This answer was given to me by someone a different website. He had no desire to repost it here, but I will copy/paste in order to accept the answer and for future reference.

In the view, looking up the player_id should be called even if the POST data was not sent. That ensures you get a 404 anytime there is an invalid player_id in the URL. I simply moved that line of code above the IF statment.

Don’t define the form yourself in the template when you can. It avoids missing useful things like error messages when the form is not valid. Django provides some nifty tools to auto generate form HTML for you. I updated the form to look like the following. NOTE: I used ‘form.as_table here’, but there are some other useful methods such as ‘as_p’ if you don’t like the HTML output as a table. Here is the new new_stake.html:

<h1> New Play </h1>
{% if error_message %}<p><strong>{{ error_message }}</strong></p>{% endif %}
<form action="" method="post">
    {% csrf_token %}
    <table>{{form.as_table}}</table>
    <input type="submit" value="Add New Play" />
</form>

Remove the player_id from your form class if its not actually part of the form (or better yet, make it a hidden field). Also, you should probably be using a ModelForm here, that will auto-populate the form elements for you for the most part after the POST data is recieved. However, I did not make that optimation here. What I did do was remove the player_id line from the form in FORMS.py since it’s already in the URL and that seems to be where you wanted to grab it from (rather than a hidden input as suggested above).

class StakeForm(forms.Form):
    stakes = forms.CharField(max_length=200)
    amount_won = forms.IntegerField()
    last_play_date = forms.DateTimeField()

At this point, you should start seeing you’re a bit closer to getting a working form. The problem you were seeing was mainly that your form was not passing the is_valid() check, and if you look at the code, this dropped into showing you the form again. To make things seem worse, you never knew the form was invalid because you designed your own form HTML that did not include the error messages. This fix became more obvious once I used {{form}} in the template rather than using the custom form code in the original html.

A second note, you had miss-spelled the last_play_date as last_played_date. It may have worked the way you had it, but to keep a similar naming convention I renamed this to last_play_date to match the model.

Final note about views.py. You should try not to redirect to a URL defiend as a a string. URLs has a nice feature that lets you name them. You can use the reverse() function to perform a lookup as “reverse(‘stake_added’).

The final VIEWS.py looks like this:

def new_stake(request, player_id):
    vars = {}
    player = get_object_or_404(Player, pk=player_id)
    if request.method == 'POST': # If the form has been submitted
        form = StakeForm(request.POST) # A form bound to the POST data
        if form.is_valid(): # All validation rules pass
            # Process the data in form.cleaned_data
            stakes = form.cleaned_data['stakes']
            amount_won = form.cleaned_data['amount_won']
            last_play_date = form.cleaned_data['last_play_date']
            stakes_new = Stakes(player=player, stakes=stakes,
                amount_won=amount_won, last_play_date=last_play_date)
            stakes_new.save()
            return HttpResponseRedirect(reverse('stake_added')) # redirect after POST
    else:
        form = StakeForm() # An unbound form
    # Package up some variables to return
    vars['player'] = player
    vars['form'] = form
    context = RequestContext(request)
    return render_to_response('stakeme/new_stake.html', vars, context_instance=context)

And for good measure, here is the final URLS.py:

urlpatterns = patterns('',
    url(r'^(\d+)/new_stake/$', new_stake, name='new_stake'),
    url(r'^stake_added/$', direct_to_template, {'template':'stakeme/stake_added.html'}, name="stake_added"),
    url(r'^admin/', include(admin.site.urls)),
)