Planning Article Creation 0:00Alright, welcome back. So we're making really good progress. We can display all of our articles. We can view a specific one, of course. But now what about the basic process of creating an article? Well we need an endpoint for that, right? We also need a form. We need a way to take the values from that form and insert them into our articles table. We need a way to redirect the user once they create an article. So there's lots of little things that need to occur. Adding Create Route 0:22We need a way to redirect the user once they create an article. So there's lots of little things that need to occur. And luckily, once again, with Laravel, all of these tasks are a cinch. So let's code the code. If we switch over to routes.php, we need a new endpoint. So we will say when we make a GET request to articles slash create. And by the way, notice that for all of these URIs, I'm following a basic convention here. And we'll talk about this more in a future lesson. At least for now though, keep an eye on how I'm choosing to name these. They're not coming out of the blue.At least for now though, keep an eye on how I'm choosing to name these. They're not coming out of the blue. I am, in fact, following a convention. Okay, so when a user visits that page, we want to load a method called create on articles controller. That's our next step. Articles controller, add a new method here for create. And we will load a view, articles.create. Easy enough. Next, of course, we should create that.Easy enough. Next, of course, we should create that. So resources, views, articles, and add a new one, create.play.php. That extends our app master page, and then we'll have a section for the content. So we'll begin with a heading one, write a new article, and then a horizontal rule, and next we need a form here. Now, we could do all of this manually, or we could pull in a first party package that will simplify this a little bit. So let's do that. Back to the terminal, I'm going to require a new package. Installing Form Builder Package 1:48So let's do that. Back to the terminal, I'm going to require a new package. Composer, require, Illuminate, which is the name that Laravel itself uses for all of its various components. In our case, we want Illuminate slash HTML, which of course is not included with the base install of the framework. So let's grab that, and it'll take maybe 10, 15 seconds. Now, while that's doing its thing, let's switch over to the browser, and specifically to the GitHub repository. Here's what we're pulling in.specifically to the GitHub repository. Here's what we're pulling in. Now, you'll see we have something called a form builder, and also an HTML builder. Think of these as ways to supercharge the process of creating forms and writing HTML. In my case, I mostly use the form builder. However, that's just a general class. It would be cool if I had sort of a streamlined way to interact with it. And that's where we come to this idea of a Laravel facade. Now, we're going to talk about this quite a bit more in a future video.And that's where we come to this idea of a Laravel facade. Now, we're going to talk about this quite a bit more in a future video. So for now, just come with me for the ride, see it in action, and then you'll start to understand when it makes sense to use a Laravel facade, and when it's best to not. In our case, notice that we have this form facade here. So how do we tell Laravel about this package that we just pulled in? Well, I'll show you. For most packages around the web that offer some kind of Laravel hook, you will see a service provider class.For most packages around the web that offer some kind of Laravel hook, you will see a service provider class. Think of this as a Laravel-specific class that bootstraps things. It registers any objects within Laravel's container. It sets some config. Really, it does whatever you need it to do. Now, if I just said that and all of these terms sound completely foreign and new to you, once again, it's okay. For now, just follow the steps. Registering Providers and Facades 3:33it's okay. For now, just follow the steps. And then in future videos, we'll talk more about things like service providers. So for now, we just want to register this. And the full path is illuminate-html-html-service-provider. So if I go to my config directory, into app, and we scroll down, you'll see right here a big list of the various service providers. These are sort of like the building blocks for Laravel 5. Notice we have things like authentication, the command bus, handling cache, our controller service provider,Notice we have things like authentication, the command bus, handling cache, our controller service provider, our validation service provider, all of these various things. And really, if you want to learn more about how Laravel is composed, well, take a look at any of these service providers, and you'll start to get a good idea as to how things work behind the scenes. But anyhow, in our case, we're going to add this new one. Illuminate-html-html-service-provider. Next, we talked about that idea of a facade, and I want to reference that facade. Don't forget, if we switch back, we want to use this form facade class here,Next, we talked about that idea of a facade, and I want to reference that facade. Don't forget, if we switch back, we want to use this form