
            margin: 0 auto;
        }
        #search {
            width: 720px;
            margin: 10px auto;
            padding-top: 100px;
        }
        #search input[type=search] {
            display: inline-block;
            width: 480px;
            height: 30px;
        }
        #search input[type=submit] {
            display: inline-block;
            width: 80px;
            height: 40px;
            border: None;
            background-color: red;
            color: white;
            margin-left: 20px;
        }
        #result {
            width: 920px;
            margin: 20px auto;
            border-collapse: collapse;
        }
        #result th {
            font-weight: bolder;
            border-bottom: 1px solid darkgray;
        }
        #result td, #result th {
            text-align: center;
            height: 50px;
            width: 180px;
        }
    </style>
</head>
<body>
    <div id="container">
        <form id="search" action="/search" method="post">
            <!-- 跨站身份伪造: 利用浏览器存储的cookie中的用户身份标识冒充用户执行操作 -->
            <!-- 防范跨站身份伪造最佳的做法就是在表单中放置随机令牌 -->
            <!-- 除此之外通过设置令牌还可以防范表单重复提交以及重放攻击 -->
            <!-- 隐藏域 / 隐式表单域: 页面上是无法看到该内容-->
            {% csrf_token %}
            <input type="search" id="carno" name="carno" placeholder="请输入你的车牌号" required>
            <input type="submit" value="搜索">
            <a href="/add">添加新记录</a>
        </form>
        <hr>
        <table id="result">
            <thead>
                <tr>
                    <th>车牌号</th>
                    <th>违章原因</th>
                    <th>违章时间</th>
                    <th>处罚方式</th>
                    <th>是否受理</th>
                </tr>
            </thead>
            <tbody>

            </tbody>
        </table>
        <p>{{ last }}</p>
    </div>
    <script src="https://cdn.bootcss.com/jquery/3.3.1/jquery.min.js"></script>
    <script>
        $(function() {
            $('#search').on('submit', function(evt) {
                evt.preventDefault();
                var carno = $('#carno').val();
                var token = $('#search input[type=hidden]').val()
                $.ajax({
                    url: '/search2',
                    type: 'post',
                    data: {
                        'carno': carno,
                        'csrfmiddlewaretoken': token
                    },
                    dataType: 'json',
                    success: function(json) {
                        $('#result tbody').children().remove();
                        for (var i = 0; i < json.length; i += 1) {
                            var record = json[i];
                            var tr = $('<tr>').append($('<td>').text(record.carno))
                                .append($('<td>').text(record.reason))
                                .append($('<td>').text(record.date))
                                .append($('<td>').text(record.punish));
                            var imgName = record.isdone ? 'icon-yes.svg' : 'icon-no.svg';
                            tr.append($('<td>').append($('<img>').attr('src', '/static/images/' + imgName)));
                            $('#result tbody').append(tr);
                        }
                    }
                });
            });
        });
    </script>
</body>
</html>