I have a Laravel app, and the password reset feature is needed. How can I flash a session message after the email is sent to the user or after clicking the submit button?
I can't seem to add a flash method to the function that returns the view of the reset password page, because the file is in the vendor folder.
After an hour of tracing of what function will be triggered after the submission of the password reset form, I have found out that:
After submission of the password reset form, the function sendResetLinkEmail will be triggered, can be found in SendsPasswordResetEmails.php.
Then in line 37
return $response == Password::RESET_LINK_SENT
? $this->sendResetLinkResponse($response)
: $this->sendResetLinkFailedResponse($request, $response);
The sendResetLinkResponse function is the one responsible for what happens if the email is sent successfully.
protected function sendResetLinkResponse($response)
{
return back()->with('status', trans($response));
}
By default, laravel auth:make doesn't display the 'status' variable in the front end or the reset password page.
I have to add these lines of code to the reset password template.
#if(session()->has('status'))
<div class="alert-container">
<div class="alert alert-success">
<button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">×</span></button>
{{ Session::get('status') }}
</div>
</div>
#endif
From the docs:
Sometimes you may wish to store items in the session only for the next request. You may do so using the flash method. Data stored in the session using this method will only be available during the subsequent HTTP request, and then will be deleted. Flash data is primarily useful for short-lived status messages:
$request->session()->flash('status', 'Task was successful!');
Related
I'm using Gate for permissions and redirect the user to the home if he doesn't have enough permission with an error message
if(Gate::denies('manage-users')){
return redirect(route('home'))->withErrors('You don\'t have enough permissions!');
}
But when the user navigates to another route with correct permission the page displays correctly but with an error handler in the view saying the same message "you don't have enough permissions"
How can I clear errors session once the error get displayed in home to hide it from other views?
Don't know if this is the best solution so please correct me. I Changed the validation to be this
if(Gate::denies('manage-users')){
return redirect(route('home'))->withErrors(['permission_error' => 'You don\'t have enough permissions!']);
}
In the home view
#if(session()->has('permission_error'))
{{session('errors')->get('permission_error')}}
#php session()->forget('permission_error') #endphp
#elseif( !session()->has('permission_error') && $errors->any())
<div class="alert alert-danger">
{{ $errors->first() }}
</div>
#endif
I currently have an admin panel that allows admins to login via other users accounts and view their accounts as the user would which redirects to a subdomain.
so ill be on the url http://example.local/admin/users which is a list of the users then when you log in as a particular user via this route.
Login as user
Route::get('/users/{id}/login_as', function ($id) {
$user = App\User::withTrashed()->find($id);
$user->changelogs()->create([
'action' => 'Admin logged in as user'
]);
session()->put(['og_user' => auth::user()]);
\Auth::logout();
\Auth::loginUsingId($id);
return redirect('/dashboard');
});
This will then redirect to the users page on how they see the platform but this will change to a sub domain http://subdomain.example.local/.......
I currently have a header that appears once logged in that contains a return to admin button which then logs you out of that user and returns you back to the admin page you was originally on.
Return to admin button
#if(session()->has('og_user') && auth::user())
<div class="signed_in">
<div class="container inner">
<h5 class="text-light mb-0">
Logged-in as {{ auth::user()->name }}
</h5>
<a href="/admin/{{session()->get('og_user')['id']}}/log_in_as" class="btn btn-secondary ml-auto">
Return to admin
</a>
</div>
</div>
#endif
Login as admin
Route::get('/admin/{id}/log_in_as', function ($id) {
session()->forget('og_user');
\Auth::logout();
\Auth::loginUsingId($id);
return back();
});
the problem i am having is once im logged in under another user on a subdomain and then i return to admin it directs me back to the admin page but under the sub domain still http://subdomain.example.local/dashboard with that domains UI theme when i want it to go back to example.local/dashboard
Can anyone point me in the right direction on how to do this?
You use
return back();
This function will return you to the previous page: in your case, the previous page is in the subdomain. So you don't want to go back.
Use a direct link to the page you want to visit instead:
return redirect('your desired route');
I have a navbar on my users' panel. A part of the navbar indicates if the user has a new unread message. In this case a badge will appear next to an icon. I've simplified the codes here to make them easier to understand and read.
So this is the simplified HTML code:
<div class="btn-group msg-box">
<i class="fa fa-envelope"></i>
// this is the default state, no badge is shown
</div>
Here is the AJAX request which calls a custom function every 10 seconds:
<script type='text/javascript'>
$(document).ready(function(){
setInterval(checkMsg,10000);
});
function checkMsg(){
$.get('ajax.php',{user_id : <?php echo $user_id; ?>},function(data){
$('.msg-box').html(data);
});
}
</script>
And this is the ajax.php file content:
if(isset($_GET['user_id']){
// a few lines of code here to check if that particular user has any unread message.
// In such case a variable name $newMessage is set to 1. Now ... :
if($newMessage>0){
$data='
<i class="fa fa-envelope"></i>
<span class="badge"><i class="fa fa-info"></i></span>
';
}else{
$data='
<i class="fa fa-envelope"></i>
';
}
echo $data;
}
First of all, I know the way I've written this AJAX request is very rookie, but it works fine anyway, up to one point!
