Why you want v4? Filament 5 was released some time ago, and several updates came already.

SECURITY PROBLEM: insecure server advertised AUTH=PLAIN (errflg=1)

This error strikes from IMAP connection which is used to access a mailbox, not for sending emails. Where this error goes from in your code? I mean specific file and line.

So the problem is definitely somewhere inside XAMPP settings. Sorry I'm not very familiar with it. Try to revert your latest changes or even reinstall it from scratch. Looking into Apache logs would be useful also.

...Or you may continue using php artisan serve instead of XAMPP web server.

Do you have the error when serving app with php artisan serve instead of XAMPP?

Use php artisan route:list, do you have all routes there?

As usual, first of all try php artisan optimize:clear and recreate vendor folder (delete it and run composer install)

A clumsy and awkward approach of recreating conventional OOP logic in functional style?

@iamyannc Hey. I’ve done a lot of these type of re-factoring and re-platforming projects in the past. The way I’d approach it would be like this:

• Get the application running on a newer version of PHP. So upgrade to 7, fix any usage of deprecated APIs and libraries, and then when possible upgrade to PHP 8 and do the same.
• Once you’ve got the vanilla PHP application running on a modern version of PHP, create a new Laravel application and dump your legacy application’s file in the public directory.
  • Rename Laravel’s index.php file to something like laravel-index.php to avoid clashing with your legacy index.php file.
  • Tweak your .htaccess or nginx config to just load a file if it exists, or fall back to Laravel’s front controller.
• You should now have a Laravel application, but with no requests actually being routed through it to start off with, and instead requests hitting your legacy application as before.
• Slowly start re-factoring your legacy application to Laravel controllers, views, etc. Do this slowly, and one discreet part at a time. Trying to re-factor too much in one go just leads to lots of files being touched, none of them 100% converted, and the dreaded feeling of, “Urgh, I need to git reset this and start over.”
• As you do the above, the number of files from the legacy application will decrease, and the number of Laravel files increase, until you’re left with nothing of the legacy application.

Happy for you to reach out if you have any questions. DM me on Twitter 𝕏 (https://x.com/martinbean) and I can share my email address.

https://github.com/laravel/envoy/issues/3 ?

@servers(['web' => "user@hostname -p 12345"])

https://github.com/laravel/envoy/issues/3 ?

@servers(['web' => "user@hostname -p 12345"])

I checked and confirm the same behavior.

See here: https://github.com/laravel/telescope/issues/189#issuecomment-635909972

It's rather old thread, but still applicable to recent versions. I see my HTTP request made from Tinker in Telescope after app()->terminate() in the same tinker session.

What will wasChanged() show for Product A? What about for Product B?

How about just try it out yourself? In tinker or some test artisan command.

There are some packages, like this, which seems pretty mature: https://github.com/matanyadaev/laravel-eloquent-spatial

Otherwise you should use something like DB::raw(POINT(100 200)), refer to your database spatial type manual.

It would be nice to see Laravel internal support for such things.

Having simple JSON column seems bad to me as you would want to use DB internal capabilities to calculate area of given polygon or distance between given points. With JSON column you have to calculate them by yourself.

As of today, AI agents can't make proper apps on their own. What they can do is produce junk that passes tests. To use it for any proper product, you have to understand the code and correct its issues.

It's clear that AI will be useful, but the hype is completely overblown. If you were to go back and read the marketing from two years ago, you'd think you have no future in tech if you didn't use [insert any AI tool hot at the time]. Now those AI models are obsolete, and if you spent the time learning the fundamentals of computer science instead, you'd be much better off.

Some of the recent layoffs in the tech sector can be attributed to pandemic-era over-hiring and the general downturn in the US economy. But I'm sure the over-hyping of generative AI is partly to blame. I believe we'll see more service degradation over the following years.

What you should do ultimately depends on your goals. If you're a non-programmer who wants something on the screen, you may not need to understand the code. I just don't see anyone hiring an "AI prompter" who's helpless when something doesn't work.

Do you need all 80k rows of data for developing?

