With regards to validation considering the scope of the app i'm working on,
i will be using @auth.requires_login() to control and restrict who does
what but thanks for bringing up digitally signed URL, i will be looking
extensively in to that, its an interesting topic.
I have changed my code, i have been specific with my ID:
if db(db.invoice.id == request.args(0, cast=int)).delete():
redirect(URL('registeredClients'))
It does the deleting but the thing is it deletes the items that appear in
my invoice one at a time, if i have 10 items i have to keep clicking the
delete link 10 times until the invoice is no more but it would be great if
i could be able to erase all the 10 items by clicking once, more like if i
were using this
if db(db.invoice.id > 0).delete():
redirect(URL('registeredClients'))
but only specific to only one invoice for the selected client and not
erasing everything in the database
On Tuesday, January 8, 2019 at 12:05:15 AM UTC+2, Anthony wrote:
>
> On Monday, January 7, 2019 at 2:06:43 AM UTC-5, mostwanted wrote:
>>
>> My delete function is not working, I think I am doing doing something
>> wrong but i'm not sure where, I thought the code below would get me home
>> but nothing is happening, nothing is getting deleted! Please advice:
>>
>> *DELETE FUNCTION CONTROLLER CODE:*
>> def deleteInvoice():
>> query=db.invoice(request.args(0, cast=int))
>> remove=db(db.invoice.customer==query.id).delete()
>>
>
> Again, the first line serves no purpose, as it is simply used to retrieve
> the ID that you already have. Just do:
>
> if db(db.invoice.customer == request.args(0, cast=int)).delete():
> redirect(URL('registeredClients'))
>
> If that's not working, presumably request.args(0) is not the value of any
> "customer" in the db.invoice table, so your bug lies in the code that
> produces the URL that leads here.
>
> Also, it doesn't look like your code does any validation to determine if
> the user is allowed to delete all of these customer invoices. You should
> probably confirm that the customer ID submitted is the customer ID of the
> current user (you could use a digitally signed URL, a session variable, or
> do a lookup).
>
> Anthony
>
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
