Level 73
If you are the only one having access to the action which will call forceFill then it is probably safer, because if you add it in the fillable and then you use $request->all() when updating, those fields can be overwritten.
1 like
Mar 2, 2022
2
Level 12
ForceFill vs. Fillable
Hi. Just a short question. Sometimes I have to write something in database, which should never be send by input fields. Should I use ForceFill for that? I saw it at a file from Fortify the first time. Normally I put everything into fillable and then when I save it it works. But is it more secure, when I dont put it in fillable and better do forcefill for that fields?
Level 12
thx @nakov :)
Please or to participate in this conversation.