擅长:python、mysql、java
<pre><code>from django.shortcuts import get_object_or_404
from django.core.urlresolvers import reverse
def delete(request, id):
note = get_object_or_404(Note, pk=id).delete()
return HttpResponseRedirect(reverse('notes.views.notes'))
</code></pre>
<p>在<code>urls.py</code>中</p>
<pre><code>url(r'^delete/(?P<id>\d+)/$','project.app.views.delete'),
</code></pre>
<p>确保在删除对象之前检查了用户权限,您可以使用@permission\u required decorator<a href="https://docs.djangoproject.com/en/1.5/topics/auth/default/#the-permission-required-decorator" rel="noreferrer">https://docs.djangoproject.com/en/1.5/topics/auth/default/#the-permission-required-decorator</a>。如果不检查,用户可以轻松删除所有笔记。</p>
<p>通常,使用POST或DELETE请求而不是GET从数据库中删除对象是一个好主意。想象一下google bot抓取你的站点并访问notes/delete/2。</p>