I have 2 questions and I need your help.First of all, I have made a delete route for comments, but other users logged can also delete comments from direct link...link.com/deleteComment/id. How to make this available only for owner of the comment?The owner id is saved in database and can be accessed with {{ $comment->user_id }}.
Second problem...In my view, when I click on a photo which have no comments, I'm receiving undefined variable comment, but I dont know why because on photos with comments, I have no problem with that.Can I make something like if comments != empty, dont show it or something like that?
CommentsController:
public function store(Request $request, $post_id)
{
$this->validate($request, array(
'comment' => 'required|min:5|max:2000',
));
$post = Post::find($post_id);
$comment = new Comment();
$comment->username = Auth::user()->username;
$comment->email = Auth::user()->email;
$comment->user_id = Auth::user()->id;
$comment->comment = $request->comment;
$comment->approved = true;
$comment->post()->associate($post);
$comment->save();
Session::flash('message', "Message posted successfully!");
return Redirect::back();
}
PostsController:
public function delete($id){
DB::table('posts')->where('id',$id)->delete();
return redirect('/profile/' . auth()->user()->id);
}
My view
#foreach($post->comments as $comment)
<div class="comment d-flex ">
<p><strong><a class="text-dark" href="/profile/{{ $comment->user_id }}">{{ $comment->username}}</a>: </strong> {{ $comment->comment}}</p>
#can('update', $post->user->profile)
<div class="dropdown col-md-6">
<button type="button" class="btn btn-primary dropdown-toggle btn-sm" style="background-color: #ffffff00;border: 1px solid #555;color: black;padding: 0 5px" data-toggle="dropdown">
Select
</button>
<div class="dropdown-menu">
<a class="dropdown-item" href="#">Edit comment</a>
<a class="dropdown-item" title="Options" style="text-decoration: none;" href="/deleteComment/{{$comment->id}}">Delete comment</a>
</div>
</div>
</div>
#endcan
#endforeach
My route
Route::post('comments/{post_id}', ['uses' => 'CommentsController#store', 'as' => 'comments.store']);
Route::get('/deleteComment/{id}', 'CommentsController#delete');
Try this to restrict the deletion only for the authenticated user who owns the comment:
/**
* Comments Controller Method Delete
*/
public function delete($id){
if(!DB::table('comments')->where('id',$id)->where('user_id',auth()->user()->id)->delete()){
Session::flash('remove', "You do not have permission to delete the comment!");
}else{
Session::flash('remove', "Message removed successfully!");
}
return Redirect::back();
}
For your second question, I think that what happens is that by not having comments you are using the variable without results.
You can try to enclose the statement where you use the variable $comments using this.
For Controller or others files php
if (!$comment->isEmpty()) {
//your code
}
if ($comment->count()) {
//your code
}
if (count($comment)) {
//your code
}
For Blade
#if(!$comment->isEmpty())
//your code
#endif
#if($comment->count())
//your code
#endif
#if(count($comment))
//your code
#endif
I hope I could help you, if not, please attach more code where they appear exactly what he says, since comments and delete the picture, since I have not seen in the code you have attached. Thanks and good luck.
References
$comment->isEmpty
$comment->count() and count($comment)
Updated
<div class="row">
<div class="col-md-12">
#if(!$post->comments->isEmpty()) //****Added
#if($post->comments->count() > 0)
#foreach($post->comments as $comment)
<div class="comment d-flex ">
<p><strong><a class="text-dark"
href="/profile/{{ $comment->user_id }}">{{ $comment->username}}</a>:
</strong> {{ isset($comment->comment) ? $comment->comment : "--" }}</p>
#can('update', $post->user->profile)
<div class="dropdown col-md-6">
<button type="button" class="btn btn-primary dropdown-toggle btn-sm"
style="background-color: #ffffff00;border: 1px solid #555;color: black;padding: 0 5px"
data-toggle="dropdown">
Select
</button>
<div class="dropdown-menu">
<a class="dropdown-item" href="#">Edit comment</a>
<a class="dropdown-item" title="Options" style="text-decoration: none;"
href="/deleteComment/{{$comment->id}}">Delete comment</a>
</div>
</div>
</div>
#endcan
#endforeach
#endif
#endif //****Added
</div>
</div>
Updated for delete if admin or no
/**
* Comments Controller Method Delete
*/
public function delete($id)
{
$comment = DB::table('comments')->where('id', $id):
if(!auth()->user()->admin){
$comment->where('user_id', auth()->user()->id);
}
if (!$comment->delete()) {
Session::flash('remove', "You do not have permission to delete the comment!");
} else {
Session::flash('remove', "Message removed successfully!");
}
return Redirect::back();
}
The first question can be done easily. In your destroy() function, just check comment owner:
// Check comment owner
if($comment->user_id != \Auth::id()){
return abort(401);
}
// Do logic code to delete comment.