facade class here, as well as the HTML facade. So if we scroll down a little further, you'll see that we have these aliases. This gives us sort of a global way to access these namespace classes. So let's go right down to the bottom. We'll add a new one here for form, and that will point to illuminate-html-form-facade. And again, this file right here is exactly what we're pointing to. Next, even though we won't be using it in this lesson,And again, this file right here is exactly what we're pointing to. Next, even though we won't be using it in this lesson, we want to create another facade for the HTML. So let's do that one. Duplicate it, we'll have HTML, and that will point to HTML facade. And that's it. We've done all the setup for this package, which means we can return to our create view and make use of it. Now, we can do things like this. Form open, and let's close it out as well. Fixing Route Wildcard Conflict 5:30Now, we can do things like this. Form open, and let's close it out as well. Form close. Okay, so let's leave it just like that and see what we get in the browser. So if we come back and visit article slash create, whoops, it looks like we got a model not found exception, which means I actually screwed up when we registered the route. But that's okay, this will be a good reference for your learning. Now, why are we getting that? If we go back to articles controller,Now, why are we getting that? If we go back to articles controller, we're not fetching any records from the database. Yet still, we're getting that model not found exception from up here. So it looks like it's calling the show method instead of create. I'll prove it to you. Show, and if we come back and refresh, you can see that that method is being triggered rather than create. So why is it doing that? And the answer revolves around how we registered our routes.So why is it doing that? And the answer revolves around how we registered our routes. Notice that we have our wildcard here above this section. So what we're saying is, well, respond to articles slash anything. And then load a show method, right? So when we get to this part, well, it's not taking effect because our wildcard is taking its place. So whenever you wanna be more explicit, just make sure that it comes before the wildcard. Now, we've said articles slash create.just make sure that it comes before the wildcard. Now, we've said articles slash create. That exact URI should direct here. Next, we'll have to fall back to articles slash and then some kind of identifier. And only then will we load the show method. Okay, so let's try that now. Give it a refresh, and there we go. Now it's working. So be sure to remember that if you ever fall into the same trap.Now it's working. So be sure to remember that if you ever fall into the same trap. Anyhow, if we view the source now, notice that the little bit of code we entered using that illuminate slash HTML package actually gave us a lot of bang for our buck. Notice that by default, it'll set our method to post. It will assume that the action is just the current URL. So we're just going to post to the exact URL. It will set a unique token, and this will protect us and give us a little bit of security that we'll talk about a little more later.It will set a unique token, and this will protect us and give us a little bit of security that we'll talk about a little more later. But also, we can now do things like this. Why don't we create a text input? Okay, form and text. And how about this will be for the name? All right, so let's come back, and if we refresh, it builds that for us. Even better, we could do things like this. Let's have a label for the name or the element that has a name of name, coincidentally.Let's have a label for the name or the element that has a name of name, coincidentally. And then the value for the label will be name colon. Okay, so if we refresh, notice these are just little helpers that build up the HTML for us. So if we come back and refresh, that's what we get. But in our case, we're using Bootstrap, right? So why don't we apply some Bootstrap classes? Once again, back to our editor, we will wrap this within a div that has a class of form group, like so.Once again, back to our editor, we will wrap this within a div that has a class of form group, like so. And then our actual form controls should have a class of form control. So we can do that as the third argument, like so, class is form control. So the first argument will be the name of the element, the actual name attribute that we use. The next will be the default, and the third will be any additional parameters that you wanna pass through. So for example, I could say foo bar, and you'll see how this plays out. So back to the source, give it a refresh, and Building the Article Form 9:03So for example, I could say foo bar, and you'll see how this plays out. So back to the source, give it a refresh, and now you'll see in addition to giving it a class, we also gave it some other kind of custom attribute. That's exactly how that works. Okay, but anyways, if we see it in the UI, there we go, we're using Bootstrap. So now that we understand the basics here, why don't we build a form for adding a new article? If we very quickly take a look at our migration, we have a title, a body, and that should be enough.If we very quickly take a look at our migration, we have a