Do we have to change both the log controller and .env? It looks like the controller references the .env key and falls back to the default (set within the log controller) if the key doesn’t exist? I can’t imagine the key wouldn’t exist if you had one env for prod and one for development?

Maybe I’ve misunderstood it?

I have the same issue, I opened a support ticket so hopefully its fixed soon, no matter how many times I disable those pesky captions the next video they're back on :D

The number example was a really good way of explaining that. It instantly clicked :)

@Ninj4df Yeah I agree more real world stuff would be great. I like when they go this code could be done this way but heres why this ways better too, those are useful as it helps understand the thought process behind things.

thanks a lot for this series. IMHO that's what missing from Laracasts, production focused stuff, not 100% related to Laravel. Looking for something like this a long time now, that's great!!!!

** Warning **

Do not just use ->markdown() on its own this is prome to XSS (Cross-Site-Scripting) if you was to put <img src="#" onmouseover="alert('hacked');" /> in your idea description or worse a user was, when they hover over the image, an alert will show. Instead use:

    `return Attribute::get(
        fn ($value, $attributes) => new HtmlString(str($attributes['description'])->markdown([
            'html_input' => 'escape',
            'allow_unsafe_links' => false,
            'max_nesting_level' => 5,
        ])));`

Well the sites slightly different to how it was back then, it’s had a few licks of paint 😮

The way you thanked AI made me chuckle. It will remember that in 40 years when its taken over :D

Hi for anyone who gets Constant PDO::MYSQL_ATTR_SSL_CA is deprecated since 8.5, use Pdo\Mysql::ATTR_SSL_CA because they are using PHP 8.5 and running the Laravel Workshop search for

PDO::MYSQL_ATTR_SSL_CA

Within the entire project and replace it with:

Pdo\Mysql::ATTR_SSL_CA

Also if you're MCP Status is just a spinning wheel, turn off the MCP server disable MCP entirely within the settings, then close PHP storm fully, wait for it close. Open it reenable MCP entirely and then enable the individual MCP server.

:)

@Debesyla The transcript is still wrong by the looks of it I was also confused

Hi just a quick question about security I may not be the only one wondering this so thought I'd ask. Anything in the public/ directory is public. So that means all featured images would be publically accessible providing you can guess the randomly generated URL. Is this covered in the Authorization is a requirement lesson where we ensure only the user can access their own idea images?

It's really interesting how I started this journey knowing very little about laravel but now instead of using $status === 'pending' and $status === 'completed' im thinking outside the box and tweaking it to use the enum values for future proofing. if ($status === IdeaStatus::PENDING->value) {} and importing the dependencies myself. Thanks for this :)

Here are the full CSS component files for those looking to copy:

resources/css/components/btn.css

button {
    cursor: pointer;
}

.btn {
    background: var(--color-primary);
    border-radius: var(--radius-xl);
    color: var(--color-primary-foreground);
    padding-inline: calc(var(--spacing) * 3);
    font-size: var(--text-sm);
    font-weight: var(--font-weight-medium);
    cursor: pointer;
    height: calc(var(--spacing) * 8);
    line-height: calc(var(--spacing) * 8);
    display: inline-block;
}

.btn.btn-outlined {
    background: transparent;
    border: 1px solid var(--color-border);
    border-color: var(--color-border);
    color: var(--color-foreground);
}

.btn.btn-outlined:hover {
    background: color-mix(in srgb, black 25%, var(--color-input));
}

.btn.btn-ghost {
    background: transparent;
}

.btn:has(> svg) {
    display: flex;
    align-items: center;
    column-gap: calc(var(--spacing) * 2);
}

.btn:hover {
    background: color-mix(in srgb, black 10%, var(--color-primary));
    text-decoration: none;
}

resources/css/components/form.css

label {
    color: var(--color-foreground);
}

.input {
    border-radius: var(--radius-md);
    height: calc(var(--spacing) * 10);
    width: 100%;
    border-width: 1px;
    border-color: var(--color-border);
    padding: calc(var(--spacing) * 2) calc(var(--spacing) * 3);
    background-color: var(--color-card);
    color: var(--color-foreground);
    outline: 2px solid transparent;
    outline-offset: 2px;
}