The second question, you can check exist comment like this :
if(! $comments->isEmpty()) {
// Do logic code to show comment
}
Related
I have tried to code a cutome view in which i would be able to code an html tag to directly download the file which was uploaded before with voyager admin panel. here is my route
Route::get('/download/{research}',[App\Http\Controllers\ResearchController::class, 'download'])->name('download');
here is the html tag:
Download
help me in the controller bellow
public function download(Research $research)
{
}
I've worked through this question all night long and found out this
helpful.
Then I solved it like this:
Controller
public function home()
{
$researches = Research::all();
foreach ($researches as $research){
$download_links[] = json_decode($research->attachment);
}
$departments = Department::all();
$role_id = \TCG\Voyager\Models\Role::all()->where('name','=','student')->first()->id;
$students = User::all()->where('role_id','=',$role_id);
return view('Research.home', compact('researches','departments','students','download_links'));
}
View
{{ $i=0 }}
#foreach($researches as $research)
<div class="row">
<div class="col-md-10">
<button data-toggle="collapse" data-target="#demo{{ $research->id }}" class="btn border text-start form-control" title="click to read abstract">[ {{ ucwords($research->title) }} ] By: {{ $research->user->name }} #if($research->user->student != null) {{ $research->user->student->last_name }} #else {{ $research->user->employee->last_name }}#endif</button>
</div>
<div class="col">
Download
</div>
</div>
<div id="demo{{ $research->id }}" class="collapse row border">
<div class="col-md-12 ">{!! $research->description !!}</div>
</div>
#endforeach
and now is working properly.
public function download($id) {
$research= Research::where('id', $id)->firstOrFail();
$pathToFile = storage_path('fileName' . $research->file);
return response()->download($pathToFile);
}
My web doesn't seem to be directing to the correct page.
Here is my blade
<div class="container">
<div class="col-lg-12 d-flex justify-content-between align-items-center">
<h2>Informations</h2>
<a href="{{ route('add-new-information') }}" class="btn text-success">
<i class="fas fa-plus-circle fa-2x"></i>
</a>
</div>
<hr>
<div class="row d-flex justify-content-center align-items-center mt-5" style="max-height: 500px !important; overflow-y: scroll">
#foreach ($informations as $info)
<div class="card col-sm-11 p-0 mb-4 clickable-item" onclick='window.location = "{{ route('admin-informations', ['id' => $info->id]) }}"'>
...
</div>
#endforeach
</div>
</div>
Here is my routes/web
Auth::routes();
Route::group(['middleware' => ['auth'], 'prefix' => '/',], function () {
Route::get('/', function () {
return redirect('/home');
});
Route::group(['prefix' => 'admin'], function() {
Route::get('/informations', [App\Http\Controllers\InformationController::class, 'index'])->name('informations');
Route::get('/informations/{id}', [App\Http\Controllers\InformationController::class, 'indexAdminInfo'])->name('admin-informations');
Route::get('/informations/add-new-information', [App\Http\Controllers\InformationController::class, 'add'])->name('add-new-information');
});
});
and here is my controller
public function indexAdminInfo($id){
$information = Information::find($id);
// $comments = Comment::where('information_id', $id)->orderByDesc('created_at')->get();
$ack_count = Acknowledge::where('information_id', $id)->count();
$user_ack = Acknowledge::where([
['information_id', '=', $id],
['user_id', '=', Auth::user()->id],
])->first();
$ack = 'FALSE';
if($user_ack != null){
$ack = 'TRUE';
}
return view('adminviews/infoadmin', compact('information', 'ack_count', 'ack', 'user_ack'));
}
public function add(){
return view('adminviews/addinfo');
}
For some reason, when I click the a tag with the href {{ route('add-new-information') }} to go to the add page 'adminviews/addinfo',
instead the page will go to the 'adminviews/infoadmin' page, which will cause an error, because no parameters are being sent.
