In step 1 of this recipe, we created a route to submit book issues. The **post argument in the function will accept all query parameters in the URL. You will also get the submitted form data in the **post argument. In our example, we have used the same controller to display the pages and submit the issue. If we find data in the post, we will create a new issue in the book.issue model and then redirect the user to the issue page with the submitted query parameters, so the user can see that the acknowledgment issue is submitted and can therefore submit another issue if he/she wants.

Note that we have used sudo() to create a book issue record because a normal user (visitor) does not have access rights to create the new book issue record. This is despite it being necessary to create the book issue record if a user has submitted an issue from a web page. This is a practical example of the usage of sudo().

In step 2, we have created the template for the issue page. In step 3, we have added the conditional headers. The success header will be displayed after submitting an issue.

In step 4, we have added the <form> with three fields: csrf_token, book selection, and issue description. The last two fields are used to get input from the website user. However, csrf_token is used to avoid a Cross-Site Request Forgery (CSRF) attack. If you don't use it in the form, the user won't be able to submit the form. When you submit the form, you will get the submitted data as the **post parameter in the books_issues() method of step 1.