3 Catalyst::Manual::Tutorial::BasicCRUD - Catalyst Tutorial - Part 4: Basic CRUD
8 This is B<Part 4 of 10> for the Catalyst tutorial.
10 L<Tutorial Overview|Catalyst::Manual::Tutorial>
16 L<Introduction|Catalyst::Manual::Tutorial::Intro>
20 L<Catalyst Basics|Catalyst::Manual::Tutorial::CatalystBasics>
24 L<More Catalyst Basics|Catalyst::Manual::Tutorial::MoreCatalystBasics>
32 L<Authentication|Catalyst::Manual::Tutorial::Authentication>
36 L<Authorization|Catalyst::Manual::Tutorial::Authorization>
40 L<Debugging|Catalyst::Manual::Tutorial::Debugging>
44 L<Testing|Catalyst::Manual::Tutorial::Testing>
48 L<Advanced CRUD|Catalyst::Manual::Tutorial::AdvancedCRUD>
52 L<Appendices|Catalyst::Manual::Tutorial::Appendices>
59 This part of the tutorial builds on the fairly primitive application
60 created in Part 3 to add basic support for Create, Read, Update, and
61 Delete (CRUD) of C<Book> objects. Note that the 'list' function in Part
62 2 already implements the Read portion of CRUD (although Read normally
63 refers to reading a single object; you could implement full read
64 functionality using the techniques introduced below). This section will
65 focus on the Create and Delete aspects of CRUD. More advanced
66 capabilities, including full Update functionality, will be addressed in
69 Although this part of the tutorial will show you how to build CRUD
70 functionality yourself, another option is to use a "CRUD builder" type
71 of tool to automate the process. You get less control, but it's quick
72 and easy. For example, see
73 L<CatalystX::ListFramework::Builder|CatalystX::ListFramework::Builder>,
74 L<CatalystX::CRUD|CatalystX::CRUD>, and
75 L<CatalystX::CRUD::YUI|CatalystX::CRUD::YUI>.
77 You can checkout the source code for this example from the catalyst
78 subversion repository as per the instructions in
79 L<Catalyst::Manual::Tutorial::Intro|Catalyst::Manual::Tutorial::Intro>.
82 =head1 FORMLESS SUBMISSION
84 Our initial attempt at object creation will utilize the "URL
85 arguments" feature of Catalyst (we will employ the more common form-
86 based submission in the sections that follow).
89 =head2 Include a Create Action in the Books Controller
91 Edit C<lib/MyApp/Controller/Books.pm> and enter the following method:
95 Create a book with the supplied title, rating, and author
99 sub url_create : Local {
100 # In addition to self & context, get the title, rating, &
101 # author_id args from the URL. Note that Catalyst automatically
102 # puts extra information after the "/<controller_name>/<action_name/"
104 my ($self, $c, $title, $rating, $author_id) = @_;
106 # Call create() on the book model object. Pass the table
107 # columns/field values we want to set as hash values
108 my $book = $c->model('DB::Books')->create({
113 # Add a record to the join table for this book, mapping to
115 $book->add_to_book_authors({author_id => $author_id});
116 # Note: Above is a shortcut for this:
117 # $book->create_related('book_authors', {author_id => $author_id});
119 # Assign the Book object to the stash for display in the view
120 $c->stash->{book} = $book;
122 # This is a hack to disable XSUB processing in Data::Dumper
123 # (it's used in the view). This is a work-around for a bug in
124 # the interaction of some versions or Perl, Data::Dumper & DBIC.
125 # You won't need this if you aren't using Data::Dumper (or if
126 # you are running DBIC 0.06001 or greater), but adding it doesn't
127 # hurt anything either.
