If you are taking any data from the user, pay attention to validations.
Unfortunately, I see some tutorials that takes data directly from the user, which allows the user to pass any inappropriate data or even guess the names of the database tables and send data to other fields that are not in the form.
Therefore, pay attention to the following:
1- Start with HTML... Your validations should start from the first HTML.
You should make sure that the required fields are marked as "required".
These required fields should be validated on the server-side but if the user leaves them empty... Why waste server requests on empty fields?
2- If you have MultiSelect/Select or Hidden fields, It's important to validate the value entered in them because it is easy for the user to inspect and change the data sent to the database.
3- Prevent Mass assignment, in laravel you can use one of these into your model ( fillable or guarded), The guarded
property specifies which attributes should not be mass assignable, while the fillable
property specifies which attributes are allowed to be mass assignable."
4- It's very important to validate any type of image or file that will be uploaded.
5- Do not use $request->all()
and take the validated data.
You are dealing with all kinds of users, so expect the worst.
If you have read this far, thank you for your time ❤️
Top comments (0)