Can you use some fake data in your local dev database (let's say 100 rows which is easily faked and seeded as often as you want) and have the whole real 80k rows on production database?

This can be handled on web server, not Laravel: https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_client_certificate

I tried it once successfully (web server allowed to view a page only after a browser provides valid certificate), but it was only a test out of curiosity, no real implementation.

Do you need all 80k rows of data for developing?

Can you use some fake data in your local dev database (let's say 100 rows which is easily faked and seeded as often as you want) and have the whole real 80k rows on production database?

There are some packages, like this, which seems pretty mature: https://github.com/matanyadaev/laravel-eloquent-spatial

Otherwise you should use something like DB::raw(POINT(100 200)), refer to your database spatial type manual.

It would be nice to see Laravel internal support for such things.

Having simple JSON column seems bad to me as you would want to use DB internal capabilities to calculate area of given polygon or distance between given points. With JSON column you have to calculate them by yourself.

Probably if he doesn't know if he needs it, he doesn't.

@armanhozyn I’ll never understand why Laravel removed this, as it was great for applying to policy methods to resourceful controller actions.

Nevertheless, you can get it back by importing the AuthorizesRequests trait in your controller:

+ use Illuminate\Foundation\Auth\Access\AuthorizesRequests;

  class CommentController extends Controller
  {
+     use AuthorizesRequests;

      public function __construct()
      {
          $this->authorizeResource(Comment::class);
      }
  }

abort function puts a message to response body, not in status string. Maybe you should write your own helper function for that.

Moving to a model seems more appropriate since this helper interacts with database. Utilize local scope: https://laravel.com/docs/13.x/eloquent#local-scopes

v13 came out recently :)

That's why I miss the good old pencil and paper days. Or at least the old MSDOS days.

It's interesting to know what caused the problem.

I would use this package: https://github.com/kitloong/laravel-migrations-generator

No matter what you do, Backup first.

+1000000

I checked with Firefox 149.0 on Windows and I confirm the problem.

Also "Forum" link in a header doesn't work, browser just doesn't navigate to https://laracasts.com/discuss (other nav links work fine).

It's getTitle() method in Filament/<...>Resource/Pages/View<...>.php:

public function getTitle(): string|Htmlable
{
    return $this->getRecord()->title;
}

I share your view. "A cloud" means "someone else's servers". Having your own gives flexibility and security (if you are really able to manage an infrastructure).

It seems it is needless to say such structure is wrong, you probably know that already.

Did you try something like this? https://stackoverflow.com/questions/38608244/laravel-eloquent-query-where-like-relationship

It's strange, smtp.gmail.com should provide valid certificate and you should be able to verify it. Are you sure you have this mail host? What config('mail.mailers.smtp.host') shows?

At least the problem is localized, that's good.

Try to add to config/mail.php:

'mailers' => [
        'smtp' => [
			// ...
            'verify_peer' => false,
        ],
]

And see what happens on sending test mail.

Check here: https://knowledge.workspace.google.com/admin/gmail/send-email-from-a-printer-scanner-or-app?visit_id=639094163082632677-2170550345&rd=1

Gmail was always tricky for sending emails via SMTP.

Do you get a message if you invoke test sending, using php artisan tinker?

Mail::to('d****@yahoo.com')->send(new TestMail);

Using the upper half of the screen for PHPStorm, the lower half for the docs in a browser, and the landscape screen for the actual output made my workflow significantly faster.

You should try three monitors, even more comfortable.

Well obviously Laravel doesn't see already run migrations. Did you check migrations table specifically in production database? Did you by chance check only local/dev database?

Check config/database.php - migrations key, did you change it? Default value is:

'migrations' => [
        'table' => 'migrations',
        'update_date_on_publish' => true,
],

If on Windows, turn off anti_virus software (probably Defender) or add the whole project folder to exclusion list.

You don’t need a ProjectUser model just to authorize “assigning a project to a user”.

In Laravel, the “pivot” is usually not treated as a first-class resource for authorization; instead you authorize the action on one of the real models (most commonly User or Project) and pass the other model(s) as arguments.

