"Trying to get property of non-object" from validate - php

for some reason that I do not know, when I try to pass a validation without request and try to use one if
public function save(Request $request){
$request = $request->validate([
'name' => ['string', 'max:255'],
'email' => ['string', 'email', 'max:255', 'unique:users'],
]);
if($request->name != null){
return $request;
}
return $request;
}


You are replacing the type of your $request with the result from validate()
The validation will handle the what you wish to, so no need to worry. If you say the variable name is required, it will enforce it to not be null or empty;
So, just replace the result to a specific variable instead of replacing $request by doing:
$validationResult = $request->validate([
'name' => ['string', 'required', 'max:255'],
'email' => ['string', 'required', 'email', 'max:255', 'unique:users'],
]);
Better option than this is to create a specific request type by running
php artisan make:request YourRequest`
Your new class will be ready at app/Http/Requests where you can specify not only your rules() as you have in your array, as the messages() you wish each to output.
Then all you need to do is to replace your save(Request $request)
for save(YourRequest $request) which will kick in the validation before it triggers the method, which means you are at ease within the controller method to do the logic instead of having to double check your variables
Examples for common rules() within your class, will be:
public function rules()
{
return [
'email' => 'required|email|unique:users|max:255',
'name' => 'required|min:2|max:200',
];
}
public function messages()
{
return [
'email.required' => 'The email field is required',
'email.email' => 'The email field needs to be an email type. Ex:. type#gmail.com',
....
];
}
Obviously adjust the rules and messages to your project and liking :)

Related

Method Illuminate\Http\Request::validated does not exist

i tried use validation system but give me error Method Illuminate\Http\Request::validated does not exist.
fileController.php
public function store(Request $request)
{
$this->validate($request, [
'titre' => ['bail','required_without:titre', 'string','min:3', 'max:255'],
'name' => ['bail','required_without:name', 'string','min:3', 'max:255'],
]);
$file= new File($request->validated());
$file->save();
return Redirect::to("/")
->withSuccess('Great! file has been successfully uploaded.');
}

There is no validated method on Illuminate\Http\Request. That method is only on FormRequests (because you are not the one who calls the validate method on the FormRequest, it is done for you, and there needs to be a way to get that data).
The validate method you are calling on your controller returns the validated data.
$validated = $this->validate(...):

This is another way from #lagbox's answer, in the Laravel's validation docs you will see this.
$validated = $request->validated();
$validated = $validator->validated();
You can try the approach below.
$validator = Validator::make($request->all(), [
'title' => 'required|unique:posts|max:255',
'body' => 'required',
]);
$validated = $validator->validated();

You can Validate $request params by this way:
$request->validate([
"param" => "required|string"
])

dont want to edit particular field which is used in store and update functions

ProductController
public function store()
{
$product = Product::create($this->validateRequest());
return redirect('/product');
}
public function update(Product $product)
{
$product->update($this->validateRequest());
return redirect('/product');
}
private function validateRequest()
{
return request()->validate([
'sub_category_id' => ['required'],
'name' => ['required', 'min:4'],
'code' => ['required', 'alpha_dash','unique:products'],
'description' => ['required', 'min:4'],
'color' => ['required', 'min:3'],
'price' => ['required', 'integer'],
]);
}
here code has unique value from table products. but whenever I edit the form it says code has already taken. so how to execute this without edit the 'code'(its unique).

You can ignore certain ids during the unique check:
use Illuminate\Validation\Rule;
public function store()
{
Product::create($this->validateRequest(new Product()));
return redirect('/product');
}
public function update(Product $product)
{
$product->update($this->validateRequest($product));
return redirect('/product');
}
private function validateRequest(Product $product)
{
return request()->validate([
'sub_category_id' => ['required'],
'name' => ['required', 'min:4'],
'code' => ['required', 'alpha_dash', Rule::unique('products')->ignore($product)],
'description' => ['required', 'min:4'],
'color' => ['required', 'min:3'],
'price' => ['required', 'integer'],
]);
}
Here you either pass the existing model when updating or a new model instance when storing, so the call to $product->id either returns null when storing a new product so no product in the database is ignored, or the id when updating and then only that product is ignored.
From the docs:
Forcing A Unique Rule To Ignore A Given ID:
Sometimes, you may wish to ignore a given ID during the unique check.
For example, consider an "update profile" screen that includes the
user's name, e-mail address, and location. You will probably want to
verify that the e-mail address is unique. However, if the user only
changes the name field and not the e-mail field, you do not want a
validation error to be thrown because the user is already the owner of
the e-mail address.
To instruct the validator to ignore the user's ID, we'll use the Rule
class to fluently define the rule. In this example, we'll also specify
the validation rules as an array instead of using the | character to
delimit the rules:
use Illuminate\Validation\Rule;
Validator::make($data, [
'email' => [
'required',
Rule::unique('users')->ignore($user->id),
],
]);
Be aware of the following though:
You should never pass any user controlled request input into the
ignore method. Instead, you should only pass a system generated unique
ID such as an auto-incrementing ID or UUID from an Eloquent model
instance. Otherwise, your application will be vulnerable to an SQL
injection attack.

