Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

dishantagnihotri's avatar

How to make URL unique for every user

I create a multi-author blogging app on laravel 5 and the URL is demo.com/@username/post-url. Now, I have 2 questions regarding this. First, How to make URL unique for every author only. The controller for publishing the post is as follows:

public function addPostRequest(Request $request){ if(Auth::check() && Auth::user()->role = 'author' && $request->isMethod('post')){

if($request->has('url') && $request->has('title') && $request->has('tags') && $request->has('content')){ $this->validate($request, [ 'url' => 'Required|unique:posts', 'title' => 'Required|Min:3|Max:300|', 'tags' => 'Required|Min:3', 'content' => 'Required|Min:100', ]);

        $post = new post;
        $post->title = $request->input('title');
                    $post->user_id = Auth::user()->id;
        $post->save();

        $post->post_id = post::where('url','=',$post->url)->pluck('id');
            
            $request->session()->flash('success', $post->url);
             
        return Redirect::back();
    
   }else{
        return 'not allowed';
   }

}

Second, if I put someone else username like demo.com/@username3/post-url the page still opens the same post, even username3 don't write that same url post.

public function post($username, $url){

    $post = post::with('author')->where('url','=',$url)->first()
    $author = User::where('id','=',$post->user_id)->first();
    
    return view('pages.post')->with(compact('post','author'));

}

How I can overcome this issue. Thanks in advance

0 likes
5 replies
bobbybouwmann's avatar

Before you allow a user to post something you should check if the current username in the url is the same as the current logged in user. You can check this in your controller, but you can also do this in a middleware, that up to you.

$username === auth()->user()->username
dishantagnihotri's avatar

no. I want to make url unique. Which you suggesting is already implemented. The problem is with the URL which is opening. My website demo.com/@username/post-url when put username-another in place of username, then it still display the post, rather of the username. ie. it is not checking wheather the user has written that post or not

Cronix's avatar

You say it's implemented, but it doesn't look like it.

public function post($username, $url){

    // check if the $username is the same as the person logged in
    // (strip off the @ so you can compare)
    if (ltrim($username, '@') !== auth()->user()->username) {
        // do something if they are not so they can't view it.
        abort(404);
    }

    $post = post::with('author')->where('url','=',$url)->first();
    $author = User::where('id','=',$post->user_id)->first();
    
    return view('pages.post')->with(compact('post','author'));

}
Snapey's avatar

Check the username goes with the post

It would really help if you edited your original post so that it was readable.

$post = post::with('author')
    ->where('url','=',$url)
    ->whereHas('author', function($query) use($username){
        $query->where('username',$username);
    })
    ->firstOrFail()

The post is only returned if it has author with the right username, otherwise 'page not found'

Please or to participate in this conversation.