How do I pass current item to Java method by clicking a hyperlink or button in JSP page? -


i have html table rows fetched database displayed in table. want user able delete row clicking on delete hyperlink or button besides each row.

how invoke jsp function on page, when user clicks on each of delete hyperlinks or button, can delete row's entry database? should <a> or <button> tag have call jsp function?

note need call jsp function, not javascript function.

simplest way: let link point jsp page , pass row id parameter:

<a href="delete.jsp?id=1">delete</a>

and in delete.jsp (i'm leaving obvious request parameter checking/validating aside):

<% dao.delete(long.valueof(request.getparameter("id"))); %>

this pretty poor practice (that still understatement) , due 2 reasons:

  1. http requests modifies data on server side should not done get, post. links implicit get. imagine happen when web crawler googlebot tries follow delete links. should use <form method="post"> , <button type="submit"> delete action. can use css style button link. edit links preload item prefill edit form can safely get.

  2. putting business logic (functions call it) in jsp using scriptlets (those <% %> things) discouraged. should use servlet control, preprocess , postprocess http requests.

since didn't tell word servlet in question, suspect you're using scriptlets load data db , display in table. should done servlet.

here's basic kickoff example how all. have no idea table data represents, let take product example.

public class product {     private long id;     private string name;     private string description;     private bigdecimal price;     // add/generate public getters , setters. }

and jsp file uses jstl (just drop jstl-1.2.jar in /web-inf/lib install it) display products in table edit link , delete button in each row:

<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %> <%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt" %> ... <form action="products" method="post">     <table>         <c:foreach items="${products}" var="product">             <tr>                 <td><c:out value="${fn:escapexml(product.name)}" /></td>                 <td><c:out value="${product.description}" /></td>                 <td><fmt:formatnumber value="${product.price}" type="currency" currencycode="usd" /></td>                 <td><a href="${pagecontext.request.contextpath}/product?edit=${product.id}">edit</a></td>                 <td><button type="submit" name="delete" value="${product.id}">delete</button></td>             </tr>         </c:foreach>     </table>     <a href="${pagecontext.request.contextpath}/product">add</a> </form>

name products.jsp , put in /web-inf folder it's not directly accessible url (so enduser forced call servlet that).

here's how servlet (validation omitted brevity):

@webservlet("/products") public class productsservlet extends httpservlet {      private productdao productdao; // ejb, plain dao, etc.      @override     protected void doget(httpservletrequest request, httpservletresponse response) throws servletexception, ioexception {         list<product> products = productdao.list();         request.setattribute("products", products); // available ${products} in jsp.         request.getrequestdispatcher("/web-inf/products.jsp").forward(request, response);     }      @override     protected void dopost(httpservletrequest request, httpservletresponse response) throws servletexception, ioexception {         string delete = request.getparameter("delete");          if (delete != null) { // delete button pressed?             productdao.delete(long.valueof(delete));         }          response.sendredirect(request.getcontextpath() + "/products"); // refresh page table.     }  }

here's how add/edit form @ /web-inf/product.jsp can like:

<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %> ... <form action="product" method="post">     <label for="name">name</label>     <input id="name" name="name" value="${fn:escapexml(product.name)}" />     <br/>     <label for="description">description</label>     <input id="description" name="description" value="${fn:escapexml(product.description)}" />     <br/>     <label for="price">price</label>     <input id="price" name="price" value="${fn:escapexml(product.price)}" />     <br/>     <button type="submit" name="save" value="${product.id}">save</button> </form>

the fn:escapexml() there prevent xss attacks when edit data redisplayed, same <c:out>, better suitable usage in attribtues.

here's how product servlet can (again, conversion/validation omitted brevity):

@webservlet("/product") public class productservlet extends httpservlet {      private productdao productdao; // ejb, plain dao, etc.      @override     protected void doget(httpservletrequest request, httpservletresponse response) throws servletexception, ioexception {         string edit = request.getparameter("edit");          if (edit != null) { // edit link clicked?             product product = productdao.find(long.valueof(delete));             request.setattribute("product", product); // available ${product} in jsp.         }          request.getrequestdispatcher("/web-inf/product.jsp").forward(request, response);     }      @override     protected void dopost(httpservletrequest request, httpservletresponse response) throws servletexception, ioexception {         string save = request.getparameter("save");          if (save != null) { // save button pressed? (note: if empty no product id supplied, means it's "add product".             product product = (save.isempty()) ? new product() : productdao.find(long.valueof(save));             product.setname(request.getparameter("name"));             product.setdescription(request.getparameter("description"));             product.setprice(new bigdecimal(request.getparameter("price")));             productdao.save(product);         }          response.sendredirect(request.getcontextpath() + "/products"); // go page table.     }  }

deploy , run it. can open table http://example.com/contextname/products.

see also:


Comments

Post a Comment

Popular posts from this blog

Is there a better way to structure post methods in Class Based Views -

i'm using class based views in django , never specify url in ajax calls , omit action parameter in form because know these requests go through post method of class based view. notice view - profile page make many requests depending on user updating on page - post method become convoluted , if/else mess example: def post(self, request, *args, **kwargs): # handle user changing available date if request.post.get('availabledate') != none: self.updateavailabledate(request) return jsonresponse({'result':'success'}) if request.post.get('newprojectname') != none: creative_user = creativeuserprofile.objects.get(id = request.user.id) project = project.create_project(creative_user, request.post['newprojectname']) project.save() return jsonresponse({'projectid': project.id }) if request.post.get('projectimage') != none , request.files['file']: proj...
Read more

performance - Why is XCHG reg, reg a 3 micro-op instruction on modern Intel architectures? -

i'm doing micro-optimization on performance critical part of code , came across sequence of instructions (in at&t syntax): add %rax, %rbx mov %rdx, %rax mov %rbx, %rdx i thought had use case xchg allow me shave instruction , write: add %rbx, %rax xchg %rax, %rdx however, dimay found agner fog's instruction tables , xchg 3 micro-op instruction 2 cycle latency on sandy bridge, ivy bridge, broadwell, haswell , skylake. 3 whole micro-ops , 2 cycles of latency! 3 micro-ops throws off 4-1-1-1 cadence , 2 cycle latency makes worse original in best case since last 2 instructions in original might execute in parallel. now... cpu might breaking instruction micro-ops equivalent to: mov %rax, %tmp mov %rdx, %rax mov %tmp, %rdx where tmp anonymous internal register , suppose last 2 micro-ops run in parallel latency 2 cycles. given register renaming occurs on these micro-architectures, though, doesn't make sense me done way. why wouldn't register renamer ...
Read more

c# - Asp.net web api : redirect unauthorized requst to forbidden page -

im trying redirect unauthorized request forbidden page instead i'm getting forbidden page in response body , how can fix ? here's startup class : app.createperowincontext(storecontext.create); app.createperowincontext<applicationusermanager>(applicationusermanager.create); app.createperowincontext<applicationsigninmanager>(applicationsigninmanager.create); app.usecookieauthentication(new cookieauthenticationoptions { authenticationtype = defaultauthenticationtypes.applicationcookie, expiretimespan = timespan.fromdays(30), }); app.useexternalsignincookie(defaultauthenticationtypes.externalcookie); app.usetwofactorsignincookie(defaultauthenticationtypes.twofactorcookie, timespan.fromminutes(5)); app.usetwofactorrememberbrowsercookie(defaultauthenticationtypes.twofactorrememberbrowsercookie); the method im trying reach : [httpget] [authorize(roles = "admin")] public string getcurrentusername() { return userman...
Read more