128 $Data::Dumper::Useperl = 1;
130 # Set the TT template to use
131 $c->stash->{template} = 'books/create_done.tt2';
134 Notice that Catalyst takes "extra slash-separated information" from the
135 URL and passes it as arguments in C<@_>. The C<url_create> action then
136 uses a simple call to the DBIC C<create> method to add the requested
137 information to the database (with a separate call to
138 C<add_to_book_authors> to update the join table). As do virtually all
139 controller methods (at least the ones that directly handle user input),
140 it then sets the template that should handle this request.
143 =head2 Include a Template for the C<url_create> Action:
145 Edit C<root/src/books/create_done.tt2> and then enter:
147 [% # Use the TT Dumper plugin to Data::Dumper variables to the browser -%]
148 [% # Not a good idea for production use, though. :-) 'Indent=1' is -%]
149 [% # optional, but prevents "massive indenting" of deeply nested objects -%]
150 [% USE Dumper(Indent=1) -%]
152 [% # Set the page title. META can 'go back' and set values in templates -%]
153 [% # that have been processed 'before' this template (here it's for -%]
154 [% # root/lib/site/html and root/lib/site/header). Note that META on -%]
155 [% # simple strings (e.g., no variable interpolation). -%]
156 [% META title = 'Book Created' %]
158 [% # Output information about the record that was added. First title. -%]
159 <p>Added book '[% book.title %]'
161 [% # Output the last name of the first author. This is complicated by an -%]
162 [% # issue in TT 2.15 where blessed hash objects are not handled right. -%]
163 [% # First, fetch 'book.authors' from the DB once. -%]
164 [% authors = book.authors %]
165 [% # Now use IF statements to test if 'authors.first' is "working". If so, -%]
166 [% # we use it. Otherwise we use a hack that seems to keep TT 2.15 happy. -%]
167 by '[% authors.first.last_name IF authors.first;
168 authors.list.first.value.last_name IF ! authors.first %]'
170 [% # Output the rating for the book that was added -%]
171 with a rating of [% book.rating %].</p>
173 [% # Provide a link back to the list page -%]
174 [% # 'uri_for()' builds a full URI; e.g., 'http://localhost:3000/books/list' -%]
175 <p><a href="[% c.uri_for('/books/list') %]">Return to list</a></p>
177 [% # Try out the TT Dumper (for development only!) -%]
179 Dump of the 'book' variable:
180 [% Dumper.dump(book) %]
183 The TT C<USE> directive allows access to a variety of plugin modules
184 (TT plugins, that is, not Catalyst plugins) to add extra functionality
185 to the base TT capabilities. Here, the plugin allows
186 L<Data::Dumper|Data::Dumper> "pretty printing" of objects and
187 variables. Other than that, the rest of the code should be familiar
188 from the examples in Part 3.
191 =head2 Try the C<url_create> Feature
193 If the application is still running from before, use C<Ctrl-C> to kill
194 it. Then restart the server:
196 $ DBIC_TRACE=1 script/myapp_server.pl
198 Note that new path for C</books/url_create> appears in the startup debug
201 B<TIP>: You can use C<script/myapp_server.pl -r> to have the development
202 server auto-detect changed files and reload itself (if your browser acts
203 odd, you should also try throwing in a C<-k>). If you make changes to
204 the TT templates only, you do not need to reload the development server
205 (only changes to "compiled code" such as Controller and Model C<.pm>
206 files require a reload).
208 Next, use your browser to enter the following URL:
210 http://localhost:3000/books/url_create/TCPIP_Illustrated_Vol-2/5/4
212 Your browser should display "Added book 'TCPIP_Illustrated_Vol-2' by
213 'Stevens' with a rating of 5." along with a dump of the new book model
214 object as it was returned by DBIC. You should also see the following
215 DBIC debug messages displayed in the development server log messages
216 if you have DBIC_TRACE set:
218 INSERT INTO books (rating, title) VALUES (?, ?): `5', `TCPIP_Illustrated_Vol-2'
219 INSERT INTO book_authors (author_id, book_id) VALUES (?, ?): `4', `6'
220 SELECT author.id, author.first_name, author.last_name
221 FROM book_authors me JOIN authors author
222 ON ( author.id = me.author_id ) WHERE ( me.book_id = ? ): '6'
224 The C<INSERT> statements are obviously adding the book and linking it to
225 the existing record for Richard Stevens. The C<SELECT> statement results
226 from DBIC automatically fetching the book for the C<Dumper.dump(book)>.