1. Define a custom ability on UserPolicy

// app/Policies/UserPolicy.php

public function assignProject(User $actor, User $target, Project $project): bool
{
    // 1) Full Admin: can link users to projects within the user's company
    if ($actor->isFullAdmin()) {
        return $target->company_id === $project->company_id;
    }

    // 2) Company Admin: only within their own company
    if ($actor->isCompanyAdmin()) {
        return $actor->company_id === $target->company_id
            && $actor->company_id === $project->company_id;
    }

    return false;
}

2. Use it in controller (best place, because you have all objects)

public function update(User $user, Request $request)
{
    $project = Project::findOrFail($request->project_id);

    $this->authorize('assignProject', [$user, $project]);

    $user->projects()->syncWithoutDetaching([$project->id]);
}

Route middleware: possible, but you’ll still need the objects

Route ->can() works well when your policy method can be resolved from route params. Since the ability needs User + Project, your route must provide both:

Route::post('/users/{user}/projects/{project}', [UserProjectController::class, 'store'])
    ->can('assignProject', ['user', 'project']);

This calls UserPolicy@assignProject(auth()->user(), $user, $project).

If your “edit” page doesn’t include {project} in the URL, then ->can() can only authorize a broader ability like “canManageUserProjects” (no specific project yet).

Error you get contains links to Google documentation regarding the issue. Most likely account type you created (service account key?) can't be used for accessing Google Drive or something like that.

See how it is recommended to create an account: https://github.com/ivanvermeyen/laravel-google-drive-demo/blob/master/README/1-getting-your-dlient-id-and-secret.md

Did you write it yourself or got this code somewhere?

Laravel by default doesn't have ability to use Google Drive as a storage. It means you're trying to utilize some external package. What is it? Did you read it's documentation?

Can you show \App\Services\GoogleDriveService class contents?

I think of it like

• Gate = can you do something

• Policy = can you do something with a specific object

Policy can use gates to simplify the policy.

Have you checked Apache logs and php-fpm logs?

Is it always exactly 30 seconds or timeout differs from time to time?

If you place simple sleep(10000); in the controller and fire a request, will execution break the same way after same time? Or behaviour is different?

Additionally, when we try to hit the route via GET (by mistake), we get:

The GET method is not supported for route api/function_with_anonyme_name. Supported methods: POST.

This has nothing to do with the problem, you just didn't define GET route.

I imagine this: Gate defines authorization rule over the whole app: can a user use some functionality?

Policy is more specific, it defines authorization rule over a model: can a user do some action with a model?

How do you handle upload? Can you show route and controller? I'm pretty sure a controller starts only after a request is fully received, all files included.

Thanks I found the problem my function name destroy instead of delete!

Do you have public function delete() method in ProfileController class?

Do you have public function delete() method in ProfileController class?

Such use of Git is strange. You should have three repositories, with three projects (laravel, wordpress, hello world), branches are used for developing a single project, not a project per branch.

You're confusing concepts here.

Middleware is for interacting with incoming requests towards your app.

Http client fires outgoing requests from your app to external HTTP resources (such as API).

They are opposite of each other, and middleware can't be applied to HTTP client.

You may need to create a macro: https://laravel.com/docs/12.x/http-client#macros

// AppServiceProvider boot()
Http::macro('mysuperapi', function () {
	return Http::withHeaders([
		'X-AUTH-ACCESS-TOKEN' => '<token>',
	])->baseUrl('https://mysuperapi.com');
});

// usage
$response = Http::mysuperapi()->post($data);

An application to gather project ideas?

You're confusing concepts here.

Middleware is for interacting with incoming requests towards your app.

Http client fires outgoing requests from your app to external HTTP resources (such as API).

They are opposite of each other, and middleware can't be applied to HTTP client.

You may need to create a macro: https://laravel.com/docs/12.x/http-client#macros

// AppServiceProvider boot()
Http::macro('mysuperapi', function () {
	return Http::withHeaders([
		'X-AUTH-ACCESS-TOKEN' => '<token>',
	])->baseUrl('https://mysuperapi.com');
});

// usage
$response = Http::mysuperapi()->post($data);