我正在使用 node、express、mysql 创建一个简单的应用程序。
我正在尝试创建一个可以从我的数据库中删除一行的路由,我写了一个纯 javascript xhr。
当我测试它时,我不断收到以下错误消息
POST http://localhost:3000/article/22 404 (Not Found)
这是我的:
主要.js
function handleDeleteClick(e, userId) {
e.preventDefault(); // Prevent default behaviour of this event (eg: submitting the form
// Perform the AJAX request to delete this user
var target = e.target;
var id = target.getAttribute('data-id');
var page = '/article/' + id;
var parameters = 'delete=true';
var xmlhttp = new XMLHttpRequest();
if (confirm('Are you sure you want to delete this?') == true) {
xmlhttp.onreadystatechange = function() {
if (xmlhttp.readyState == 4 && xmlhttp.status == 200) {
// Request completed
}
}
xmlhttp.open("POST", page, true);
xmlhttp.send(parameters);
}
}
和路由 app.js
app.delete('/article/:id', function(req, res) {
con.query(`DELETE FROM posts WHERE posts.id = ${req.params.id}`,
function(err, result, fields) {
if (err) {
console.log(err);
} else {
console.log("deleted Record: " + result.affectedRows);
res.redirect('/')
}
});
});
我错过了什么?
非常感谢帮助! 谢谢。
最佳答案
在 main.js 文件中将 POST 更改为 DELETE:
xmlhttp.open("DELETE", page, true);
您收到此 404 NOT FOUND 错误,因为路由 POST/article/:id 不存在(它是 DELETE/article/:id).
Note: Your DELETE-query is vulnerable for SQL-injection attacks escaping-query-values
转义查询值:
con.query('DELETE FROM posts WHERE posts.id = ?', [req.params.id]);
Note: Actually, correct http status for this case is
405 METHOD NOT ALLOWED, but express by default doesn't distinguish those cases
关于javascript - 使用 Node 、mysql、express 和纯 js 从数据库中删除一行,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/52648971/