I tried checking the code, but it looks correct to me. Can anybody find an error on this?
the problem is with your routes:
these two routes are ambiguous:
Route::get('/informations/{id}');
Route::get('/informations/add-new-information');
just think of below scenario:
router wants to route, this url : /information/add-new-information
router will hit the first defined route, because it is compatible with the definition ('/informations/{id}')
Note :{id} is a variable and can be any string
so it will go with this.
Solution
write the more restricted route first,
and more general route later:
Route::get('/informations/add-new-information');
Route::get('/informations/{id}');
public function saveUserToGroup(Request $request, $username){
if (!$this->secure($username)) return redirect('/404');
$member = new UserHobby();
$person = $request->input('person');
$group = $this->group;
$member->user_id = $person->id;
$member->hobby_id = $group->id;
if ($member->save()) {
$request->session()->flash('alert-success', 'Your friend has been added to the group!');
}else{
$request->session()->flash('alert-danger', 'Something went wrong!');
}
return Redirect::back()->withErrors(['msg', 'Success']);
}
<form action="/social/{username}/save/group" method="POST">
#csrf
<table id="modal-table">
#foreach($user_list->get() as $f)
<tr>
<td>
<div class="image">
#if($f->follower->avatar_location)
<img src="{{asset('storage/'.$f->follower->avatar_location)}}" class="img-circle" style="max-height:50px;" />
#else
<img src="{{url('/')}}/assets/media/icons/socialbuttons/user.png" class="img-circle" style="max-height:50px;"/>
#endif
</div>
<div class="detail">
#if($f->follower->verified == 1)
{{ $f->follower->name }}<img id="verified_img_sm_mess_list" src="{{url('/')}}/assets/media/icons/socialbuttons/octagonal_star.png" alt="Recensioni">
#else
<h3>{{ $f->follower->name }}</h3>
#endif
<small id="mess_list_uname">{{ '#'.$f->follower->username }}</small>
</div>
<button type="submit" name="person" value="person" class="btn-link">Go</button>
</td>
</tr>
#endforeach
</table>
</form>
Route::post('/social/{username}/save/group', [GroupController::class, 'saveUserToGroup'])->name('socialprofile.save.user.group');
Hey guys, I'm new to all this, and not sure if I'm calling the route incorrectly or wrong application of my controller function. Obviously I'm trying to add a user from a list into a group. Please Help! I've been a little lost with this and looking for some help to understand where my errors are. Many thanks!
EDIT**
now log reading..
"'hobby_id' cannot be null"..
I have tried to change the variable to take the group id. and that reads error "trying to get id of non-object"
but am I not assigning hobby_id as the group_id?
The problem is that I want to add into 'hobby_id' the 'id' of the current group which this function is being called.
I have an HTML form defined as follows:
<form action="{{route('save.checkout')}}" method="POST">
{{csrf_field()}}
<input name="amount" type="hidden" value="{{session()->get('cart')->totalprice}}">
<div class="cart_navigation">
<a class="continue-btn" href="#">
<i class="fa fa-arrow-left"> </i> خرید را ادامه دهید
</a>
<a class="checkout-btn" href="{{route('save.checkout')}}">
<i class="fa fa-check"></i> ادامه به پرداخت
</a>
</div>
</form>
The following error is being thrown when submitting the form:
The GET method is not supported for this route. Supported methods: POST.
my route is:
route::post('/savecheckout','BasketController#checkout')->name('save.checkout');
and the checkout function:
public function checkout(Request $request){
$user = auth()->user()->id;
$order = new order();
$order->user_id = $user;
$order->amount = $request->input('amount');
$order->status = 0;
$order->save();
$order = order::where('status' ,0)->where('user_id', $user)->first();
return view('checkout.index', compact('order'));
}
i solved the problem . it was a silly mistake i changed my button type to submit
if you are beginning with Laravel so i would like to contribute something to make your programming better & safer for future projects.
always validate your input
use of try & catch blocks
show appropriate error message to your users so that you can also
debug it in future.
so the modified code will be look like:
public function checkout(Request $request){
// use Validator; (add this after namespace to import validator)
$validator = Validator::make($request->all(),[
'user_id' => 'required|integer|max:11',
'amount' => 'required|numeric',
'status' => 'sometimes|integer|max:1',
]);
if($validator->fails()) {
return back()->withErrors($validator);
}
try {
$user = auth()->user()->id;
$order = new order();
$order->user_id = $user;
$order->amount = $request->input('amount');
$order->status = 0;
$order->save();
$request->session()->flash('message', 'Order Successfully Created');
$order = order::where('status' ,0)->where('user_id', $user)->first();
return view('checkout.index', compact('order'));
} catch (\Exception $e){
dd($e->getMessage()); // it will show the error message with, you can replace this block with redirect code or anything else..
