加载中...

yii post delete request more safe


常规的delete方法如下:

/** 
* Deletes a particular model.
* If deletion is successful, the browser will be redirected to the 'index' page.
*/
public function actionDelete()
{ 
if(Yii::app()->request->isPostRequest)
{ 
// we only allow deletion via POST request
$this->loadModel()->delete();

// if AJAX request (triggered by deletion via admin grid view), we should not redirect the browser
if(!isset($_GET['ajax']))
$this->redirect(array('index'));
} 
else
throw new CHttpException(400,'Invalid request. Please do not repeat this request again.');
}



通过POST请求来删除,会弹出对话框,让用户确认,更安全些。
在CGridView 中 ,会自动的发送POST 请求。
 array(
 'headerHtmlOptions'=>array('width'=>'60px'),
 'class'=>'CButtonColumn', 'header'=>'操作',
 'template'=>'{view} {update} {delete}',
 'buttons'=>array(
 'view'=>array(
 'label'=>'查看',
 'url'=>'Yii::app()->createURL("supervise/default/view", array("id"=>$data->id))',
 'imageUrl'=>Yii::app()->baseUrl.'/images/icons/user.png',
 ),
 'update'=>array(
 'label'=>'修改',
 'url'=>'Yii::app()->createURL("supervise/default/update", array("id"=>$data->id))',
 'imageUrl'=>Yii::app()->baseUrl.'/images/icons/user_edit.png',
 ),
 'delete'=>array(
 'label'=>'删除',
 'url'=>'Yii::app()->createURL("supervise/default/delete", array("id"=>$data->id))',
 'imageUrl'=>Yii::app()->baseUrl.'/images/icons/user_delete.png',
 ),
 ),
 ),

但是如果在别的地方你简单的使用 createUrl来创建的都是GET REQUEST,无法删除记录的

Error 400

Invalid request. Please do not repeat this request again.

解决方法:


 <?php
 echo CHtml::link(CHtml::encode('删除巡察记录'), array('/***/default/delete', 'id'=>$id),
 array(
 'submit'=>array('/***/default/delete', 'id'=>$id),
 'class' => 'delete','confirm'=>'This will remove the image. Are you sure?'
 )
 );
 ?>






还没有评论.