228 If you then click the "Return to list" link, you should find that
229 there are now six books shown (if necessary, Shift+Reload or
230 Ctrl+Reload your browser at the C</books/list> page).
233 =head1 CONVERT TO A CHAINED ACTION
235 Although the example above uses the same C<Local> action type for the
236 method that we saw in the previous part of the tutorial, there is an
237 alternate approach that allows us to be more specific while also
238 paving the way for more advanced capabilities. Change the method
239 declaration for C<url_create> in C<lib/MyApp/Controller/Books.pm> you
240 entered above to match the following:
242 sub url_create :Chained('/') :PathPart('books/url_create') :Args(3) {
244 This converts the method to take advantage of the Chained
245 action/dispatch type. Chaining let's you have a single URL
246 automatically dispatch to several controller methods, each of which
247 can have precise control over the number of arguments that it will
248 receive. A chain can essentially be thought of having three parts --
249 a beginning, a middle and an end. The bullets below summarize the key
250 points behind each of these parts of a chain:
264 B<Use "C<:Chained('/')>" to start a chain>
268 Get arguments through C<CaptureArgs()>
272 Specify the path to match with C<PathPart()>
285 Link to previous part of the chain with C<:Chained('_name_')>
289 Get arguments through C<CaptureArgs()>
293 Specify the path to match with C<PathPart()>
306 Link to previous part of the chain with C<:Chained('_name_')>
310 B<Do NOT get arguments through "C<CaptureArgs()>," use "C<Args()>" instead to end a chain>
314 Specify the path to match with C<PathPart()>
321 In our C<url_create> method above, we have combined all 3 parts into a
322 single method: C<:Chained('/')> to start the chain,
323 C<:PathPart('books/url_create')> to specify the base URL to match,
324 along with C<:Args(3)> to capture exactly 3 arguments and also end the
327 As we will see shortly, a chain can consist of as many "links" as you
328 wish, with each part capturing some arguments and doing some work
329 along the way. We will continue to use the Chained action type in this
330 part of the tutorial and explore slightly more advanced capabilities
331 with the base method and delete feature below. But Chained dispatch
332 is capable of far more. For additional information, see
333 L<Catalyst::Manual::Intro/Action types>,
334 L<Catalyst::DispatchType::Chained|Catalyst::DispatchType::Chained>,
335 and the 2006 advent calendar entry on the subject:
336 L<http://www.catalystframework.org/calendar/2006/10>.
339 =head2 Try the Chained Action
341 If you look back at the development server startup logs from your
342 initial version of the C<url_create> method (the one using the
343 C<:Local> attribute), you will notice that it produced output similar
346 [debug] Loaded Path actions:
347 .-------------------------------------+--------------------------------------.
349 +-------------------------------------+--------------------------------------+
352 | /books | /books/index |
353 | /books/list | /books/list |
354 | /books/url_create | /books/url_create |
355 '-------------------------------------+--------------------------------------'
357 Now start the development server with our basic chained method in
358 place and the startup debug output should change to something along
359 the lines of the following:
361 [debug] Loaded Path actions:
362 .-------------------------------------+--------------------------------------.
364 +-------------------------------------+--------------------------------------+
367 | /books | /books/index |
368 | /books/list | /books/list |
369 '-------------------------------------+--------------------------------------'
371 [debug] Loaded Chained actions:
372 .-------------------------------------+--------------------------------------.
