Level 2
You can use Slugs if you don't want to display Ids.
1 like
Nov 30, 2021
9
Level 2
CRUD Best Practice
Is it best practice to perform CRUD with IDs as defaulted by framework or its better to use own unique fields? Taking into consideration system users can guess the next number. See edit snippet below:
public function edit($id)
{
$tenant=Tenant::find($id);
return view('pages.tenants.edit')->with('tenant',$tenant);
}
For blog posts and articles you can use UUID but for back office applications that looks weird.
Any thoughts would be much appreciated.
Level 2
@abdulrehmandar2234 Slugs for public facing website is ok but for back office apps I think it's not very appealing
Level 102
I suggest you then use UUID. You can have both ID and UUID on the same models/tables.. Then for each route you deside how to find the given record
https://github.com/webpatser/laravel-uuid
here we load it user by uuid
Route::get('someurl/{user:uuid}', [UserController::class, 'show');
But you should always use policies to ensure a user can only see what they are allowed to! :)
3 likes
Level 80
Taking into consideration system users can guess the next number.
@kenprogrammer Yes. It’s an attack vector too if you have an application with information that a competitor can scrape automatically by just incrementing an ID and issuing a GET request.
I personally use slugs on the front-end and UUIDs in the back-end. The reason for UUIDs in the back-end is because if admins are changing the names of title fields, then a slug would change. One example is videos in a video on demand platform I have. I send an email when a video has finished processing that includes a link to the edit video page. If I used a slug on this page, the slug would change (and break the URL in the email) when an admin updated the video’s title. Whereas if I use a UUID, that will stay constant and that link in the email will work so long as the video exists.
1 like
Level 2
@martinbean One more thing,consider the snippet below:
class Post extends Model
{
/**
* Get the comments for the blog post.
*/
public function comments()
{
return $this->hasMany(Comment::class);
}
}
If am using UUIDs do I still need to save the ID of the parent table into the child table for the relationship to work? The relationship expects comments table to have post_id column.
Level 102
@kenprogrammer no that still uses the id. That's why it makes sense to have both
1 like
Level 2
@Sinnbeck So still I've to insert IDs as foreign keys in child tables? I tried relationship with a different column other than ID it never worked.
Level 102
@kenprogrammer Exactly. UUID is only for looking up the record (from url parameters). Just like a slug would.
1 like
Level 2
@Sinnbeck Ok Thanks
Please or to participate in this conversation.