In case the user has a new message, and if they stay on a page, the code runs perfectly and shows the badge. But when the user refreshes the page or goes to another page, even-though they have a new message, that default state is shown again where there's no badge. And I know it's of course because I have specified a default state via HTML codes.
I need to know how I can keep the result of the AJAX request regardless of how many times the user refreshes the page or goes to another page.
UPDATE
I tried storing the query result in a SESSION in my ajax.php file. So instead of $data I wrote $_SESSION['data'].
Back on my HTML I made the following change:
<div class="btn-group msg-box">
<?php
if(!isset($_SESSION['data'])){
?>
<i class="fa fa-envelope"></i>
<?php
}else{
echo $_SESSION['data'];
}
?>
</div>
I made this change because I considered the fact that SESSIONS, by definition, are created and accessed globally within the domain. So once it's set, it can be checked and used on all other pages.
So that only if that SESSION isn't set, the default state should be displayed. But that as well doesn't seem to have my desired result. Still the same thing happens.
Ok, answering my own question now. :)
My UPDATE seemed to be a good idea which I tried.
The problem there was that I had written session_start(); on my main PHP file which was included in all other PHP files of the project.
So I basically thought that when the ajax.php file is called, there's no need to write session_start(); again. Because ajax.php was called inside a PHP file that had session_start(); in it already. So, I was wrong!
Adding session_start(); to the beginning of my code in ajax.php simply fixed the issue.
i dont know how hidden password on url
i got problem like this http://127.0.0.1:8000/bulletin/%201/edit?passwordC=11111&page=1
My View
<form>
<div class="form-row" style="specified-width:200; position: absolute; bottom:0; margin-bottom:10">
<input style="width:150px" type="password" placeholder="Password" name="passwordC">
<input type="hidden" value="{{$buletin->currentPage()}}" name="page">
<button style="margin:0 5px" formAction="/bulletin/ {{ $tampil_B->id }}/deleteOper" type="submit" class="btn btn-danger">Delete</button>
<button formAction='(url(edit))' type="submit" class="btn btn-primary">Edit</button>
</div>
</form>
My Router
route::get('/bulletin/{id}/edit','BulletinController#edit');
my controller
public function edit (Request $request, $id)
{
$buletin = \App\Dashboard::find($id);
$url = "/?page={$request->page}";
if(is_null($buletin->password)){
$request->session()->flash('failed', 'Cant Edit Because this post not had been set password ');
return view('bulletin.edit_nopass', ['buletin' => $buletin,'url'=> $url]);
}
if (hash::check($request->passwordC,$buletin->password)){
return view ('bulletin.edit', ['buletin' => $buletin, 'url'=> $url]);//save and go back to card
} else {
$request->validate([
'passwordC' => 'required|required_with:password|same:password'
],[
'passwordC.required_with' => "Password not match",
'passwordC.required' => "Password Required",
'passwordC.same' => "The Password You Entered Do Not Match.Please Try Again"
]);
}
The issue is a byproduct of how you have written this solution. To remove the password from the URL, you will have to find a different mechanism to get to the edit page.
As it currently stands, you are doing a GET request to the edit page from the form, and because it is a GET request, the form parameters are sent in the URL.
From the edit controller method you are then returning a view, so the URL is never re-written.
That is why you have this problem, as to how you could solve this, there are many options; you could post to an endpoint that stores the approval in a session that you then check in middleware, or in the controller, and then return the view. You could use the reconfirm password middleware from Laravel. Or even a POST-REDIRECT-GET pattern, where you post the form and then redirect to the edit page from there with whatever you need to do to protect the edit endpoint.
There are many options, but its impossible to tell you how to solve this problem given that you need to rethink how you will solve it.
First of all it is not correct to send with GET .But if it is very vital you have two way:
1.use encrypt .but it is not safe too.because there is even online sites that can decrypte .
2.use Hash:make . Hashing is an unilateral.It means that you can not dehash it
I have created a email verification on Laravel 5.2. When a user fill the registration form and is validated they return the user to login form with:
return redirect('/login')->with('status','We send a email verification, please
confirm.');
And this works perfect. The problem is when the user click on link verification in his inbox they activated the account and redirect to admin page but without status message. Here is the code for that in AuthController.php:
public function activateUser(Request $request,$token)
{
if ($user = $this->activationService->activateUser($token)) {
return redirect('/login')->with('status','You account is now activated. Please login.');
}
abort(404);
}
On my login.blade.php:
#if (session('status'))
<div class="alert alert-success">
{{ session('status') }}
</div>
#endif
Please, someone know why the session variable is not working?
Thanks.
it should work like this. in your AuthController, just change
return \Redirect::to('/login')->with('status','You account is now activated. Please login.');
and in your login.blade
#if (Session::has('status'))
<div class="alert alert-success" role="alert">
<p>{{ Session::get('status') }}</p>
</div>
#endif
Okey i don't what happend here and why redirect()->with() is not working. I solved doing a new view called activated.blade a copy of login.blade but with a message saying: "You account is now activated. Please login." so i do this in the controller:
return redirect('/activated');