373 | Path Spec | Private |
374 +-------------------------------------+--------------------------------------+
375 | /books/url_create/*/*/* | /books/url_create |
376 '-------------------------------------+--------------------------------------'
378 C<url_create> has disappeared form the "Loaded Path actions" section
379 but it now shows up under the newly created "Loaded Chained actions"
380 section. And, the "/*/*/*" portion clearly shows our requirement for
383 As with our non-chained version of C<url_create>, use your browser to
384 enter the following URL:
386 http://localhost:3000/books/url_create/TCPIP_Illustrated_Vol-2/5/4
388 You should see the same "Added book 'TCPIP_Illustrated_Vol-2' by
389 'Stevens' with a rating of 5." along with a dump of the new book model
390 object. Click the "Return to list" link, you should find that there
391 are now seven books shown (two copies of TCPIP_Illustrated_Vol-2).
394 =head2 Refactor to Use a "Base" Method to Start the Chains
396 Let's make a quick update to our initial Chained action to show a
397 little more of the power of chaining. First, open
398 C<lib/MyApp/Controller/Books.pm> in your editor and add the following
403 Can place common logic to start chained dispatch here
407 sub base :Chained('/') :PathPart('books') :CaptureArgs(0) {
410 # Store the resultset in stash so it's available for other methods
411 $c->stash->{resultset} = $c->model('DB::Books');
413 # Print a message to the debug log
414 $c->log->debug('*** INSIDE BASE METHOD ***');
417 Here we print a log message and store the DBIC resultset in
418 C<$c-E<gt>stash-E<gt>{resultset}> so that it's automatically available
419 for other actions that chain off C<base>. If your controller always
420 needs a book ID as it's first argument, you could have the base method
421 capture that argument (with C<:CaptureArgs(1)>) and use it to pull the
422 book object with C<-E<gt>find($id)> and leave it in the stash for
423 later parts of your chains to then act upon. Because we have several
424 actions that don't need to retrieve a book (such as the C<url_create>
425 we are working with now), we will instead add that functionality
426 to a common C<object> action shortly.
428 As for C<url_create>, let's modify it to first dispatch to C<base>.
429 Open up C<lib/MyApp/Controller/Books.pm> and edit the declaration for
430 C<url_create> to match the following:
432 sub url_create :Chained('base') :PathPart('url_create') :Args(3) {
434 Next, try out the refactored chain by restarting the development
435 server. Notice that our "Loaded Chained actions" section has changed
438 [debug] Loaded Chained actions:
439 .-------------------------------------+--------------------------------------.
440 | Path Spec | Private |
441 +-------------------------------------+--------------------------------------+
442 | /books/url_create/*/*/* | /books/base (0) |
443 | | => /books/url_create |
444 '-------------------------------------+--------------------------------------'
446 The "Path Spec" is the same, but now it maps to two Private actions as
449 Once again, enter the following URL into your browser:
451 http://localhost:3000/books/url_create/TCPIP_Illustrated_Vol-2/5/4
453 The same "Added book 'TCPIP_Illustrated_Vol-2' by 'Stevens' with a
454 rating of 5" message and dump of the new book object should appear.
455 Also notice the extra debug message in the development server output
456 from the C<base> method. Click the "Return to list" link, you should
457 find that there are now eight books shown.
460 =head1 MANUALLY BUILDING A CREATE FORM
462 Although the C<url_create> action in the previous step does begin to
463 reveal the power and flexibility of both Catalyst and DBIC, it's
464 obviously not a very realistic example of how users should be expected
465 to enter data. This section begins to address that concern.
468 =head2 Add Method to Display The Form
470 Edit C<lib/MyApp/Controller/Books.pm> and add the following method:
474 Display form to collect information for book to create
478 sub form_create :Chained('base') :PathPart('form_create') :Args(0) {
481 # Set the TT template to use
482 $c->stash->{template} = 'books/form_create.tt2';