.input::placeholder {
    color: var(--color-muted-foreground);
}

.input:focus-visible {
    outline: 0;
    box-shadow:
        0 0 0 calc(var(--spacing) * .5) var(--color-background)
        0 0 0 calc(var(--spacing) * 1) var(--color-primary);
}

@media (min-width: var(--breakpoint-md)) {
    .input {
        font-size: var(--text-sm);
    }
}

.textarea {
    border-radius: var(--radius-md);
    height: calc(var(--spacing) * 40);
    width: 100%;
    border-width: 1px;
    border-color: var(--color-border);
    padding: calc(var(--spacing) * 2) calc(var(--spacing) * 3);
    background-color: var(--color-card);
    color: var(--color-foreground);
    outline: 2px solid transparent;
    outline-offset: 2px;
}

.textarea::placeholder {
    color: var(--color-muted-foreground);
}

.textarea:focus-visible {
    outline: 0;
    box-shadow:
        0 0 0 calc(var(--spacing) * .5) var(--color-background)
        0 0 0 calc(var(--spacing) * 1) var(--color-primary);
}

.label {
    display: block;
    font-size: var(--text-sm);
}

input[type=file] {
    display: block;
    width: 100%;
    font-size: 0.875rem;
    line-height: 1.25rem;
    color: var(--color-foreground);
}

input[type=file]::file-selector-button {
    margin-right: calc(var(--spacing) * 4);
    padding: calc(var(--spacing) * 2) calc(var(--spacing) * 4);
    border-radius: calc(var(--spacing) * 2);
    border-width: 0;
    font-size: 0.875rem;
    line-height: 1.25rem;
    font-weight: 500;
    background-color: var(--color-primary);
    color: rgb(var(--color-background));
}

input[type=file]::file-selector-button:hover {
    opacity: 0.9;
}

.error {
    font-size: var(--text-sm);
    color: var(--color-red-600);
}

.form-muted-icon {
    color: var(--color-muted-foreground);
}

.form-muted-icon:hover {
    color: var(--color-foreground);
}

Color theme for those looking to copy:

    --color-background: oklch(0.12 0 0);
    --color-foreground: oklch(0.95 0 0);
    --color-card: oklch(0.16 0 0);
    --color-primary: oklch(0.65 0.15 160);
    --color-primary-foreground: oklch(0.12 0 0);
    --color-border: oklch(0.24 0 0);
    --color-input: oklch(0.24 0 0);
    --color-muted-foreground: oklch(0.6 0 0);

Hi @connor1231 ,

This is what is my cencept and I am open to discuss:

• If we want to apply authorization rule to page level, we should use a gate and if we want to apply authorization rule to a model we should use policy.
• As Jeffry had mentioned, gates are route closure equivalent of authorization and policies are controller equivalent of authorization for models.
• If I do not want to display a page to an user, irrespective of whether the page is tied to any model or not, I will reach for gate. For example, an admin can view all ideas of all users. This page should be accessible by only admin.
• If I want to restrict an user to update an idea created by another user, I will reach for policies. In this case, the update page is more specific to a model.

Regards, Anupam Bordoloi

@JeffreyWay looking forward to it thanks :)

@connor1231 We'll absolutely be doing a lot of that very thing this year on the site.

@larsb-dev Are you 100% sure you're not running a php artisan queue:work CLI in the background without realising, it's likely you've left it running or if you're using Laravel Herd Pro check the services tab as I believe that can also run queues.

Apolgosies, about the formatting of the code it looks like the site has removed added whitespaces.

Heres a bit more information for those who want to know a little more like how to queue up jobs every hour. (I think this wasn't included for simplicity)

To queue up jobs to run hourly open routes/console.php and add the below:

use App\Jobs\UpdateIdeaStatistics; use Illuminate\Support\Facades\Schedule;

// Hourly means at 10:00, 11:00 etc etc not when it was started. Schedule::job(new UpdateIdeaStatistics)->hourly();

// You could also run for every minute etc etc, which I advise for testing and making sure you've setup everything correctly. Schedule::job(new UpdateIdeaStatistics)->everyMinute();

As with everything for queues this won't just magically work, though it is super simple.

In order for it to work, we need to deply a scheduer which is responsible for co-ordinating/scheduling the repeat jobs.

Open a new cli and type php artisan schedule:work this will setup your scheduler.

Make sure to deploy a worker too in another cli by running php artisan queue:work.

