Snapey

I assume you are not including the default app.js on your page?

This already includes axios and sets the header value for you.

@jlrdw Yes, you are right, I was mistaken. I was thinking of route model binding where it does not seem to matter what order you put the fields in.

Here it does.

There is an answer here though and an example of removing this in middleware

https://stackoverflow.com/questions/44619512/laravel-5-4-how-to-do-not-use-route-parameter-in-controller

The answer was so simple "You can not

Well of course you can. You create a form, you capture the data and write it into the database.

1. Well there are lots of examples of people getting their credit card details stolen because they were not kept safely.

2. Because of 1, legislation in parts of the world prevents this to avoid consumers being put in danger of credit card fraud

3. When you have the credit card details in your database, don't think you can just pass them to the payment card processor because they won't allow it and won't provide APIs for you to do it. Now again, I'm not saying you cannot, there may be people in parts of the world with lower standards that will help you do it.

4. Your place as a designer of the solution is to advise your client of the best practices and the reasons for them. I would hope similarly that you would advise your client that its not a good idea to store passwords as plain text for example. You have a responsibility here - or you have to walk away.

The parameters are evaluated by name, not by their order

I didn't know we were debating that, but clearly sync($user->roles) makes no sense

whats wrong with doing this

public function update(UpdatePatron $request, $patron)

no, sync requires an array of role ids you want to associate with the user

save on a model only updates the model. Relations are handled in their own right.

missed this

a save-like operation on a model would ever put it out of sync with the database

Why is it out of sync? You change the model attributes, you call save(). Any dirty attributes are pushed to the model.

Model object and database are aligned.

The only thing that might not be is another instance of the same model loaded earlier in the request cycle (eg, the user model loaded at authentication). Its only out of sync if you load a new instance of User and don't update the Auth::user() instance

The model is easily reloaded with fresh() however the user model is a little different because it is used by the Authentication Guard

And on the other side, persisting an update in the collection requires something as ugly as $user->roles()->sync($user->roles);?

Why is this ugly, it seems very expressive to me,

The user(), their roles(), sync with this new list (array of roles)

Not sure why you are specifying $user->roles inside the sync function?

gdi

why, when changing roles are you then going on to do other things in the same request, and relying on the roles just set? You seem to be overthinking something that at best is an extreme edge case?

sounds like you have a conflicting route. Can you share web.php?

thought thats what I said

clearly the dot is being misinterpretted by eloquent

Any chance of switching this out once recieved from the api?

You could try using the original and best html ???

(sorry @tykus )

ok, yes then

If you dd($id) at the top of the controller method, is it hit?

im puzzled by all the discussion and concerns of in-memory representation of roles?

everything is tore down and reloaded for each request cycle so why is there any need to wory about the effect of changing roles?

does it look like a laravel error page?

you should not see public in your urls

This indicates you have not setup your webservice correctly. This should be your priority.

your public folder should be the document root

And thats easier than just adding one line?

public function store(Project $project, Request $request)
{
    abort_if( ! $project->user_id == Auth::id());

or by using Policies?

https://laravel.com/docs/5.7/authorization#authorizing-actions-using-policies

The fact that you are asking the question means that you are not ready to be dealing with customer's personal information.

The customer keys this information into the paypal site (or stripe etc). They give you a unique token which represents that customer's details. You then raise a charge against that token not the creditcard.

Did you give the best answer?

You are not giving much to go on

What request gives page not found?

No, the php you are using for the Cron is an older version.

You probably need to ask your hosting provider to tell you where you can find the 7.1 cli version

You will struggle to find a tutorial because holding someone's payment card details is really bad practice unless you are PCI Certified.

You only need --force for commands that stop and ask you if you are sure you want to proceed. This allows you to push through the default answer because with a cron job, noone is there to say yes or no.

Thats all.

ok now?

run the vendor:publish command

It copies the pages into your application space where you can edit them how you like.

Future upgrades will not mess with them.

Thats one way, but I guess only works if the user should only interract with their own models.

What if you want to display those models to other users? Then you have to mess about overriding global scopes.