}
}
for showing error & success message in front-end use below code in your checkout > index.blade.php template (just a sample code, you can make it more better by using your own CSS & styles)
#if(session()->has('message'))
<div class="alert alert-success">
{{ session()->get('message') }}
</div>
#endif
#if(count($errors) > 0)
<div class="note note-error">
<h4>Error..!!</h4>
<p>
#foreach($errors->all() as $error)
<div class="alert alert-danger fade in m-b-15">
<i class="fa fa-chevron-right"></i>
{{ $error }}
<span class="close" data-dismiss="alert">×</span></div>
#endforeach
</p>
</div>
#endif
i have this code and when i try to access laravel.dev/cats/create a page appears:
Whoops, looks like something went wrong.
this is my route.php code(important parts):
Route::model('cat', 'Cat');
Route::get('cats/create', function() {
$cat = new Cat;
return View::make('cats.edit')
->with('cat', $cat)
->with('method', 'post');
});
Route::post('cats', function(){
$cat = Cat::create(Input::all());
return Redirect::to('cats/' . $cat->id)
->with('message', 'Successfully created page!');
});
Route::get('cats/{id}', function($id) {
$cat = Cat::find($id);
return View::make('cats.single')
->with('cat', $cat);
});
and this is my cats/edit.blade.php code:
#extends('master')
#section('header')
← Cancel
<h2>
#if($method == 'post')
Add a new cat
#elseif($method == 'delete')
Delete {{$cat->name}}?
#else
Edit {{$cat->name}}
#endif
</h2>
#stop
#section('content')
{{Form::model($cat, array('method' => $method, 'url'=>
'cats/'.$cat->id))}}
#unless($method == 'delete')
<div class="form-group">
{{Form::label('Name')}}
{{Form::text('name')}}
</div>
<div class="form-group">
{{Form::label('Date of birth')}}
{{Form::text('date_of_birth')}}
</div>
<div class="form-group">
{{Form::label('Breed')}}
{{Form::select('breed_id', $breed_options)}}
</div>
{{Form::submit("Save", array("class"=>"btn btn-default"))}}
#else
{{Form::submit("Delete", array("class"=>"btn btn-default"))}}
#endif
{{Form::close()}}
#stop
i dont now where the problem , i have the same code for edit and delete but those guys work correctly but this one no!
this is the error that debugger reports:
Trying to get property of non-object (View: D:\Xampp\htdocs\laravel\app\views\cats\single.blade.php)
<?php echo e($cat->name); ?>
error mention that line.
Thanks for Your helps:))))
Edit:
and this is single.blade.php:
#extends('master')
#section('header')
<?php// dd($cat); ?>
Back to overview
<h2>
{{{$cat->name}}}
</h2>
<a href="{{url('cats/'.$cat->id.'/edit')}}">
<span class="glyphicon glyphicon-edit"></span> Edit
</a>
<a href="{{url('cats/'.$cat->id.'/delete')}}">
<span class="glyphicon glyphicon-trash"></span> Delete
</a>
Last edited: {{$cat->updated_at}}
#stop
#section('content')
<p>Date of Birth: {{$cat->date_of_birth}} </p>
<p>
#if($cat->breed)
Breed:
{{link_to('cats/breeds/' . $cat->breed->name,
$cat->breed->name)}}
#endif
</p>
#stop
i don't know why when i was go to cats/create i passes to single.blade.php i think this is where i'm going wrong but no idea where in code i do that
The problem is in:
Route::get('cats/{id}', function($id) {
$cat = Cat::find($id);
return View::make('cats.single')
->with('cat', $cat);
});
It seems that there is no record found with $id, so $cat is null here and it won't work in Blade.
You should check what's the current url (what's the $id value) and make sure that there is a record with such $id in table).