Check your log file after an hour, or a minute depending on which one you choose from the above options and you should see the log in there from the logger().

You will also see the below in your scheduler CLI (the one you ran php artisan schedule:work in):

INFO Running scheduled tasks.
INFO No scheduled commands are ready to run.
2026-02-01 19:36:00 Running [App\Jobs\UpdateIdeaStatistics] ... 18.08ms DONE 2026-02-01 19:37:00 Running [App\Jobs\UpdateIdeaStatistics] ... 15.33ms DONE INFO No scheduled commands are ready to run.

Super cool and super simple :)

Hi Jeffery, no matter what I do hot reloading is not working for tailwind classes, when I change mt-5 to mt-50 nothing. I have to manually refresh the page, I'm running npm run dev, using firefox on a mac using php storm too. Javascript changes in app.js hot reload without issue. Everytime I save in the warp terminal it fires 12:16:37 PM [vite] (client) hmr update /resources/css/app.css?direct (x10)

I really like this series, A bit of comparison would be nice between the two as I'm still slightly confused what warrents a policy and what warrents using a normal gate. In this situation we would reach for a gate in this situtaion we would reach for a policy could you help me out a little :)

Hey @connor1231, thanks for the reply! That's awesome to hear and you brought up great points. I do use AI a lot to help me learn and grok concepts. I'm a seasoned front-end developer with PHP experience as it related to WP when we used to build custom themes. But, I really want to understand the how's and why's of PHP. Thanks for the encouragement!

@jake83 Yeah it should be StoreIdeaRequest on the update() function not IdeaRequest. :)

One thing to add here the :attribute value in messages() has some hidden functionality. If you want the attribute name to have a capital letter use :Attribute if you want it to be full caps lock use :ATTRIBUTE. Really cool stuff...

@connor1231 normally before the google phase is the meltdown phase where I'm questioning my life choices and feeling like a total imposter. Then after I get off my soap box is when I start the google phase. lol

Curious, did you complete the PHP for Beginners course before this? I keep stalling, but I need to finish because it's got a lot of good tips for software development as a whole, even with AI changing this as we speak.

I know I'm not the OP but thought i'd help. I went through the path here - https://laracasts.com/path which includes PHP for Beginners, PHP Object Oritented Programming and Javascript before moving onto the Laravel 2026 Course. Trust me its worth your time to understand how under the hood PHP works. If you have a basic understanding of php already I'd still do the Object Oritented programming course as it will build on it

I self-taught PHP and have built various systems, even I learnt a lot from the above courses.

I'm only a few lessons into the Laravel course but Its a lot more smooth sailing having refreshed my core foundation.

100% worth your time man, you'll thank yourself in the long run when the laravel lessons feel like a doddle because you understand things better!

In one of the above series, you build a mini framework with Jeffery so it should help you understand routing etc better too.

One of my favourite sayings is... If the foundation’s weak, the whole house fails eventually. Learn the basics first and build a solid foundation.

Yes, AI is huge but you still need to understand what the AI is generating to make sure stuff works and is secure and that its not overly complicating something for the sake of it (happens more than you think).

Use AI to help you learn too not just to aid with development. If you're not sure on something in the lesson, I ask it questions so I use this PHP feature like this, what happens if I use it like this... its a good buddy to use. Make sure in your prompt to tell it not just to agree with you and to critise and point out alternatives otherwise it acts like a noddy dog. :D

I just added some Larabits to my Watchlist. But when I go to my Watchlist, only the courses are there, I don't see the Larabits. Is there a way to find these?

I noticed this the other day too. It's the same with podcasts :)

@wemersonrv No worries, I didn't realise it was so long ago that you posted. I thoguht i'd jump in incase anyone else was having the same issue :)

I did a little side reading on elequent as my mind instantly went... nope we shouldn't trust request() for anything. So as a normal paronoid human would do I ran http://laracasts-project.test/?state=DROP * FROM ideas to see if it would drop all of the ideas from the table.

Eloquent is smart, it binds stuff in queries so the above won't work. This wasn't covered in the video but is something useful to know. :)

prod quality so good

Laravel Idea Plugin is now free :D

The production value of your video intros is getting really good! Well done.