485 This action simply invokes a view containing a book creation form.
488 =head2 Add a Template for the Form
490 Open C<root/src/books/form_create.tt2> in your editor and enter:
492 [% META title = 'Manual Form Book Create' -%]
494 <form method="post" action="[% c.uri_for('form_create_do') %]">
496 <tr><td>Title:</td><td><input type="text" name="title"></td></tr>
497 <tr><td>Rating:</td><td><input type="text" name="rating"></td></tr>
498 <tr><td>Author ID:</td><td><input type="text" name="author_id"></td></tr>
500 <input type="submit" name="Submit" value="Submit">
503 Note that we have specified the target of the form data as
504 C<form_create_do>, the method created in the section that follows.
507 =head2 Add a Method to Process Form Values and Update Database
509 Edit C<lib/MyApp/Controller/Books.pm> and add the following method to
510 save the form information to the database:
512 =head2 form_create_do
514 Take information from form and add to database
518 sub form_create_do :Chained('base') :PathPart('form_create_do') :Args(0) {
521 # Retrieve the values from the form
522 my $title = $c->request->params->{title} || 'N/A';
523 my $rating = $c->request->params->{rating} || 'N/A';
524 my $author_id = $c->request->params->{author_id} || '1';
527 my $book = $c->model('DB::Books')->create({
531 # Handle relationship with author
532 $book->add_to_book_authors({author_id => $author_id});
534 # Store new model object in stash
535 $c->stash->{book} = $book;
537 # Avoid Data::Dumper issue mentioned earlier
538 # You can probably omit this
539 $Data::Dumper::Useperl = 1;
541 # Set the TT template to use
542 $c->stash->{template} = 'books/create_done.tt2';
546 =head2 Test Out The Form
548 If the application is still running from before, use C<Ctrl-C> to kill
549 it. Then restart the server:
551 $ script/myapp_server.pl
553 Notice that the server startup log reflects the two new chained
554 methods that we added:
556 [debug] Loaded Chained actions:
557 .-------------------------------------+--------------------------------------.
558 | Path Spec | Private |
559 +-------------------------------------+--------------------------------------+
560 | /books/form_create | /books/base (0) |
561 | | => /books/form_create |
562 | /books/form_create_do | /books/base (0) |
563 | | => /books/form_create_do |
564 | /books/url_create/*/*/* | /books/base (0) |
565 | | => /books/url_create |
566 '-------------------------------------+--------------------------------------'
568 Point your browser to L<http://localhost:3000/books/form_create> and
569 enter "TCP/IP Illustrated, Vol 3" for the title, a rating of 5, and an
570 author ID of 4. You should then see the output of the same
571 C<create_done.tt2> template seen in earlier examples. Finally, click
572 "Return to list" to view the full list of books.
574 B<Note:> Having the user enter the primary key ID for the author is
575 obviously crude; we will address this concern with a drop-down list in
579 =head1 A SIMPLE DELETE FEATURE
581 Turning our attention to the delete portion of CRUD, this section
582 illustrates some basic techniques that can be used to remove information
586 =head2 Include a Delete Link in the List
588 Edit C<root/src/books/list.tt2> and update it to the following (two
589 sections have changed: 1) the additional '<th>Links</th>' table header,
590 and 2) the four lines for the Delete link near the bottom).
