Menu
there is a UpdateUserRequest form request that verify fields value against its rules defined in rules mathod .it has rules() and authorize() methods by default. i want prevent verifying and updating empty fields (such as password) .
using sometimes in rules is not useful as html inputs will be present in POST request even if they are empty.
array:6 [▼
"_method" => "PATCH"
"_token" => "Cz79rRez2f6MG0tTU17nVwXD0X1lNGH1hA7OORjm"
"name" => "john"
"email" => "[email protected]"
"password" => ""
"password_confirmation" => ""
]
so i should remove empty keys of POST request before using sometimes in rules.
the question is : Where is the best place to purge Request array?
is there any laravel build in method to manage such situations?
P.S :Solution:
@Bogdon solution is still valid and works, but there is another simple ,nice ,neat solution adopted from here:
just override all() method inside form request
class RegistrationRequest extends Request
{
...
public function all()
{
$attributes = parent::all();
if(isset($attributes['password']) && empty($attributes['password']))
{
unset($attributes['password']);
}
$this->replace($attributes);
return parent::all();
}
...
}
973
By default in Laravel there are two middlewares, which sanitize input data App\Http\Middleware\TrimStrings and Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull . Their names speak for themselves. These middlewares sanitize all input data of every request.
Laravel SanitizationSanitization of input includes the techniques to identify and remove the possible input entries of strings that can be harmful to your application.
Laravel Form Request class comes with two default methods auth() and rules() . You can perform any authorization logic in auth() method whether the current user is allowed to request or not. And in rules() method you can write all your validation rule.
To make this work you'll need to modify the contents of the App\Http\Requests\Request class to allow a way to sanitize the input (class code taken from this Laracasts post):
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
abstract class Request extends FormRequest
{
/**
* Validate the input.
*
* @param \Illuminate\Validation\Factory $factory
* @return \Illuminate\Validation\Validator
*/
public function validator($factory)
{
return $factory->make(
$this->sanitizeInput(), $this->container->call([$this, 'rules']), $this->messages()
);
}
/**
* Sanitize the input.
*
* @return array
*/
protected function sanitizeInput()
{
if (method_exists($this, 'sanitize'))
{
return $this->container->call([$this, 'sanitize']);
}
return $this->all();
}
}
After that you just need to write add sanitize method in the UpdateUserRequest class that removes the password field from the input when it's empty:
public function sanitize()
{
if (empty($this->get('password'))) {
// Get all input
$input = $this->all();
// Remove the password field
unset($input['password']);
// Replace the input with the modified one
$this->replace($input);
}
return $this->all();
}
Now using the sometimes rule for the password field will work:
public function rules()
{
return [
// Other rules go here
'password' => 'sometimes|required|confirmed'
];
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