Hi Jeremy, what is the benefit of using a guess customEvent over just using this.history.length like the below as we already have access to history within the checkGuess function?

return is too low! You have used ${this.history.length} out of ${this.#maxAttempts} attempts;

First don't be too hard on yourself. Everything you stated as challenging are very large areas of programming in general. Everyone finds them challenging. The good news is their are various courses on Laracasts that can help you.

I had difficulty with Testing and I'm still not great a it. I found watch this course help me a lot.

https://laracasts.com/series/php-testing-jargon

Also I recommend reading the Laravel documentation. I know it sound scary but the documentation is very human friendly to read and understand.

If you just struggling with the PHP in general I would recommend "PHP For Beginners" and the "PHP Crash Course" on Laracasts.

Authorisation is a massive topic and even after all my 20+ years as a developer I'm still learning on this subject. The best way to pick it up is to create a simple app yourself.

Start with a Laravel start kit. Use something like Laravel Breeze starter kit and learn to use the existing Auth process. By doing this you will learn the basics and you can look at the start kit codebase and start reading it to understand what going on.

Here a very good Laracasts course on the subject

https://laracasts.com/series/laravel-authentication-options

If you still don't understand I suggest copying the script into chatGPT and asking it to explain in detail what each line does and why, it can be a helpful exercise if you don't understand something.

Gate and Policies sound more complex than they really are. They are just layers you can add to system security. You don't have to master everything all at once. Just learn to get comfortable with Authorisation then once your good start playing with Gate...then Policies. Before long you will start feeling comfortable with everything.

Just remember programming is creative exercise and you learn through play. So just have fun and play.

As far as Vite and UI I would recommend watching.

https://laracasts.com/series/laravel-and-vite

I hope the above helps you and if you have any particular questions just let me know and I've tried and explain it to you.

All the best :-)

More related to the video, I self-taught the basics of PHP a few years back, started to embrace the AI, then it started doing stuff well above my knowledge... maybe overcompleting things who knows. That's why I signed up here so I can understand PHP better build my foundation to then leverage AI. Atleast then I'll know 100% what its doing and what it shouldn't be. I do think one day this huge bubble will pop, I don't think these massive companies can keep plowing billions into it for very little return. Seriously AI overlords if you're reading this in the future I don't mean it I never doubted your ability...

I'd love to see a snippet on here showing the code Claude generated you for those two features... yes it works but heres why it sucks and why I changed it. I'd love more lessons on the thought process behind things with real world examples. I know theres the whole AI course that I'll definetly checkout, but real work examples are so useful the more the better tbh. I'm glad to hear your getting through the tough waters as someone that's just signed up I really enjoy the teaching style :)

@connor1231 One monitor should be enough. 🙃

@JeffreyWay I must be doing something wrong :D

It's nice to hear you address the compeition as someone who has tried the big company that starts with a U for learning things I prefer here. It's nice to know the guy whose teaching me built the very platform you study on, it's mentally reassuring and to see the same faces is nice. On a serious note... one monitor man I run out of space with 3 kudos :D

@dantegalindocruz Glad I could help you out and save you from frantically googling stuff :)

@connor1231 This is exactly what I did. And the other thing I did was try to track down where the loader was for this. And I was searching like a mad man in the pest directory. And it wasn't until I saw your follow up comment that I was finally able to get things working. You my friend are a life saver! =)

I'm really enjoying this Jeremy. I can see why this is the third course on the path as its also teaching me things I didn't know in PHP like the spread operator.

Hey @jeffreyway

I was just thinking, when we deploy our apps on production, how will we modify our database by adding new columns? Do we have to manually update all tables in our database?

@wemersonrv Did you run composer auto-dump in your projects directory?

The rick roll in the last 5 seconds got me... dang curiosity got the better of me :D

Also if you get the error:

Pest\Exceptions\TestCaseClassOrTraitNotFound

The class Tests\TestCase was not found.

When trying to run the test example shown in the video, add the following to composer.json under psr-4:

"Tests\": "tests/"

You should end up with:

"autoload": {
  "psr-4": {
    "Core\\": "Core/",
    "Http\\": "Http/",
    "Tests\\": "tests/"
  }
},

Make sure to run composer dump-autoload after :)

Heads up for anyone who gets the error:

Pest\Exceptions\FatalException

The test directory [YOUR WEBSITES DIRECTORY]] does not exist.

Create a folder called tests in your projects main directory. On the same level as public, Http, core etc, then re run the command.