I have a page who i can see all user profiles.
So i have a foreach who show me all my profiles.
i want to display the user email
this is the way i do:
{{$user->email}}
but i want to encode the mailto because i want to prevent spam mails
so i want it like:
<a href="mailto:mail#example.com">
instead of
<mail#example.com
does anyone know how i can do this in laravel?
because there is a tool like this:http://www.wbwip.com/wbw/emailencoder.html
but here i can only encode one email
is there a way in laravel who i can say encode($user->email) and then i have the mail like on the top??
thank you so much!
i searched everywhere but i can not find anything
maybe what you need is htmlentities in php
htmlentities — Convert all applicable characters to HTML entities
read more here
You should try this:
{!! link_to("mailto:".$user->email, $user->email) !!}
Related
Currently, my solution to display an encoded ID is like that:
<p v-text='"Reservation code: "+ #json($orderJson).id'></p> //R. code: wYeyjo6l42
But I would prefer to use it like:
<p>#json($orderJson->id)</p> //but returns: 8 (not encoded)
How can I get the transformed attributes?
p.S. Yes I know it's used for API, but I'm even using it to handle objects to Vue via Blade.
Well, I dug up in the code and found out you can use resolve().
So one solution would be:
<p>Reservation code: {{ $orderJson->resolve()['id'] }}</p>
I send invitation by mail to users with a encrypted email to know which user respond to invitation. Something like:
Hello, click on this link to start learning: https://example.org/start-learning?e=fwTreaN0WybffXdDfZZUNYB3FTFfZObCb7QFF5C4AFJvTjXabIPtRfcoXLkFYMUvD4FIZsmrDdEFN2OPKcTrAOSQLZfuKdfwcic1WtBxWSXWR1GEJD6we213A3BEPBpca0BxaaQ4GGMPFeRyXp6fPrG9WnTgWogwXUcnVtdwSEEdNHGuZsClTxR2AtD2JZN8VAEsRQKpFFShEDR2SET4KxGhLGM3M0FdDelrJtO8KXS2YRaddH==
The encrypted email is the long string above. I encode mail like this in a Mailable class:
$url = 'https://example.org/start-learning?e=' . encrypt($this->to[0]['address']);
Then this $url is added in a mail template like this:
<a href="{{$url}}>click me<a>
Then, when user clicks the link, it routes to a controller and the controller decrypts the payload:
decrypt($request->input('e'));
Then, it works for about 99% of people clicking link. But for about one percent, it does not work, I have an error decrypting. And I don't know why. This is the same Laravel application which encrypts and decrypts. Is there an reason for such a weird behavior?
Side note: I know decrypt always work and has not a random behavior (BTW I tested it on 10000 entries, it's OK). There must be something else with the mail process I don't understand.
I think you should use urlencode() when creating link so instead of:
$url = 'https://example.org/start-learning?e=' . encrypt($this->to[0]['address']);
you should use:
$url = 'https://example.org/start-learning?e=' . urlencode(encrypt($this->to[0]['address']));
to make sure it will be valid.
This is my previous question Get model id from route/url and the solution was very smart, however i am afraid of manipulation of this
{!! Form::hidden('event_id', $event->id) !!}
A user AntoineB has said : " It cannot be manipulated if you're securing your application properly, this is the best way to do it."
What can i do to secure my app from manipulating this field and to check if it corresponds to the event id that user actually clicked?
How to check this field?
As I commented before you can't as all event_id on your website are visible to all users that can use console in browser.
What you can do is encode/encrypt your event_id (Laravel provides encryption)
{!! Form::hidden('event_id', encrypt($event->id)) !!}
And when you send POST/GET on server side
$decrypted_event_id = (int)decrypt($request->input('event_id'));
$event = Event::find($decrypted_event_id);
Also you could make restrictions for specific user for particular event_ids
But encypting will hide the actual value of ID
Encrypting doesnt protects you but it makes harder for user to understand what ID your event has.
This is alternative 3rd party library for hash ids click you may use this if dont like long character of laravel encryption
Hmmm... What?
$request->event_id
I want to implement a link in my application, but instead of it following this format:
/origin/{number}
I want it to look like this:
/origin=number
How do I implement a route successfully which will understand this link format? Surely Laravel is flexible enough to not only be able to parse slash-based URLs?
This should work:
Route::get('/origin={number}', ...);
I want to display user comments on my site and I am escaping the output using html_escape (htmlspecialchars in Codeigniter). But I also want to activate URLs in the comments using Codeigniter's auto_link function.
How can I apply both functions to the same variable/content?
<?php echo html_escape($review); ?>
<?php echo auto_link($review); ?>
I have to use html_escape, because I don't trust the user content; but I would like to show URLs entered, if possible. Note: there is no conflict between the characters in html_escape and in auto_link.
auto_link(html_escape($review))
However, if you don't trust your users, don't parse their links. Assuming your users provide insightful comments like
Free cheap drugs at http://example.com/
auto_link(html_escape($review)) will still parse the link.