3 Catalyst::Manual::Tutorial::BasicCRUD - Catalyst Tutorial - Part 4: Basic CRUD
8 This is B<Part 4 of 10> for the Catalyst tutorial.
10 L<Tutorial Overview|Catalyst::Manual::Tutorial>
16 L<Introduction|Catalyst::Manual::Tutorial::Intro>
20 L<Catalyst Basics|Catalyst::Manual::Tutorial::CatalystBasics>
24 L<More Catalyst Basics|Catalyst::Manual::Tutorial::MoreCatalystBasics>
32 L<Authentication|Catalyst::Manual::Tutorial::Authentication>
36 L<Authorization|Catalyst::Manual::Tutorial::Authorization>
40 L<Debugging|Catalyst::Manual::Tutorial::Debugging>
44 L<Testing|Catalyst::Manual::Tutorial::Testing>
48 L<Advanced CRUD|Catalyst::Manual::Tutorial::AdvancedCRUD>
52 L<Appendices|Catalyst::Manual::Tutorial::Appendices>
59 This part of the tutorial builds on the fairly primitive application
60 created in Part 3 to add basic support for Create, Read, Update, and
61 Delete (CRUD) of C<Book> objects. Note that the 'list' function in Part
62 2 already implements the Read portion of CRUD (although Read normally
63 refers to reading a single object; you could implement full read
64 functionality using the techniques introduced below). This section will
65 focus on the Create and Delete aspects of CRUD. More advanced
66 capabilities, including full Update functionality, will be addressed in
69 Although this part of the tutorial will show you how to build CRUD
70 functionality yourself, another option is to use a "CRUD builder" type
71 of tool to automate the process. You get less control, but it's quick
72 and easy. For example, see
73 L<CatalystX::ListFramework::Builder|CatalystX::ListFramework::Builder>,
74 L<CatalystX::CRUD|CatalystX::CRUD>, and
75 L<CatalystX::CRUD::YUI|CatalystX::CRUD::YUI>.
77 You can checkout the source code for this example from the catalyst
78 subversion repository as per the instructions in
79 L<Catalyst::Manual::Tutorial::Intro|Catalyst::Manual::Tutorial::Intro>.
82 =head1 FORMLESS SUBMISSION
84 Our initial attempt at object creation will utilize the "URL
85 arguments" feature of Catalyst (we will employ the more common form-
86 based submission in the sections that follow).
89 =head2 Include a Create Action in the Books Controller
91 Edit C<lib/MyApp/Controller/Books.pm> and enter the following method:
95 Create a book with the supplied title, rating, and author
99 sub url_create : Local {
100 # In addition to self & context, get the title, rating, &
101 # author_id args from the URL. Note that Catalyst automatically
102 # puts extra information after the "/<controller_name>/<action_name/"
104 my ($self, $c, $title, $rating, $author_id) = @_;
106 # Call create() on the book model object. Pass the table
107 # columns/field values we want to set as hash values
108 my $book = $c->model('DB::Books')->create({
113 # Add a record to the join table for this book, mapping to
115 $book->add_to_book_authors({author_id => $author_id});
116 # Note: Above is a shortcut for this:
117 # $book->create_related('book_authors', {author_id => $author_id});
119 # Assign the Book object to the stash for display in the view
120 $c->stash->{book} = $book;
122 # This is a hack to disable XSUB processing in Data::Dumper
123 # (it's used in the view). This is a work-around for a bug in
124 # the interaction of some versions or Perl, Data::Dumper & DBIC.
125 # You won't need this if you aren't using Data::Dumper (or if
126 # you are running DBIC 0.06001 or greater), but adding it doesn't
127 # hurt anything either.
