Spring Mvc Controller - 删除问题 [英] Spring Mvc Controller - problem with delete

问题描述

我在一个 j2ee 项目中工作(pojo 层，Dao 层(hibernate)，服务层(spring)，View(spring mvc))我在每一行后面都有一个文章表，我想添加一个链接以将其删除.

i working in a j2ee project (pojo layer, Dao layer(hibernate), Service Layer(spring), View(spring mvc)) i have a table of articles after each row i want to add a link to remove it.

这是我的看法

<c:if test="${!empty articles}">
<table>
    <tr>
        <th>Article ID</th>
        <th>Article Name</th>
        <th>Article Desc</th>
        <th>Added Date</th>
        <th>operation</th>
    </tr>

    <c:forEach items="${articles}" var="article">
        <tr>
            <td><c:out value="${article.articleId}"/></td>
            <td><c:out value="${article.articleName}"/></td>
            <td><c:out value="${article.articleDesc}"/></td>
            <td><c:out value="${article.addedDate}"/></td>
            <td><a href="articles/${article.articleId}">delete</a></td>
        </tr>
    </c:forEach>
</table>

这里是要删除的控制器

@RequestMapping(value="/articles/{articleId}", method=RequestMethod.POST)
public String deleteContact(@PathVariable("articleId")
Integer articleId) {

    articleService.removeArticle(articleId);

    return "redirect:/articles.html";
}

这是服务层

    @Transactional(propagation = Propagation.REQUIRED, readOnly = false)
public void removeArticle(Integer id) {
    articleDao.removeArticle(id);
}

这是Dao层(我试着找到文章然后删除它)

this is the Dao layer (i try to find the article then to remove it)

    public void removeArticle(Integer id) {
            //to get the article
    Article article = (Article) sessionFactory.getCurrentSession().load(
            Article.class, id);
    if (null != article) {
        sessionFactory.getCurrentSession().delete(article);
    }

}

但是当我运行该项目并单击删除链接时，出现 404 错误Etat HTTP 404 -/Spring3Hibernate/articles/1描述 请求的资源(/Spring3Hibernate/articles/1)不可用

but when i run the project and i click the delete link, i have an 404 error Etat HTTP 404 - /Spring3Hibernate/articles/1 description The requested resource (/ Spring3Hibernate/articles/1) is not available

有人可以帮我吗?

推荐答案

 <td><a href="articles/${article.articleId}">delete</a></td>

这是标准的 GET 请求，但您的控制器映射到 POST.

This is standard GET request, but your controller is mapped to POST.

@RequestMapping(value="/articles/{articleId}", method=RequestMethod.POST)

此外，它看起来像一个非常大的安全问题.我可以编写非常简单的 10 行程序，该程序将使用 get 或 post 请求调用从/articles/1 到/articles/{any number} 并删除您的整个数据.我建议在设计此类应用程序时只考虑它.

In addition, it looks like very big security issue. I can write very simple 10 lines program which will call using get or post request to from /articles/1 to /articles/{any number} and delete your entire data. I recommend just to take it into consideration while designing such applications.

这篇关于Spring Mvc Controller - 删除问题的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！