Need Form Validation 0:00We now have a form that allows us to publish a post, but there's zero validation in place, which means if I click Publish, it will hit the controller, and the controller will immediately try to save that to the database. Now, somewhat fortunately, on our database end, we have a little bit of protection. So it's screaming right now, Integrity Constraint Violation, you tried to give us null, but the title is required, so we don't know what to do here, you're giving us mixed messages. But nonetheless, you never want to get to this point. We want to have some validation checks in place. So I'm going to show you two things you can do. Right off the bat, you should use HTML5 browser validation. It's not going to work everywhere, it's not going to work in older browsers, but nonetheless, where available, it's immediate browser validation that you get for free. So in this case, this input is required. The text area is required. So now, if we come back, HTML5 Browser Validation 0:41browsers, but nonetheless, where available, it's immediate browser validation that you get for free. So in this case, this input is required. The text area is required. So now, if we come back, give it a refresh, if I try to publish it, it won't even let me get that far. And further, in other browsers, you might get a little styling out of the box. Like in Firefox, let's give it a publish, and you'll see there. So each one is a bit unique. But nonetheless, it's free validation. However, there's ways to get around that, and like we've already talked about, not every browser supports this, especially older ones. So we need to have some server-side validation as well. Let's do that in PostController. Now, we come down to the store method, and we basically want to say, before you create the post, I want to validate the request data. And luckily, Laravel's thought about this for you. So it's going to give you a validate method Laravel Controller Validation 1:22and we basically want to say, before you create the post, I want to validate the request data. And luckily, Laravel's thought about this for you. So it's going to give you a validate method right out of the box. Validate the request specifically using these validation rules. So our syntax will be the title or the name of the field, and then a pipe-separated list of validation requirements. For example, required might be common. Maybe the minimum number of characters or the maximum number of characters you expect. The validation component is actually pretty in-depth, so I'll let you go to the documentation for your specifics. But basically, anything you need to validate will be available. In our case, let's just make sure that the title and the body are required. Now, let's try it. We'll publish it, but it just links back to this page, and that's exactly what the validate method does. So it will do this for you. It tries to validate, Displaying Validation Errors 2:07and the body are required. Now, let's try it. We'll publish it, but it just links back to this page, and that's exactly what the validate method does. So it will do this for you. It tries to validate, but if anything fails, it redirects back to the previous page, and in the process, it includes a populated errors variable. So now, take a look. If we come back to our form, we could place that here. So let's create a div with a class of alert and alertError, and then within it, we'll have an unordered list. Now, I can check for the errors. And a quick note about this. This variable will be available to every single view. Now, if there are no errors on the page and no form was submitted, it'll be an empty set. But if we validate and redirect back, this will be populated. So let's fetch all of the errors, and for each one, we will use a list item here and echo out the error. Okay, let's give it another shot. Refresh, publish, scroll down, and there you go. Andfetch all of the errors, and for each one, we will use a list item here and echo out the error. Okay, let's give it another shot. Refresh, publish, scroll down, and there you go. And you know what? I must have gotten the class wrong. Is it danger? Yes, it is. So why don't we do this? Why don't we...I just want some spacing. Form group, maybe? And paste that in, and then give it another shot. So you'll notice on the initial page load, we have no errors, so we don't see anything. But if we publish it, we do have errors. And again, I forgot to update this. Anyways, that'll do it. So this is looking good, but now we have another thing. Let's give the page a refresh, and we see this empty block. And of course we do, right? We have the alert, so we build that up every single time, regardless of if we have any errors. Let's add a new section at the top and say, if there is a count, a number of errors, then and only then will we spit out this HTML fragment. Extract Errors Partial 3:46time, regardless of if we have any errors. Let's add a new section at the top and say, if there is a count, a number of errors, then and only then will we spit out this HTML fragment. So now if I give it a refresh, we don't see any of that. But if we have validation errors, we do see that. And we still have that spacing. You know what? It's probably because this should be within a form group too. Yeah, that should give it some arch and bottom, right? And it does. But now let's do a quick bit of cleanup. What you'll probably find is you're going to have a number of forms in your application, and you'll probably rewrite this over and over. So if that's not going to change, just put it into a partial. Maybe something like layouts.errors, or maybe a partials directory. Whatever you want. Resources, views, layouts, errors.blade.php, and I'll paste that in. So now any form can reference this simply by including it, Form Request Classes 4:35a partials directory. Whatever you want. Resources, views, layouts, errors.blade.php, and I'll paste that in. So now any form can reference this simply by including it, and we'll get the exact same thing as before. So now let's provide some data, publish it, and it works. So that about does it for your initial introduction. To switch back to the controller, there are ways to perform the validation outside of the controller. So if this feels gross to you, I would say think long and hard about why it feels gross to you, and if that's necessarily warranted. A lot of people would say this controller is doing too many things. It's calling create to create a post. It's redirecting somewhere. It's validating. I would say try to get out of your head a little bit and ask yourself, is this not the simplest way we could go about it? Because that's always the goal. As simple as possible. But it is true, youI would say try to get out of your head a little bit and ask yourself, is this not the simplest way we could go about it? Because that's always the goal. As simple as possible. But it is true, you may get to a point where you have a number of fields, a form with maybe 30 different fields, and at that point your controller does get kind of gross. So there are dedicated form request classes you can create. We're not going to review it right now, but those would be stored within your app, HTTP, request directory, and when you generate one, that folder will automatically be created. So you can research that if you'd like to work ahead. Otherwise, I think this looks great.