128 $Data::Dumper::Useperl = 1;
130 # Set the TT template to use
131 $c->stash->{template} = 'books/create_done.tt2';
134 Notice that Catalyst takes "extra slash-separated information" from the
135 URL and passes it as arguments in C<@_>. The C<url_create> action then
136 uses a simple call to the DBIC C<create> method to add the requested
137 information to the database (with a separate call to
138 C<add_to_book_authors> to update the join table). As do virtually all
139 controller methods (at least the ones that directly handle user input),
140 it then sets the template that should handle this request.
143 =head2 Include a Template for the C<url_create> Action:
145 Edit C<root/src/books/create_done.tt2> and then enter:
147 [% # Use the TT Dumper plugin to Data::Dumper variables to the browser -%]
148 [% # Not a good idea for production use, though. :-) 'Indent=1' is -%]
149 [% # optional, but prevents "massive indenting" of deeply nested objects -%]
150 [% USE Dumper(Indent=1) -%]
152 [% # Set the page title. META can 'go back' and set values in templates -%]
153 [% # that have been processed 'before' this template (here it's for -%]
154 [% # root/lib/site/html and root/lib/site/header). Note that META on -%]
155 [% # simple strings (e.g., no variable interpolation). -%]
156 [% META title = 'Book Created' %]
158 [% # Output information about the record that was added. First title. -%]
159 <p>Added book '[% book.title %]'
161 [% # Output the last name of the first author. This is complicated by an -%]
162 [% # issue in TT 2.15 where blessed hash objects are not handled right. -%]
163 [% # First, fetch 'book.authors' from the DB once. -%]
164 [% authors = book.authors %]
165 [% # Now use IF statements to test if 'authors.first' is "working". If so, -%]
166 [% # we use it. Otherwise we use a hack that seems to keep TT 2.15 happy. -%]
167 by '[% authors.first.last_name IF authors.first;
168 authors.list.first.value.last_name IF ! authors.first %]'
170 [% # Output the rating for the book that was added -%]
171 with a rating of [% book.rating %].</p>
173 [% # Provide a link back to the list page -%]
174 [% # 'uri_for()' builds a full URI; e.g., 'http://localhost:3000/books/list' -%]
175 <p><a href="[% c.uri_for('/books/list') %]">Return to list</a></p>
177 [% # Try out the TT Dumper (for development only!) -%]
179 Dump of the 'book' variable:
180 [% Dumper.dump(book) %]
183 The TT C<USE> directive allows access to a variety of plugin modules
184 (TT plugins, that is, not Catalyst plugins) to add extra functionality
185 to the base TT capabilities. Here, the plugin allows
186 L<Data::Dumper|Data::Dumper> "pretty printing" of objects and
187 variables. Other than that, the rest of the code should be familiar
188 from the examples in Part 3.
191 =head2 Try the C<url_create> Feature
193 If the application is still running from before, use C<Ctrl-C> to kill
194 it. Then restart the server:
196 $ DBIC_TRACE=1 script/myapp_server.pl
198 Note that new path for C</books/url_create> appears in the startup debug
201 B<TIP>: You can use C<script/myapp_server.pl -r> to have the development
202 server auto-detect changed files and reload itself (if your browser acts
203 odd, you should also try throwing in a C<-k>). If you make changes to
204 the TT templates only, you do not need to reload the development server
205 (only changes to "compiled code" such as Controller and Model C<.pm>
206 files require a reload).
208 Next, use your browser to enter the following URL:
210 http://localhost:3000/books/url_create/TCPIP_Illustrated_Vol-2/5/4
212 Your browser should display "Added book 'TCPIP_Illustrated_Vol-2' by
213 'Stevens' with a rating of 5." along with a dump of the new book model
214 object as it was returned by DBIC. You should also see the following
215 DBIC debug messages displayed in the development server log messages
216 if you have DBIC_TRACE set:
218 INSERT INTO books (rating, title) VALUES (?, ?): `5', `TCPIP_Illustrated_Vol-2'
219 INSERT INTO book_authors (author_id, book_id) VALUES (?, ?): `4', `6'
220 SELECT author.id, author.first_name, author.last_name
221 FROM book_authors me JOIN authors author
222 ON ( author.id = me.author_id ) WHERE ( me.book_id = ? ): '6'
224 The C<INSERT> statements are obviously adding the book and linking it to
225 the existing record for Richard Stevens. The C<SELECT> statement results
226 from DBIC automatically fetching the book for the C<Dumper.dump(book)>.
