I have some extra fields that need to be filled right after a user is registered.
Right now I've done it with an Event and couple of Listeners but I can't seem to find an elegant way to carry the data from the Registration page to the Listener so it can insert it in.
Should I use Events/Listeners or is there a better way (without changing the registerController).
I was thinking of getting rid of the Events and redirecting to another form right after registering where the other data to be inserted, but it's just couple of fields, so if there's a better way I would appreciate you sharing it.
Latest Laravel version with the default Auth installed.
I know you said without changing the RegisterController, but this way it doesn't change any of the logic inside it:
class RegisterController extends Controller
{
use RegistersUsers;
protected function registered(Request $request, $user)
{
// ... your code here
return redirect($this->redirectPath());
}
}
If your class has a registered() method it will be called right after a successful registration, so you can save the additional data there and then redirect the user.
Related
I'm working on a custom forum and when a post is added to a thread I have to notify the subscribed users. In the message I have to place the link for the user to go straight to the post. Something like this:
/forum/discussion/1/ateliers-et-expositions?page=2#forum-message-3
To be able to do that I need to know the page number of the entry. Does this feature exist on Laravel already? I couldn't find it in their docs and I know about features that exist but are not in their docs, so maybe it's there already and I'm just not aware of it.
I would like to avoid making a select in the database a loop through it to find the page number, if possible.
You most likely look for get() method of Request class. Assuming you want to get this in your controller method, say foo(), you should have:
use Illuminate\Http\Request;
public function foo(Request $request)
{
$page = $request->get('page');
...
I have some trouble figuring out how to do this properly.
I have Users that can create Articles which can be viewed, edited and deleted. I want to restrict the edit and delete actions if the currently logged in user is not the creator of the Article.
I have already done this using Policies and use Gate within a Form Request, but if i understand correctly FormRequest is only for POST requests. And I currently pass the FormRequest as a parameter to the getEdit() action. That seems wrong.
So how can I make sure the user can neither access nor edit the Article?
If you already defined a Policy you can directly access it using the Gate facade within your controller action like this:
public function getEdit($id)
{
$reference = Reference::findOrFail($id);
if (Gate::denies('owns-reference', $reference))
abort(403);
return view('reference.edit')
->with('reference', $reference);
}
Just make sure to include the Gate on top of your file like this:
use Gate;
Hello guys !
I'm working on an API that has a middleware authenticating the user with a unique ID. After making sure that this user exists, I want to send his database ID to the controller coming next, whichever it is.
Is that a good idea ? Or should I get that ID somehow after the middleware finished ?
How do I do that ?
Thanks !
Is that a good idea ? Or should I get that ID somehow after the middleware finished ?
It depends on what you want to do and how you routes are declared.
The routing is one of the first thing initialized by Laravel. You cannot pass parameter at run time (correct me if I'm wrong).
Plus, the controllers called after all midlewares has done their work.
I cannot garanty it's the more "beautiful" way to do this, but what i'm use to do is using Session::flash() or Session::put() when I want to pass parameters to my controllers at run time.
I use Session::flash() if the parameter has a one request life time, and Session::put() when I want the variable be more 'consistent' across the whole application.
I don't know if I am clear or not, tell me :)
Well, as long as you don't send that ID passing through the HTTP protocol, you should be fine since the user won't be able to tamper with the data.
That said, if you are using Laravel's built-in Auth module, you should just do an Auth::user() call at the other controller and it will give you the authenticated user.
If that isn't an option, you should create a function in the other controller that accepts $id as a parameter. You can call that function from within the first controlling by constructing the second controller throug $secondController = App->make(SecondController) and then $secondController->receiverFunction($id)
If you want the currently-authenticated user available in your application, just add it your base controller:
<?php namespace App\Http\Controllers;
use Illuminate\Contracts\Auth\Guard;
abstract class Controller {
protected $auth;
protected $currentUser;
public function __construct(Guard $auth)
{
$this->auth = $auth;
$this->currentUser = $this->auth->user();
}
}
I am trying to understand how POST routing will work. I have a method defined, signup(), and I want to use the same method to detect if the user wants to sign up (so load the signup view) or if the user already in the signup view (form) and posting his details to register.
Can this be done in one function in laravel? if yes, then how? Is this controlled by Routes and if yes, can someone please clarify this with an example?
Laravel documentation is really confusing for beginners.
Thanks in advance,
While this is possible but it's not recommended way to do that, you should keep your routes separated from each other (using GET and POST) and should use different methods as well. Basically any form submission should use POST request (using POST HTTP method) and to show the form just use a GET method but anyways, you can do it (what you have asked for) like this way:
// Declare the route
Route::post('signup', 'UserController#signup');
Now in your signup check for the submit button to make sure that, the form is submitted, so if the input submit is available in the $_POST array then the form is submitted otherwise, it's not submitted but an empty form was presented to the user or a failed validation redirect happened. Maybe something like this:
public function signup()
{
if(Input::has('submit')) {
// It's a submission, so Validate submitted Form data
// if invalid then redirect back with inputs and errors
// Otherwise save it
}
else {
// show the form
return View::make('user.signup');
}
}
Don't do it
This is just an idea but, it's a bad idea, just think about what happens if you have errors on your form and you want to redirect back then the whole thing would become messy, the controller method will become totally unmanageable after a while because it does many things while it should have only one specific responsibility.
I have this practical experience, because, I used to think that, if I can use one function for loading and saving and even also updating then it would be smart but to be honest it was stupid and obviously it's an anti-pattern, not the best practice, against KISS (Keep It Simple Stupid) principle. This kind of coding is a bad idea and you'll suffer for it in future and you would not dare to touch the code thinking that if you brake anything because you'll be confused by your own code.
Just use separate methods to show a form and save submitted data, Also check this on slideshare.
Yes, you can use one route to do it:
Route::any('signup', 'SignupController#signup');
Or two routes pointing to the same url:
Route::get('signup', 'SignupController#getSignup');
Route::post('signup', 'SignupController#postSignup');
In both cases you'll need a controller:
Here it is with all related methods:
class SignupController extends Controller {
// This one is for Route::any()
public function signup()
{
if (Input::has('email'))
{
// create your user
}
return View::make('signup');
}
// those two are for the second option
public function getSignup()
{
return View::make('signup');
}
public function postSignup()
{
// create your user
}
}
I am working on the admin side of a site that I am building and wanted to lock it down. I already figured out how to do my authentication, but I am looking for a way to call this authentication function on every request being made in this controller without having to call it at the beginning of each controller method. Is there a way to pass request through a filter, or something of the sort, in the constructor?
Ex.
public function __construct()
{
filter(authenticate(), 'login,signin');
}
Where the first parameter is the method being called, and the second parameter is the methods to exclude from the filter. Because you wouldn’t want to check for a logged in user if they are on the login page or if the signin method is being used since it is the one logging them in. Does anyone know if there is a way to do this? I think it would cut back on me repeating the call to authenticate before each locked down method.
Thanks!
Figured it out
Remapping looks to have done what I was looking for. Be sure to look into it! Great function :)
Have you considered using a MY_Controller?
In MY_Controller.php, create an Auth_Controller class (name it what you like) which will check if the user is logged in in the __construct() method. Then, ave all your "locked down" controllers extend Auth_Controller.