Modifying form data before validation

are you using like for example: public function store(StorePostRequest $request) or just public function store(Request $request)

I'm using the first one

public function store(CreateProfileFormRequest $request)

please dd the $about after Purify::clean what you get? what is $about for? you have to Purify $request

so in my custom Request:

public function rules()
{
    $this->about = Purify::clean($this->about);
    dd($this->about);

shows data cleaned of any unwanted HTML

then in my controller:

public function store(CreateProfileFormRequest $request)
{

    dd($request->all());

shows all the request fields and the about field is 'dirty' again

Actually this gets weirder. In my controller, as I said above:

public function store(CreateProfileFormRequest $request)
{

    dd($request->all());

shows the data 'dirty'

array:20 [▼
  "_token" => "49IBMVtwgDxZCN7UJ9WJ3cWUsGHPy5VWJGWqZuve"
  "first_name" => "Ben"
  "last_name" => "Wrigley"
  "long_title" => "This is a long title test"
  "gender" => "female"
  "offers_online" => "1"
  "offers_sign_language" => "1"
  "slug" => "ben-wrigley2"
  "introduction" => "Some text about me"
  "about" => """
    <html><head><script> dodgey</script>\r\n
    \r\n
    Hello\r\n
    \r\n
    World\r\n
    \r\n
    \r\n
    <b> Try something bold </b>
    """
  "training" => "jhgjh"
  "fees_initial" => "jhgjhg"
  "further_info" => "jhgjhg"
  "availability_initial" => "jhgjhg"
  "languages_initial" => "jhgjhg"
  "speciality" => array:1 [▼
    4 => array:2 [▼
      "name" => "PTSD"
      "id" => "4"
    ]
  ]
  "specialityNew" => null
]

but this:

public function store(CreateProfileFormRequest $request)
{

    dd($request->about);

shows this:

"""
\n
\n
Hello\n
\n
World\n
\n
\n
<b> Try something bold </b>
"""

Now I'm very confused!

maybe this can help

 request()->about = Purify::clean($this->about);
 

ok store your data in db after change about

$user->about = $request->about;
$user->save();

in my case I've used Purify::clean to clean body in my model

 public function getBodyAttribute($body)
    {
        return \Purify::clean($body);
    }

Sorry I'm not sure I follow.

You mean in my controller?

What I currently have is:

  public function update(CreateProfileFormRequest $request)
    {
        $profile = $request->route('profile');

        $attributes = $request->except('specialityNew', 'speciality');

        //update profile
        $profile->update($attributes);
        $profile->save();

but this stores the about field that has the dirty data.

in your model please use it like below

 public function getAboutAttribute($about)
    {
        return \Purify::clean($about);
    }

and anytime you will call $something->about you will get cleaned version of about.

or if you insist to be cleaned before saving into db try this

  public function update(CreateProfileFormRequest $request)
    {
        $profile = $request->route('profile');

        $attributes = $request->except('specialityNew', 'about', 'speciality');

        //update profile
        $profile->update($attributes);
        $profile->about = $request->about;
$profile->save();

Thanks, that's all fine, but I need to clean it before validation, which is why I am cleaning in the Request file.

Don't you think it's odd that $request->all() returns a different version of about than $request->about? Isn't that where the problem is?

solved it!

So for anyone else with the same problem. Instead of what I had in my Request file:

public function rules()
{
    $this->about = Purify::clean($this->about);

This should have been:

public function rules()
{
    $this->merge(['about' => Purify::clean($this->about)]);

Thanks for your help!

@bwrigley great. good to know!