228 If you then click the "Return to list" link, you should find that
229 there are now six books shown (if necessary, Shift+Reload or
230 Ctrl+Reload your browser at the C</books/list> page).
233 =head1 CONVERT TO A CHAINED ACTION
235 Although the example above uses the same C<Local> action type for the
236 method that we saw in the previous part of the tutorial, there is an
237 alternate approach that allows us to be more specific while also
238 paving the way for more advanced capabilities. Change the method
239 declaration for C<url_create> in C<lib/MyApp/Controller/Books.pm> you
240 entered above to match the following:
242 sub url_create :Chained('/') :PathPart('books/url_create') :Args(3) {
244 This converts the method to take advantage of the Chained
245 action/dispatch type. Chaining let's you have a single URL
246 automatically dispatch to several controller methods, each of which
247 can have precise control over the number of arguments that it will
248 receive. A chain can essentially be thought of having three parts --
249 a beginning, a middle and an end. The bullets below summarize the key
250 points behind each of these parts of a chain:
264 B<Use "C<:Chained('/')>" to start a chain>
268 Get arguments through C<CaptureArgs()>
272 Specify the path to match with C<PathPart()>
285 Link to previous part of the chain with C<:Chained('_name_')>
289 Get arguments through C<CaptureArgs()>
293 Specify the path to match with C<PathPart()>
306 Link to previous part of the chain with C<:Chained('_name_')>
310 B<Do NOT get arguments through "C<CaptureArgs()>," use "C<Args()>" instead to end a chain>
314 Specify the path to match with C<PathPart()>
321 In our C<url_create> method above, we have combined all 3 parts into a
322 single method: C<:Chained('/')> to start the chain,
323 C<:PathPart('books/url_create')> to specify the base URL to match,
324 along with C<:Args(3)> to capture exactly 3 arguments and also end the
327 As we will see shortly, a chain can consist of as many "links" as you
328 wish, with each part capturing some arguments and doing some work
329 along the way. We will continue to use the Chained action type in this
330 part of the tutorial and explore slightly more advanced capabilities
331 with the base method and delete feature below. But Chained dispatch
332 is capable of far more. For additional information, see
333 L<Catalyst::Manual::Intro/Action types>,
334 L<Catalyst::DispatchType::Chained|Catalyst::DispatchType::Chained>,
335 and the 2006 advent calendar entry on the subject:
336 L<http://www.catalystframework.org/calendar/2006/10>.
339 =head2 Try the Chained Action
341 If you look back at the development server startup logs from your
342 initial version of the C<url_create> method (the one using the
343 C<:Local> attribute), you will notice that it produced output similar
346 [debug] Loaded Path actions:
347 .-------------------------------------+--------------------------------------.
349 +-------------------------------------+--------------------------------------+
352 | /books | /books/index |
353 | /books/list | /books/list |
354 | /books/url_create | /books/url_create |
355 '-------------------------------------+--------------------------------------'
357 Now start the development server with our basic chained method in
358 place and the startup debug output should change to something along
359 the lines of the following:
361 [debug] Loaded Path actions:
362 .-------------------------------------+--------------------------------------.
364 +-------------------------------------+--------------------------------------+
367 | /books | /books/index |
368 | /books/list | /books/list |
369 '-------------------------------------+--------------------------------------'
371 [debug] Loaded Chained actions:
372 .-------------------------------------+--------------------------------------.