If you only need this code on one page, you can add it in the actual blade file.

This might help.

https://medium.com/codingthesmartway-com-blog/getting-started-with-axios-166cb0035237

Why do you think you need --force ?

no, route model binding has nothing to do with validation

does that command work with --force when you run it from the command line?

I assume you have to actually implement force in your command?

Why not a myReviews route and a MyReviewsController

This would have the appropriate CRUD resources but could always be qualified by Auth::user()

Sorry but this does not make sense. The key used by Route Model Binding should be unique so what's the point of adding extra constraints?

The return from the Model would not be expecting a redirect so its not going to work that way.

You could throw an exception in the Model and then catch it in the error handler and redirect the user that way?

If you don't want to use Route Model Binding, just remove the model name from the method signature

for instance

public function store(Project $project, Request $request)
{

    // etc, you can deal with autoloaded project here

}

Remove Project

public function store($project, Request $request)
{

    // now $project will be whatever ID was passed in the URL and not an instance of Project

}

If it does not fit then you need to focus on your problem and post only relevant code.

There is also a paste bin on laravel.io website that you could use

Your problem is that you are trying to use the Config facade without importing it at the top of the controller.

PHP therefore assumes that Config must be in the current namespace (App\Http\Controllers\Admin)

all you need is

use Config;

at the top of your controller.

alternatively, use the config() helper

You should not need to worry about exposing the ID in the URL or in the form, PROVIDED you have adequate controls to ensure that the use can only see what ID's they are meant to see and can only update IDs that they own.

There are other reasons to not use IDs, such as not giving away how many users you have, and not letting someone just scrape through your site, but you should not be using obscurity as a security method.

See this thread

https://laracasts.com/discuss/channels/laravel/redirect-to-page-where-login-button-was-clicked

or use UUID instead if simple incrementing integer

or use Signed URLs

https://laravel.com/docs/5.7/urls#signed-urls

Because I knew that this regular appears in Eloquent issues, just experience I guess.

Unfortunately I assumed addMedia was one of the methods added by the Spatie package. I did not check it.

If company is a child relation of SubJob and Subjob is a child of Job;

    public function create(Job $job)
    {        
        $job->load('sub-jobs.company');      // adjust for your relationships

        $users = User::all();
        $categories = ItemCategory::all();

        return view('employees.subjobs.create', compact('job', 'users', 'categories'));
    }

Now each subjob will have company loaded

How you go from here depends on how you want the view to look.

If you are happy to list the job, its subjobs and each company for each subjob then you are done at this point.

The only issue may be that you may want to de-duplicate the company since the same company could be doing all subjobs?

Sorry, I haven't a clue what any of your last post means?

is that a good debug protocol?

Is what a good debug protocol?

So you are saying that the error Call to undefined method App\Job::job() occurs in some Telescope code?

You've not mentioned that before....

So you are saying the error is in /ForwardsCalls.php? In which case, we need to see the Job model.

The trick you are missing is if you get the Job injected you can load the relations required, eg

public function create(Job $job)
{        
$job->load('company');

    $users = User::all();
    $categories = ItemCategory::all();
    $sub_jobs = SubJob::where('job_id', $job->id)
           ->get();
    return view('employees.subjobs.create', compact('job', 'users', 'categories', 'sub_jobs'));
}

now $job will contain a relation `company`

$project = Project::create($request->all());

This means get all the fields, "and then" request the files in the @foreach?

More accurate to say that this creates a new project using all the fields passed in the request

When you get your error Call to undefined method App\Job::job() then this error will also tell you what file and what line this occurs on. This is usually helpful.

@orion unfortunately none of that is relevant because according to @mwspacellc php artisan schedule:run also says there are no jobs to run.

Unfortunately they are unable to debug why the scheduler thinks there is nothing due.

Altering the way cron is executed will not help.

Carbon: A simple PHP API extension for DateTime.

https://carbon.nesbot.com/docs/

you need to explain further and show code

fyc

You create a virtual host and set the public folder as the project root.

This is old, but will guide you in the right steps

http://www.visualwin.com/Host-Header/