Spring Mvc Controller - 删除问题 [英] Spring Mvc Controller - problem with delete
问题描述
我在一个 j2ee 项目中工作(pojo 层,Dao 层(hibernate),服务层(spring),View(spring mvc))我在每一行后面都有一个文章表,我想添加一个链接以将其删除.
i working in a j2ee project (pojo layer, Dao layer(hibernate), Service Layer(spring), View(spring mvc)) i have a table of articles after each row i want to add a link to remove it.
这是我的看法
<c:if test="${!empty articles}">
<table>
<tr>
<th>Article ID</th>
<th>Article Name</th>
<th>Article Desc</th>
<th>Added Date</th>
<th>operation</th>
</tr>
<c:forEach items="${articles}" var="article">
<tr>
<td><c:out value="${article.articleId}"/></td>
<td><c:out value="${article.articleName}"/></td>
<td><c:out value="${article.articleDesc}"/></td>
<td><c:out value="${article.addedDate}"/></td>
<td><a href="articles/${article.articleId}">delete</a></td>
</tr>
</c:forEach>
</table>
这里是要删除的控制器
@RequestMapping(value="/articles/{articleId}", method=RequestMethod.POST)
public String deleteContact(@PathVariable("articleId")
Integer articleId) {
articleService.removeArticle(articleId);
return "redirect:/articles.html";
}
这是服务层
@Transactional(propagation = Propagation.REQUIRED, readOnly = false)
public void removeArticle(Integer id) {
articleDao.removeArticle(id);
}
这是Dao层(我试着找到文章然后删除它)
this is the Dao layer (i try to find the article then to remove it)
public void removeArticle(Integer id) {
//to get the article
Article article = (Article) sessionFactory.getCurrentSession().load(
Article.class, id);
if (null != article) {
sessionFactory.getCurrentSession().delete(article);
}
}
但是当我运行该项目并单击删除链接时,出现 404 错误Etat HTTP 404 -/Spring3Hibernate/articles/1描述 请求的资源(/Spring3Hibernate/articles/1)不可用
but when i run the project and i click the delete link, i have an 404 error Etat HTTP 404 - /Spring3Hibernate/articles/1 description The requested resource (/ Spring3Hibernate/articles/1) is not available
有人可以帮我吗?
推荐答案
<td><a href="articles/${article.articleId}">delete</a></td>
这是标准的 GET 请求,但您的控制器映射到 POST.
This is standard GET request, but your controller is mapped to POST.
@RequestMapping(value="/articles/{articleId}", method=RequestMethod.POST)
此外,它看起来像一个非常大的安全问题.我可以编写非常简单的 10 行程序,该程序将使用 get 或 post 请求调用从/articles/1 到/articles/{any number} 并删除您的整个数据.我建议在设计此类应用程序时只考虑它.
In addition, it looks like very big security issue. I can write very simple 10 lines program which will call using get or post request to from /articles/1 to /articles/{any number} and delete your entire data. I recommend just to take it into consideration while designing such applications.
这篇关于Spring Mvc Controller - 删除问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!