373 | Path Spec | Private |
374 +-------------------------------------+--------------------------------------+
375 | /books/url_create/*/*/* | /books/url_create |
376 '-------------------------------------+--------------------------------------'
378 C<url_create> has disappeared form the "Loaded Path actions" section
379 but it now shows up under the newly created "Loaded Chained actions"
380 section. And, the "/*/*/*" portion clearly shows our requirement for
383 As with our non-chained version of C<url_create>, use your browser to
384 enter the following URL:
386 http://localhost:3000/books/url_create/TCPIP_Illustrated_Vol-2/5/4
388 You should see the same "Added book 'TCPIP_Illustrated_Vol-2' by
389 'Stevens' with a rating of 5." along with a dump of the new book model
390 object. Click the "Return to list" link, you should find that there
391 are now seven books shown (two copies of TCPIP_Illustrated_Vol-2).
394 =head2 Refactor to Use a "Base" Method to Start the Chains
396 Let's make a quick update to our initial Chained action to show a
397 little more of the power of chaining. First, open
398 C<lib/MyApp/Controller/Books.pm> in your editor and add the following
403 Can place common logic to start chained dispatch here
407 sub base :Chained('/') :PathPart('books') :CaptureArgs(0) {
410 # Store the resultset in stash so it's available for other methods
411 $c->stash->{resultset} = $c->model('DB::Books');
413 # Print a message to the debug log
414 $c->log->debug('*** INSIDE BASE METHOD ***');
417 Here we print a log message and store the DBIC resultset in
418 C<$c-E<gt>stash-E<gt>{resultset}> so that it's automatically available
419 for other actions that chain off C<base>. If your controller always
420 needs a book ID as it's first argument, you could have the base method
421 capture that argument (with C<:CaptureArgs(1)>) and use it to pull the
422 book object with C<-E<gt>find($id)> and leave it in the stash for
423 later parts of your chains to then act upon. Because we have several
424 actions that don't need to retrieve a book (such as the C<url_create>
425 we are working with now), we will instead add that functionality
426 to a common C<object> action shortly.
428 As for C<url_create>, let's modify it to first dispatch to C<base>.
429 Open up C<lib/MyApp/Controller/Books.pm> and edit the declaration for
430 C<url_create> to match the following:
432 sub url_create :Chained('base') :PathPart('url_create') :Args(3) {
434 Next, try out the refactored chain by restarting the development
435 server. Notice that our "Loaded Chained actions" section has changed
438 [debug] Loaded Chained actions:
439 .-------------------------------------+--------------------------------------.
440 | Path Spec | Private |
441 +-------------------------------------+--------------------------------------+
442 | /books/url_create/*/*/* | /books/base (0) |
443 | | => /books/url_create |
444 '-------------------------------------+--------------------------------------'
446 The "Path Spec" is the same, but now it maps to two Private actions as
449 Once again, enter the following URL into your browser:
451 http://localhost:3000/books/url_create/TCPIP_Illustrated_Vol-2/5/4
453 The same "Added book 'TCPIP_Illustrated_Vol-2' by 'Stevens' with a
454 rating of 5" message and dump of the new book object should appear.
455 Also notice the extra debug message in the development server output
456 from the C<base> method. Click the "Return to list" link, you should
457 find that there are now eight books shown.
460 =head1 MANUALLY BUILDING A CREATE FORM
462 Although the C<url_create> action in the previous step does begin to
463 reveal the power and flexibility of both Catalyst and DBIC, it's
464 obviously not a very realistic example of how users should be expected
465 to enter data. This section begins to address that concern.
