Level 80
i have a paginate table and i get the link like this students/40 and this 40 i insert it into controller to paginate function
@mahmoudadelali Why? That’s literally what a query string is for, and what Laravel does by default.
May 11, 2022
10
Level 5
Best way to validate the GET request ?
Hi there , i have a paginate table and i get the link like this students/40 and this 40 i insert it into controller to paginate function , but if i edit the link to string i got ERRor and in debug:false i get 500 server error so i can validate it with PHP - or there's laravel way to validate it ? The Code
public function index(Request $request,int $count = 10)
{
$request->validate([
'count' => 'integer'
]);
//Get All Student And View it inside the Tables
$students = Student::latest()->paginate($count);
return view('admin.components.students',compact('students'));
}
The Routes
Route::prefix('adminControl')->middleware('auth:admin')->group(function () {
Route::get('/students/{count?}',[StudentController::class,'index'])->name('student');
Level 5
@martinbean - by default when i try to write a ( ' or any string ) laravel return error if i turn on the debug , and return 500 ERROR if i turn of the debug ,why ? , cause i need to make a option inside the page make the user visible 100 student or 50 as he like , this the client requirement :) , so... now i use a regular php condition inside the controller and i don't know if this the right way or what ..
$count = (!is_int($count)) ? 10 : $count;
1 like
Level 75
but if i edit the link to string
What do you mean by that?
Level 5
@jlrdw Excuse me for my poor English i mean when i send another data in the request using the link for example the link : 127.0.0.1/project/student/50 -> so this goes to show me 50 student in table but when i manipulate it to 127.0.0.1/project/student/M or 127.0.0.1/project/student/' laravel return error if i turn on the debug , and return 500 ERROR if i turn of the debug
Level 80
@MahmoudAdelAli I think you need to take a step back and learn what a query string is, instead of just sticking load of parameters in the path. Search engines are going to see those as distinct URLs and start penalising you for duplicate content.
Use query strings how they were intended:
/students?per_page=50
class StudentController extends Controller
{
public function index(Request $request)
{
$students = Student::paginate($request->query('per_page'));
return view('students.index', compact('students'));
}
}
If you want to ensure the per_page parameter is an integer and within a given range, you can do that:
$perPage = (int) $request->query('per_page', 15);
if ($perPage < 1 || $perPage > 100) {
abort(400, 'The per_page parameter must be an integer between 1 and 100');
}
$students = Student::paginate($perPage);
This will return a 400 Bad Request error if a user specifies a bad per_page parameter.
3 likes
Level 5
@MahmoudAdelAli I agree with @martinbean . It should be a query string instead of a route parameter.
2 likes
Level 5
@martinbean thank u that's helpful it's first time i know about this query , i think i need to take step back too but the time not enough to do that now so i search a lot , for search engines, these pages are not important cause it's admin panel :D ,
Level 122
force it to an integer
$count = intval($count);
1 like
Level 35
What I mostly do is:
$count = min(500, max(10, intval($count)));
Where 500 is the maximum you would allow and 10 the minimum. It is a simple way of allowing any value between 10 and 500.
This way nobody can manipulate it and set it to 1.00.000 manually and make your server work a lot and/or crash their own browser.
2 likes
Level 5
What is wrong with your code ? Of course if you type /students/foobar it will not pass the validation because you are trying to validate that the parameter is an integer (foobar is not).
Can you explain what you are trying to do ?
1 like
Please or to participate in this conversation.