592 [% # This is a TT comment. The '-' at the end "chomps" the newline. You won't -%]
593 [% # see this "chomping" in your browser because HTML ignores blank lines, but -%]
594 [% # it WILL eliminate a blank line if you view the HTML source. It's purely -%]
595 [%- # optional, but both the beginning and the ending TT tags support chomping. -%]
597 [% # Provide a title to root/lib/site/header -%]
598 [% META title = 'Book List' -%]
601 <tr><th>Title</th><th>Rating</th><th>Author(s)</th><th>Links</th></tr>
602 [% # Display each book in a table row %]
603 [% FOREACH book IN books -%]
605 <td>[% book.title %]</td>
606 <td>[% book.rating %]</td>
608 [% # First initialize a TT variable to hold a list. Then use a TT FOREACH -%]
609 [% # loop in 'side effect notation' to load just the last names of the -%]
610 [% # authors into the list. Note that the 'push' TT vmethod does not -%]
611 [% # a value, so nothing will be printed here. But, if you have something -%]
612 [% # in TT that does return a method and you don't want it printed, you -%]
613 [% # can: 1) assign it to a bogus value, or 2) use the CALL keyword to -%]
614 [% # call it and discard the return value. -%]
616 tt_authors.push(author.last_name) FOREACH author = book.authors %]
617 [% # Now use a TT 'virtual method' to display the author count in parens -%]
618 ([% tt_authors.size %])
619 [% # Use another TT vmethod to join & print the names & comma separators -%]
620 [% tt_authors.join(', ') %]
623 [% # Add a link to delete a book %]
624 <a href="[% c.uri_for(c.controller.action_for('delete'), [book.id]) %]">Delete</a>
630 The additional code is obviously designed to add a new column to the
631 right side of the table with a C<Delete> "button" (for simplicity,
632 links will be used instead of full HTML buttons).
634 Also notice that we are using a more advanced form of C<uri_for> than
635 we have seen before. Here we use C<$c-E<gt>controller-
636 E<gt>action_for> to automatically generate a URI appropriate for that
637 action based on the method we want to link to while inserting the
638 C<book.id> value into the appropriate place. Now, if you ever change
639 C<:PathPart('delete')> in your controller method to
640 C<:PathPart('kill')>, then your links will automatically update
641 without any changes to your .tt2 template file. As long as the name
642 of your method does not changed ("delete" here), then your links will
643 still be correct. There are a few shortcuts and options when using
650 If you are referring to a method in the current controller, you can
651 use C<$self-E<gt>action_for('_method_name_')>.
655 If you are referring to a method in a different controller, you need
656 to include that controller's name as an argument to C<controller()>, as in
657 C<$c-E<gt>controller('_controller_name_')-E<gt>action_for('_method_name_')>.
661 B<Note:> In general, you should use more than just a simple link with
662 your applications. Consider using some sort of of confirmation page
663 (typically with unique actions in your controller for both the
664 confirmation and the actual delete operation). Also, you should try
665 to use an HTTP POST operation (versus the GET used here) for
666 operations that change the state of your application (e.g., the
670 =head2 Add a Common Method to Retrieve a Book for the Chain
672 As mentioned earlier, since we have a mixture of actions that operate
673 on a single book ID and others that do no, we should not have C<base>
674 capture the book ID, find the corresponding book in the database and
675 save it in the stash for later links in the chain. However, just
676 because that logic does not belong in C<base> doesn't mean that we
677 can't create another location to centralize the book lookup code. In
678 our case, we will create a method called C<object> that will store the
679 specific book in the stash. Chains that always operate on a single
680 existing book can chain off this method, but methods such as
681 C<url_create> that don't operate on an existing book can chain
684 To add the C<object> method, edit C<lib/MyApp/Controller/Books.pm>
685 and add the following code:
689 Fetch the specified book object based on the book ID and store
694 sub object :Chained('base') :PathPart('id') :CaptureArgs(1) {
695 # $id = primary key of book to delete
696 my ($self, $c, $id) = @_;
698 # Find the book object and store it in the stash
699 $c->stash(object => $c->stash->{resultset}->find($id));
701 # Make sure the lookup was successful. You would probably
702 # want to do something like this in a real app:
703 # $c->detach('/error_404') if !$c->stash->{object};
704 die "Book $id not found!" if !$c->stash->{object};
707 Now, any other method that chains off C<object> will automatically
708 have the appropriate book waiting for it in
709 C<$c-E<gt>stash-Egt>{object}>.
711 Also note that we are using different technique for setting
712 C<$c-E<gt>stash>. The advantage of this style is that it let's you
713 set multiple stash variables at a time. For example:
715 $c->stash(object => $c->stash->{resultset}->find($id),
720 $c->stash({object => $c->stash->{resultset}->find($id),
721 another_thing => 1});
723 Either format works, but the C<$c-E<gt>stash(name =E<gt> value);>
724 style is growing in popularity -- you may which to use it all
725 the time (even when you are only setting a single value).