468 =head2 Add Method to Display The Form
470 Edit C<lib/MyApp/Controller/Books.pm> and add the following method:
474 Display form to collect information for book to create
478 sub form_create :Chained('base') :PathPart('form_create') :Args(0) {
481 # Set the TT template to use
482 $c->stash->{template} = 'books/form_create.tt2';
485 This action simply invokes a view containing a book creation form.
488 =head2 Add a Template for the Form
490 Open C<root/src/books/form_create.tt2> in your editor and enter:
492 [% META title = 'Manual Form Book Create' -%]
494 <form method="post" action="[% c.uri_for('form_create_do') %]">
496 <tr><td>Title:</td><td><input type="text" name="title"></td></tr>
497 <tr><td>Rating:</td><td><input type="text" name="rating"></td></tr>
498 <tr><td>Author ID:</td><td><input type="text" name="author_id"></td></tr>
500 <input type="submit" name="Submit" value="Submit">
503 Note that we have specified the target of the form data as
504 C<form_create_do>, the method created in the section that follows.
507 =head2 Add a Method to Process Form Values and Update Database
509 Edit C<lib/MyApp/Controller/Books.pm> and add the following method to
510 save the form information to the database:
512 =head2 form_create_do
514 Take information from form and add to database
518 sub form_create_do :Chained('base') :PathPart('form_create_do') :Args(0) {
521 # Retrieve the values from the form
522 my $title = $c->request->params->{title} || 'N/A';
523 my $rating = $c->request->params->{rating} || 'N/A';
524 my $author_id = $c->request->params->{author_id} || '1';
527 my $book = $c->model('DB::Books')->create({
531 # Handle relationship with author
532 $book->add_to_book_authors({author_id => $author_id});
534 # Store new model object in stash
535 $c->stash->{book} = $book;
537 # Avoid Data::Dumper issue mentioned earlier
538 # You can probably omit this
539 $Data::Dumper::Useperl = 1;
541 # Set the TT template to use
542 $c->stash->{template} = 'books/create_done.tt2';
546 =head2 Test Out The Form
548 If the application is still running from before, use C<Ctrl-C> to kill
549 it. Then restart the server:
551 $ script/myapp_server.pl
553 Notice that the server startup log reflects the two new chained
554 methods that we added:
556 [debug] Loaded Chained actions:
557 .-------------------------------------+--------------------------------------.
558 | Path Spec | Private |
559 +-------------------------------------+--------------------------------------+
560 | /books/form_create | /books/base (0) |
561 | | => /books/form_create |
562 | /books/form_create_do | /books/base (0) |
563 | | => /books/form_create_do |
564 | /books/url_create/*/*/* | /books/base (0) |
565 | | => /books/url_create |
566 '-------------------------------------+--------------------------------------'
568 Point your browser to L<http://localhost:3000/books/form_create> and
569 enter "TCP/IP Illustrated, Vol 3" for the title, a rating of 5, and an
570 author ID of 4. You should then see the output of the same
571 C<create_done.tt2> template seen in earlier examples. Finally, click
572 "Return to list" to view the full list of books.
574 B<Note:> Having the user enter the primary key ID for the author is
575 obviously crude; we will address this concern with a drop-down list in
579 =head1 A SIMPLE DELETE FEATURE
581 Turning our attention to the delete portion of CRUD, this section
582 illustrates some basic techniques that can be used to remove information
586 =head2 Include a Delete Link in the List
588 Edit C<root/src/books/list.tt2> and update it to the following (two
589 sections have changed: 1) the additional '<th>Links</th>' table header,
590 and 2) the four lines for the Delete link near the bottom).