title, a body, and that should be enough. We'll ignore publish that for now. So let's say right here, we gotta give it a title. Next, we'll do another one, but this time I'm gonna show you a little snippet. In PHPStorm or any editor, you can create custom snippets that really will save you a lot of time. As you can imagine, for most projects, you'll build a lot of forms, so try to streamline that as much as possible.As you can imagine, for most projects, you'll build a lot of forms, so try to streamline that as much as possible. For example, take a look at this, text field, tab, and now I can build all of this up. In our case, body, and it will apply all of the defaults I need here. Just take a look at live templates in PHPStorm. By the way, we cover all of that here at Lerikast, if you wanna learn how to create your own. It's really easy. The only thing I'll change here though is, I don't want a text field,It's really easy. The only thing I'll change here though is, I don't want a text field, I actually want a text area. Okay, let's see what that looks like. Come back, refresh, and there we go. So all that remains is a submit button. I have one for that too. Submit field, and we'll say add article. Okay, so notice the difference here is I'm saying form, and I wanna submit button.Okay, so notice the difference here is I'm saying form, and I wanna submit button. Not a text field, or a text area, or a checkbox, or a select dropdown. We wanna submit button. And then here, once again, I'm giving it a couple bootstrap specific classes. Okay, so now when I fill all of this out and I hit add article, what's gonna happen? Well, it'll send a POST request to that current page. And in some cases, you might want that, but in other cases, especially if you're familiar with this idea of REST, Creating Store Endpoint 11:10And in some cases, you might want that, but in other cases, especially if you're familiar with this idea of REST, well, you might wanna use a different structure. And in our case, we do. So let's go back to routes.php, and we'll say we want to respond to a POST request to articles. Then, we will load articles controller at store. Once again, all of this here is following a convention. And if you're curious about this and you wanna work ahead of the rest of us, then just have a search around Laracast for REST, andAnd if you're curious about this and you wanna work ahead of the rest of us, then just have a search around Laracast for REST, and you'll start to learn more. But in this case, if we want to store a new article, then we would send a POST request to whatever the name of the collection is. In this case, it's articles. Okay, so back to articles controller. We have a new method, store. And this is responsible for taking that form data, throwing it into the database, and then probably redirecting us somewhere.And this is responsible for taking that form data, throwing it into the database, and then probably redirecting us somewhere. Maybe back to that main page to view all articles. So that begs the question, how do we gain access to the values that the user enters into that form from this method? I'll show you. And in fact, I'll actually show you a couple different ways. To begin, I'll show you the simplest option. We will use a facade. So at the very top, you'll see that we are injecting Illuminate HTTP request.We will use a facade. So at the very top, you'll see that we are injecting Illuminate HTTP request. However, if we're gonna use the facade, which sort of gives you a nice exterior, a nice interface that can be convenient when used responsibly. So instead, we'll just say use request. Okay, so now if we wanna grab the input, I could say request all. Fetch all input, whether that's from the GET or POST super globals. So why don't we do this? Let's just return the input so you can see it on the screen. However, we still have one step.Let's just return the input so you can see it on the screen. However, we still have one step. Don't forget that right now, the form is posting to the current page. But we set up a route to post to slash articles. So we need to reference that from our form. Here's how we do it. Well, once again, we could use a named route. You haven't learned about that yet, but if you've read ahead, you could use that approach. You could use URL or you could use action,you could use that approach. You could use URL or you could use action, very much like we reviewed in the previous lesson. All of that will still apply here. So in this case, why don't we keep it simple and go with good old URL, and that will be articles. And remember, the default request type will still be POST. So if we now refresh, this is what we want, a POST request to slash articles. Okay, let's try it out. Enter some dummy text.Okay, let's try it out. Enter some dummy text. We submit it. We hit that route. We return the data, and now we have access to it. So that means if you, for example, want to access just the title, then you could say request get title. Okay, let's see that one. Refresh, and now we have that value. And of course, the same for any other fields that you've defined. Saving Article with Mass Assignment 14:09Refresh, and now we have that value. And of course, the same for any other fields that you've defined. Okay, so now that we know we can do request all to fetch all of the input, how would we actually