The following tutorial column of Laravel will introduce Laravel to ignore whitelists and blacklists. I hope it will be helpful to friends in need!
Difference
$fillable Whitelist: Allow insertion Field Default is: []$guarded Blacklist: Not allowed to insert fields Default is: ['*'] //Set all fields to the blacklist culprit
Code
$request->query->set('user_id', Auth::id());Comment::create( $request->all());
This is my favorite way of writing, if you can write one less Don't write two codes.
Of course the insertion will fail.
Solution 1
Manually add all field settings to protected $fillable = ['user_id','nickname',....];
It would be too troublesome not to consider this way of writing.
Solution 2
protectd $guarded = [];
This way of writing is better, because by default all fields are It's a blacklist, just reset it.
Solution 3
static $unguarded = true;
ignoreblack white Verification of list.
is as comfortable as solve2.
Questions 2 and 3
To understand why whitelist and blacklist are needed, do Steps 2,3.
And it can ensure that users cannot send data that damages the system.
(For example, my user_id, it is useless if the user sends user_id)
The above is the detailed content of About Laravel ignoring whitelist and blacklist. For more information, please follow other related articles on the PHP Chinese website!
Laravel: What is the difference between migration and model?May 16, 2025 am 12:15 AMMigrationsinLaravelmanagedatabaseschema,whilemodelshandledatainteraction.1)Migrationsactasblueprintsfordatabasestructure,allowingcreation,modification,anddeletionoftables.2)Modelsrepresentdataandprovideaninterfaceforinteraction,enablingCRUDoperations
Laravel: Is it better to use Soft Deletes or physical deletes?May 16, 2025 am 12:15 AMSoftdeletesinLaravelarebetterformaintaininghistoricaldataandrecoverability,whilephysicaldeletesarepreferablefordataminimizationandprivacy.1)SoftdeletesusetheSoftDeletestrait,allowingrecordrestorationandaudittrails,butmayincreasedatabasesize.2)Physica
Laravel Soft Deletes: A Comprehensive Guide to ImplementationMay 16, 2025 am 12:11 AMSoftdeletesinLaravelareafeaturethatallowsyoutomarkrecordsasdeletedwithoutremovingthemfromthedatabase.Toimplementsoftdeletes:1)AddtheSoftDeletestraittoyourmodelandincludethedeleted_atcolumn.2)Usethedeletemethodtosetthedeleted_attimestamp.3)Retrieveall
Understanding Laravel Migrations: Database Schema Control Made EasyMay 16, 2025 am 12:09 AMLaravelMigrationsareeffectiveduetotheirversioncontrolandreversibility,streamliningdatabasemanagementinwebdevelopment.1)TheyencapsulateschemachangesinPHPclasses,allowingeasyrollbacks.2)Migrationstrackexecutioninalogtable,preventingduplicateruns.3)They
Laravel Migrations: Best Practices for Database DevelopmentMay 16, 2025 am 12:01 AMLaravelmigrationsarebestwhenfollowingthesepractices:1)Useclear,descriptivenamingformigrations,like'AddEmailToUsersTable'.2)Ensuremigrationsarereversiblewitha'down'method.3)Considerthebroaderimpactondataintegrityandfunctionality.4)Optimizeperformanceb
Laravel Vue.js single page application (SPA) tutorialMay 15, 2025 pm 09:54 PMSingle-page applications (SPAs) can be built using Laravel and Vue.js. 1) Define API routing and controller in Laravel to process data logic. 2) Create a componentized front-end in Vue.js to realize user interface and data interaction. 3) Configure CORS and use axios for data interaction. 4) Use VueRouter to implement routing management and improve user experience.
How to create custom helper functions in Laravel?May 15, 2025 pm 09:51 PMThe steps to create a custom helper function in Laravel are: 1. Add an automatic loading configuration in composer.json; 2. Run composerdump-autoload to update the automatic loader; 3. Create and define functions in the app/Helpers directory. These functions can simplify code, improve readability and maintainability, but pay attention to naming conflicts and testability.
How to handle database transactions in Laravel?May 15, 2025 pm 09:48 PMWhen handling database transactions in Laravel, you should use the DB::transaction method and pay attention to the following points: 1. Use lockForUpdate() to lock records; 2. Use the try-catch block to handle exceptions and manually roll back or commit transactions when needed; 3. Consider the performance of the transaction and shorten execution time; 4. Avoid deadlocks, you can use the attempts parameter to retry the transaction. This summary fully summarizes how to handle transactions gracefully in Laravel and refines the core points and best practices in the article.
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
SecLists
SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.
PhpStorm Mac version
The latest (2018.2.1) professional PHP integrated development tool
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Notepad++7.3.1
Easy-to-use and free code editor
MantisBT
Mantis is an easy-to-deploy web-based defect tracking tool designed to aid in product defect tracking. It requires PHP, MySQL and a web server. Check out our demo and hosting services.