592 [% # This is a TT comment. The '-' at the end "chomps" the newline. You won't -%]
593 [% # see this "chomping" in your browser because HTML ignores blank lines, but -%]
594 [% # it WILL eliminate a blank line if you view the HTML source. It's purely -%]
595 [%- # optional, but both the beginning and the ending TT tags support chomping. -%]
597 [% # Provide a title to root/lib/site/header -%]
598 [% META title = 'Book List' -%]
601 <tr><th>Title</th><th>Rating</th><th>Author(s)</th><th>Links</th></tr>
602 [% # Display each book in a table row %]
603 [% FOREACH book IN books -%]
605 <td>[% book.title %]</td>
606 <td>[% book.rating %]</td>
608 [% # First initialize a TT variable to hold a list. Then use a TT FOREACH -%]
609 [% # loop in 'side effect notation' to load just the last names of the -%]
610 [% # authors into the list. Note that the 'push' TT vmethod does not -%]
611 [% # a value, so nothing will be printed here. But, if you have something -%]
612 [% # in TT that does return a method and you don't want it printed, you -%]
613 [% # can: 1) assign it to a bogus value, or 2) use the CALL keyword to -%]
614 [% # call it and discard the return value. -%]
616 tt_authors.push(author.last_name) FOREACH author = book.authors %]
617 [% # Now use a TT 'virtual method' to display the author count in parens -%]
618 ([% tt_authors.size %])
619 [% # Use another TT vmethod to join & print the names & comma separators -%]
620 [% tt_authors.join(', ') %]
623 [% # Add a link to delete a book %]
624 <a href="[% c.uri_for(c.controller.action_for('delete'), [book.id]) %]">Delete</a>
630 The additional code is obviously designed to add a new column to the
631 right side of the table with a C<Delete> "button" (for simplicity,
632 links will be used instead of full HTML buttons).
634 Also notice that we are using a more advanced form of C<uri_for> than
635 we have seen before. Here we use C<$c-E<gt>controller-
636 E<gt>action_for> to automatically generate a URI appropriate for that
637 action based on the method we want to link to while inserting the
638 C<book.id> value into the appropriate place. Now, if you ever change
639 C<:PathPart('delete')> in your controller method to
640 C<:PathPart('kill')>, then your links will automatically update
641 without any changes to your .tt2 template file. As long as the name
642 of your method does not changed ("delete" here), then your links will
643 still be correct. There are a few shortcuts and options when using
650 If you are referring to a method in the current controller, you can
651 use C<$self-E<gt>action_for('_method_name_')>.
655 If you are referring to a method in a different controller, you need
656 to include that controller's name as an argument to C<controller()>, as in
657 C<$c-E<gt>controller('_controller_name_')-E<gt>action_for('_method_name_')>.
661 B<Note:> In practice you should B<never> use a GET request to delete a
662 record -- always use POST for actions that will modify data. We are
663 doing it here for illustrative and simplicity purposes only.
666 =head2 Add a Common Method to Retrieve a Book for the Chain
668 As mentioned earlier, since we have a mixture of actions that operate
669 on a single book ID and others that do no, we should not have C<base>
670 capture the book ID, find the corresponding book in the database and
671 save it in the stash for later links in the chain. However, just
672 because that logic does not belong in C<base> doesn't mean that we
673 can't create another location to centralize the book lookup code. In
674 our case, we will create a method called C<object> that will store the
675 specific book in the stash. Chains that always operate on a single
676 existing book can chain off this method, but methods such as
677 C<url_create> that don't operate on an existing book can chain
680 To add the C<object> method, edit C<lib/MyApp/Controller/Books.pm>
681 and add the following code:
685 Fetch the specified book object based on the book ID and store
690 sub object :Chained('base') :PathPart('id') :CaptureArgs(1) {
691 # $id = primary key of book to delete
692 my ($self, $c, $id) = @_;
694 # Find the book object and store it in the stash
695 $c->stash(object => $c->stash->{resultset}->find($id));
697 # Make sure the lookup was successful. You would probably
698 # want to do something like this in a real app:
699 # $c->detach('/error_404') if !$c->stash->{object};
700 die "Book $id not found!" if !$c->stash->{object};
703 Now, any other method that chains off C<object> will automatically
704 have the appropriate book waiting for it in
705 C<$c-E<gt>stash-Egt>{object}>.
707 Also note that we are using different technique for setting
708 C<$c-E<gt>stash>. The advantage of this style is that it let's you
709 set multiple stash variables at a time. For example:
711 $c->stash(object => $c->stash->{resultset}->find($id),
716 $c->stash({object => $c->stash->{resultset}->find($id),
717 another_thing => 1});
719 Either format works, but the C<$c-E<gt>stash(name =E<gt> value);>
720 style is growing in popularity -- you may which to use it all
721 the time (even when you are only setting a single value).