create the new article? And don't forget, from our Eloquent 101 lesson, we learned that we can do things like article create, or we could do new article, and then manually set the fields, like article title equals the title, or input title, the title from the form. And by the way, don't worry about anything like SQL injection.input title, the title from the form. And by the way, don't worry about anything like SQL injection. Eloquent will protect us against that, so you don't have to manually escape things. No need to worry about that. Or another way would be to pass this through the constructor. So if you want to do up an article, pass through the attributes in the process without persisting it just yet, then this would be the way to go. But in our case, very simple stuff, so we will use create. And if we want, we could just pass through the input directly. And remember, earlier we talked about this idea of mass assignmentAnd if we want, we could just pass through the input directly. And remember, earlier we talked about this idea of mass assignment vulnerabilities, where people might take advantage of us if we just pass whatever array is sent from the form to a method like this. And that's why, just to reiterate, we have this fillable field on our article class. This says, these are the only fields that may be mass assigned. So if some hacker tries to change the name of these elements to ID or user ID to manipulate things that we didn't expect, it doesn't matter. Any of that stuff will be discarded, which means this method is perfectly safe. All right, so we've fetched the input, we've created the article.Any of that stuff will be discarded, which means this method is perfectly safe. All right, so we've fetched the input, we've created the article. Why don't we now just redirect to that same view? Okay, so we fetched the input, we created the article, and saved it to the database. Now, we don't want to return it, we want to redirect. Where specifically? Well, why don't we redirect back to the article's list view page? So I can say, return, redirect to articles. Okay, let's just see what happens.So I can say, return, redirect to articles. Okay, let's just see what happens. I'm anticipating a failure, but let's see that in action. We'll come back, we want to create an article, new article, new body. And if I hit add article, it fails. And that's because, remember, we didn't add the publish that field. So why don't we cheat, and right here we'll say input, publish that will be equal to, and we can use carbon again, carbon now. For the time being, we will default to the publish that field being the exact time.For the time being, we will default to the publish that field being the exact time. But maybe later, you could extend this so that we could set the publish that field to be some point in the future. And that way, when you fetch all articles, we can scope it to only those that have a publish that attribute of now or in the past. All right, so let's import this full class path. Just to remind you, we reference it as carbon slash carbon, actually. And now, it should work. So back to the browser, let's add it again. Ordering Articles by Latest 17:19And now, it should work. So back to the browser, let's add it again. It's right here at the bottom. So yes, it worked, but should it be at the bottom? A new blog post or article should be at the top, right? Well, let's fix it. Right up here, when we fetch all articles, it sounds like we want to order them in descending order, so latest first. So let's change this to article, get the latest ones, and we just add it just like that, get the latest articles.So let's change this to article, get the latest ones, and we just add it just like that, get the latest articles. Now, if you're curious, if we take a look at the latest symbol within our builder class, notice that all it does is add this order by, the column name, in descending order. It's just a convenience to do that for us, which means if you wanted, you could just say article, order by, published at, in descending order, and then fetch the results. That would be fine too, but Laravel makes it a little easier, since as you can imagine, this is such a common task.That would be fine too, but Laravel makes it a little easier, since as you can imagine, this is such a common task. And as you can imagine, in addition to latest, you also have oldest to do the opposite. All right, so let's bring that back. We'll set our column to use as published at, and we're ready to go. So back, give it a refresh, and now this time, the newest one shows at the top, as we'd expect. All right, so we're just about finished with this lesson, but I want to leave you with a cliffhanger here. Introducing Need for Validation 18:42All right, so we're just about finished with this lesson, but I want to leave you with a cliffhanger here. We have one problem. What if we just add an article, but we don't fill out anything? Well, uh-oh, what the heck is going on here? If we view the source, we can see that, yes, we actually did add a new row to the database. But we didn't have any kind of validation or constraints to protect ourselves, so we end up with these tricky scenarios. So in the next video, we'll talk about validation.constraints to protect ourselves, so we end up with these tricky scenarios. So in the next video, we'll talk about validation.