728 =head2 Add a Delete Action to the Controller
730 Open C<lib/MyApp/Controller/Books.pm> in your editor and add the
739 sub delete :Chained('object') :PathPart('delete') :Args(0) {
742 # Use the book object saved by 'object' and delete it along
743 # with related 'book_authors' entries
744 $c->stash->{object}->delete;
746 # Set a status message to be displayed at the top of the view
747 $c->stash->{status_msg} = "Book deleted.";
749 # Forward to the list action/method in this controller
753 This method first deletes the book object saved by the C<object> method.
754 However, it also removes the corresponding entry from the
755 C<book_authors> table with a cascading delete.
757 Then, rather than forwarding to a "delete done" page as we did with the
758 earlier create example, it simply sets the C<status_msg> to display a
759 notification to the user as the normal list view is rendered.
761 The C<delete> action uses the context C<forward> method to return the
762 user to the book list. The C<detach> method could have also been used.
763 Whereas C<forward> I<returns> to the original action once it is
764 completed, C<detach> does I<not> return. Other than that, the two are
768 =head2 Try the Delete Feature
770 If the application is still running from before, use C<Ctrl-C> to kill
771 it. Then restart the server:
773 $ DBIC_TRACE=1 script/myapp_server.pl
775 The C<delete> method now appears in the "Loaded Chained actions" section
776 of the startup debug output:
778 [debug] Loaded Chained actions:
779 .-------------------------------------+--------------------------------------.
780 | Path Spec | Private |
781 +-------------------------------------+--------------------------------------+
782 | /books/id/*/delete | /books/base (0) |
783 | | -> /books/object (1) |
784 | | => /books/delete |
785 | /books/form_create | /books/base (0) |
786 | | => /books/form_create |
787 | /books/form_create_do | /books/base (0) |
788 | | => /books/form_create_do |
789 | /books/url_create/*/*/* | /books/base (0) |
790 | | => /books/url_create |
791 '-------------------------------------+--------------------------------------'
793 Then point your browser to L<http://localhost:3000/books/list> and click
794 the "Delete" link next to the first "TCPIP_Illustrated_Vol-2". A green
795 "Book deleted" status message should display at the top of the page,
796 along with a list of the eight remaining books. You will also see the
797 cascading delete operation via the DBIC_TRACE output:
799 DELETE FROM books WHERE ( id = ? ): '6'
800 SELECT me.book_id, me.author_id FROM book_authors me WHERE ( me.book_id = ? ): '6'
801 DELETE FROM book_authors WHERE ( author_id = ? AND book_id = ? ): '4', '6'
804 =head2 Fixing a Dangerous URL
806 Note the URL in your browser once you have performed the deletion in the
807 prior step -- it is still referencing the delete action:
809 http://localhost:3000/books/delete/6
811 What if the user were to press reload with this URL still active? In
812 this case the redundant delete is harmless (although it does generate
813 an exception screen, it doesn't perform any undesirable actions on the
814 application or database), but in other cases this could clearly be
817 We can improve the logic by converting to a redirect. Unlike
818 C<$c-E<gt>forward('list'))> or C<$c-E<gt>detach('list'))> that perform
819 a server-side alteration in the flow of processing, a redirect is a
820 client-side mechanism that causes the browser to issue an entirely
821 new request. As a result, the URL in the browser is updated to match
822 the destination of the redirection URL.