724 =head2 Add a Delete Action to the Controller
726 Open C<lib/MyApp/Controller/Books.pm> in your editor and add the
735 sub delete :Chained('object') :PathPart('delete') :Args(0) {
738 # Use the book object saved by 'object' and delete it along
739 # with related 'book_authors' entries
740 $c->stash->{object}->delete;
742 # Set a status message to be displayed at the top of the view
743 $c->stash->{status_msg} = "Book deleted.";
745 # Forward to the list action/method in this controller
749 This method first deletes the book object saved by the C<object> method.
750 However, it also removes the corresponding entry from the
751 C<book_authors> table with a cascading delete.
753 Then, rather than forwarding to a "delete done" page as we did with the
754 earlier create example, it simply sets the C<status_msg> to display a
755 notification to the user as the normal list view is rendered.
757 The C<delete> action uses the context C<forward> method to return the
758 user to the book list. The C<detach> method could have also been used.
759 Whereas C<forward> I<returns> to the original action once it is
760 completed, C<detach> does I<not> return. Other than that, the two are
764 =head2 Try the Delete Feature
766 If the application is still running from before, use C<Ctrl-C> to kill
767 it. Then restart the server:
769 $ DBIC_TRACE=1 script/myapp_server.pl
771 The C<delete> method now appears in the "Loaded Chained actions" section
772 of the startup debug output:
774 [debug] Loaded Chained actions:
775 .-------------------------------------+--------------------------------------.
776 | Path Spec | Private |
777 +-------------------------------------+--------------------------------------+
778 | /books/id/*/delete | /books/base (0) |
779 | | -> /books/object (1) |
780 | | => /books/delete |
781 | /books/form_create | /books/base (0) |
782 | | => /books/form_create |
783 | /books/form_create_do | /books/base (0) |
784 | | => /books/form_create_do |
785 | /books/url_create/*/*/* | /books/base (0) |
786 | | => /books/url_create |
787 '-------------------------------------+--------------------------------------'
789 Then point your browser to L<http://localhost:3000/books/list> and click
790 the "Delete" link next to the first "TCPIP_Illustrated_Vol-2". A green
791 "Book deleted" status message should display at the top of the page,
792 along with a list of the eight remaining books. You will also see the
793 cascading delete operation via the DBIC_TRACE output:
795 DELETE FROM books WHERE ( id = ? ): '6'
796 SELECT me.book_id, me.author_id FROM book_authors me WHERE ( me.book_id = ? ): '6'
797 DELETE FROM book_authors WHERE ( author_id = ? AND book_id = ? ): '4', '6'
800 =head2 Fixing a Dangerous URL
802 Note the URL in your browser once you have performed the deletion in the
803 prior step -- it is still referencing the delete action:
805 http://localhost:3000/books/delete/6
807 What if the user were to press reload with this URL still active? In
808 this case the redundant delete is harmless (although it does generate
809 an exception screen, it doesn't perform any undesirable actions on the
810 application or database), but in other cases this could clearly be
813 We can improve the logic by converting to a redirect. Unlike
814 C<$c-E<gt>forward('list'))> or C<$c-E<gt>detach('list'))> that perform
815 a server-side alteration in the flow of processing, a redirect is a
816 client-side mechanism that causes the browser to issue an entirely
817 new request. As a result, the URL in the browser is updated to match
818 the destination of the redirection URL.