824 To convert the forward used in the previous section to a redirect,
825 open C<lib/MyApp/Controller/Books.pm> and edit the existing
826 C<sub delete> method to match:
834 sub delete :Chained('object') :PathPart('delete') :Args(0) {
837 # Use the book object saved by 'object' and delete it along
838 # with related 'book_authors' entries
839 $c->stash->{object}->delete;
841 # Set a status message to be displayed at the top of the view
842 $c->stash->{status_msg} = "Book deleted.";
844 # Redirect the user back to the list page. Note the use
845 # of $self->action_for as earlier in this section (BasicCRUD)
846 $c->response->redirect($c->uri_for($self->action_for('list')));
850 =head2 Try the Delete and Redirect Logic
852 Restart the development server and point your browser to
853 L<http://localhost:3000/books/list> (don't just hit "Refresh" in your
854 browser since we left the URL in an invalid state in the previous
855 section!) and delete the first copy of the remaining two
856 "TCPIP_Illustrated_Vol-2" books. The URL in your browser should return
857 to the L<http://localhost:3000/books/list> URL, so that is an
858 improvement, but notice that I<no green "Book deleted" status message is
859 displayed>. Because the stash is reset on every request (and a redirect
860 involves a second request), the C<status_msg> is cleared before it can
864 =head2 Using C<uri_for> to Pass Query Parameters
866 There are several ways to pass information across a redirect. One
867 option is to use the C<flash> technique that we will see in Part 5 of
868 the tutorial; however, here we will pass the information via query
869 parameters on the redirect itself. Open
870 C<lib/MyApp/Controller/Books.pm> and update the existing C<sub delete>
871 method to match the following:
879 sub delete :Chained('object') :PathPart('delete') :Args(0) {
882 # Use the book object saved by 'object' and delete it along
883 # with related 'book_authors' entries
884 $c->stash->{object}->delete;
886 # Redirect the user back to the list page with status msg as an arg
887 $c->response->redirect($c->uri_for($self->action_for('list'),
888 {status_msg => "Book deleted."}));
891 This modification simply leverages the ability of C<uri_for> to include
892 an arbitrary number of name/value pairs in a hash reference. Next, we
893 need to update C<root/src/wrapper.tt2> to handle C<status_msg> as a
898 [%# Status and error messages %]
899 <span class="message">[% status_msg || c.request.params.status_msg %]</span>
900 <span class="error">[% error_msg %]</span>
901 [%# This is where TT will stick all of your template's contents. -%]
903 </div><!-- end content -->
906 Although the sample above only shows the C<content> div, leave the
907 rest of the file intact -- the only change we made to the C<wrapper.tt2>
908 was to add "C<|| c.request.params.status_msg>" to the
909 C<E<lt>span class="message"E<gt>> line.
912 =head2 Try the Delete and Redirect With Query Param Logic
914 Restart the development server and point your browser to
915 L<http://localhost:3000/books/list> (you should now be able to safely
916 hit "refresh" in your browser). Then delete the remaining copy of
917 "TCPIP_Illustrated_Vol-2". The green "Book deleted" status message
920 B<NOTE:> Another popular method for maintaining server-side
921 information across a redirect is to use the C<flash> technique we
922 discuss in the next part of the tutorial,
923 L<Authentication|Catalyst::Manual::Tutorial::Authentication>. While
924 C<flash> is a "slicker" mechanism in that it's all handled by the
925 server and doesn't "pollute" your URLs, B<it is important to note that
926 C<flash> can lead to situations where the wrong information shows up
927 in the wrong browser window if the user has multiple windows or
928 browser tabs open.> For example, Window A causes something to be
929 placed in the stash, but before that window performs a redirect,
930 Window B makes a request to the server and gets the status information
931 that should really go to Window A. For this reason, you may wish
932 to use the "query param" technique shown here in your applications.
937 Kennedy Clark, C<hkclark@gmail.com>
939 Please report any errors, issues or suggestions to the author. The
940 most recent version of the Catalyst Tutorial can be found at
941 L<http://dev.catalyst.perl.org/repos/Catalyst/Catalyst-Manual/5.70/trunk/lib/Catalyst/Manual/Tutorial/>.
943 Copyright 2006-2008, Kennedy Clark, under Creative Commons License
944 (L<http://creativecommons.org/licenses/by-sa/3.0/us/>).