820 To convert the forward used in the previous section to a redirect,
821 open C<lib/MyApp/Controller/Books.pm> and edit the existing
822 C<sub delete> method to match:
830 sub delete :Chained('object') :PathPart('delete') :Args(0) {
833 # Use the book object saved by 'object' and delete it along
834 # with related 'book_authors' entries
835 $c->stash->{object}->delete;
837 # Set a status message to be displayed at the top of the view
838 $c->stash->{status_msg} = "Book deleted.";
840 # Redirect the user back to the list page. Note the use
841 # of $self->action_for as earlier in this section (BasicCRUD)
842 $c->response->redirect($c->uri_for($self->action_for('list')));
846 =head2 Try the Delete and Redirect Logic
848 Restart the development server and point your browser to
849 L<http://localhost:3000/books/list> (don't just hit "Refresh" in your
850 browser since we left the URL in an invalid state in the previous
851 section!) and delete the first copy of the remaining two
852 "TCPIP_Illustrated_Vol-2" books. The URL in your browser should return
853 to the L<http://localhost:3000/books/list> URL, so that is an
854 improvement, but notice that I<no green "Book deleted" status message is
855 displayed>. Because the stash is reset on every request (and a redirect
856 involves a second request), the C<status_msg> is cleared before it can
860 =head2 Using C<uri_for> to Pass Query Parameters
862 There are several ways to pass information across a redirect. One
863 option is to use the C<flash> technique that we will see in Part 5 of
864 the tutorial; however, here we will pass the information via query
865 parameters on the redirect itself. Open
866 C<lib/MyApp/Controller/Books.pm> and update the existing C<sub delete>
867 method to match the following:
875 sub delete :Chained('object') :PathPart('delete') :Args(0) {
878 # Use the book object saved by 'object' and delete it along
879 # with related 'book_authors' entries
880 $c->stash->{object}->delete;
882 # Redirect the user back to the list page with status msg as an arg
883 $c->response->redirect($c->uri_for($self->action_for('list'),
884 {status_msg => "Book deleted."}));
887 This modification simply leverages the ability of C<uri_for> to include
888 an arbitrary number of name/value pairs in a hash reference. Next, we
889 need to update C<root/src/wrapper.tt2> to handle C<status_msg> as a
894 [%# Status and error messages %]
895 <span class="message">[% status_msg || c.request.params.status_msg %]</span>
896 <span class="error">[% error_msg %]</span>
897 [%# This is where TT will stick all of your template's contents. -%]
899 </div><!-- end content -->
902 Although the sample above only shows the C<content> div, leave the
903 rest of the file intact -- the only change we made to the C<wrapper.tt2>
904 was to add "C<|| c.request.params.status_msg>" to the
905 C<E<lt>span class="message"E<gt>> line.
908 =head2 Try the Delete and Redirect With Query Param Logic
910 Restart the development server and point your browser to
911 L<http://localhost:3000/books/list> (you should now be able to safely
912 hit "refresh" in your browser). Then delete the remaining copy of
913 "TCPIP_Illustrated_Vol-2". The green "Book deleted" status message
916 B<NOTE:> Another popular method for maintaining server-side
917 information across a redirect is to use the C<flash> technique we
918 discuss in the next part of the tutorial,
919 L<Authentication|Catalyst::Manual::Tutorial::Authentication>. While
920 C<flash> is a "slicker" mechanism in that it's all handled by the
921 server and doesn't "pollute" your URLs, B<it is important to note that
922 C<flash> can lead to situations where the wrong information shows up
923 in the wrong browser window if the user has multiple windows or
924 browser tabs open.> For example, Window A causes something to be
925 placed in the stash, but before that window performs a redirect,
926 Window B makes a request to the server and gets the status information
927 that should really go to Window A. For this reason, you may wish
928 to use the "query param" technique shown here in your applications.
933 Kennedy Clark, C<hkclark@gmail.com>
935 Please report any errors, issues or suggestions to the author. The
936 most recent version of the Catalyst Tutorial can be found at
937 L<http://dev.catalyst.perl.org/repos/Catalyst/Catalyst-Manual/5.70/trunk/lib/Catalyst/Manual/Tutorial/>.
939 Copyright 2006-2008, Kennedy Clark, under Creative Commons License
940 (L<http://creativecommons.org/licenses/by-sa/3.0/us/>).