So the problem here is you are using the same rule for creating the product and updating the product.
If you are using the latest Laravel, you may want to read the documentation about form request https://laravel.com/docs/7.x/validation#form-request-validation and create different form request for store and update.
If you still want to use your way, you can try as below
private function validateRequest()
{
$rules = [
'sub_category_id' => ['required'],
'name' => ['required', 'min:4'],
'description' => ['required', 'min:4'],
'color' => ['required', 'min:3'],
'price' => ['required', 'integer'],
];
if (request()->isMethod('store')) {
$rules['code'] = ['required', 'alpha_dash'];
}
return request()->validate($rules);
}
Please tell me whether it works!

Try this, proper and clean code
ProductController
use Illuminate\Validation\Rule; // add this
public function store()
{
$product = Product::create($this->validateRequest());
return redirect('/product'); //use route instead of URL
}
public function update(Product $product)
{
$product->update($this->validateRequest($product->id));
return redirect('/product'); //use route instead of URL
}
private function validateRequest($id = null)
{
return request()->validate([
'sub_category_id' => 'required',
'name' => 'required|min:4',
'code' => 'required|alpha_dash|' . Rule::unique('products')->ignore($id),
'description' => 'required|min:4',
'color' => 'required|min:3',
'price' => 'required|integer',
]);
}
Suggest to use Form request validation

How can I reject user registration with certain username in default laravel register form?

I'm trying to block users from using certain names like 'admin' or 'operator'.
I've tried fiddling with both Controllers/Auth/RegisterController and Controller/RegisterController but failed.
What I've tried was something like this:
in Controllers/Auth/RegisterController,
if ($data['name'] === 'admin' || $data['name'] === 'operator') {
return redirect()->back()->withErrors(['Invalid username']);
}
else {
session()->flash('message', 'Welcome!');
return User::create([
'name' => $data['name'],
'email' => $data['email'],
'password' => Hash::make($data['password']),
]);
}
The code above gave me this error:
Argument 1 passed to Illuminate\Auth\SessionGuard::login() must be an
instance of Illuminate\Contracts\Auth\Authenticatable, string given,
called in /var/www/vendor/laravel/ui/auth-backend/RegistersUsers.php
on line 36
I've also searched whether validators can block specific words but failed.
I know I can work this around by using JS, but I think Laravel would have some function like this.

Go to RegisterController.php.
There will be a validator(array $data) function that validates your registration input.
Add not_in validation check for the name field.
Something like this:
protected function validator(array $data)
{
return Validator::make($data, [
'name' => ['required', 'string', 'max:255', 'not_in:admin,operator'],
'pan' => ['required', 'string', 'min:10', 'max:10', 'unique:users,username'],
'password' => ['required', 'string', 'min:8', 'confirmed'],
]);
}
Hopefully, this helps.

You can try to validate if requested name is not in the list of predefined blocked names:
use Illuminate\Validation\Rule;
Validator::make($data, [
'toppings' => [
'required',
Rule::notIn(['admin', 'superuser']),//etc..
],
]);
Hope it helps.

Here's what I did in Laravel 9 with the Breeze scaffolding.
I created a separate "Services" trait with the reserved usernames, so that I can easily implement and extend it.
Create a Services folder at app/Services
Create a trait Reserved at app/Services/Reserved.php
Reserved.php
<?php
namespace App\Services;
trait Reserved
{
public static function usernames()
{
return ['admin', 'operator', 'someBadWord'];
}
}
Next open app/Http/Controllers/Auth/RegisteredUserController.php and import the trait, then add it.
Now just add it to your validation rules using the notIn rule.
Rule::notIn(Reserved::usernames())
RegisteredUserController.php
use Illuminate\Validation\Rule;
use App\Services\Reserved;
class RegisteredUserController extends Controller
{
use Reserved;
...
public function store(Request $request)
{
$request->validate([
'username' => ['required', 'string', 'max:16', 'unique:users', Rule::notIn(Reserved::usernames())],
'email' => ['required', 'string', 'email', 'max:255', 'unique:users'],
'password' => ['required', 'confirmed', Rules\Password::defaults()],
]);
...
}
}

Create RegisterControllerRequest using the following command:
php artisan make:request RegisterControllerRequest
find out your recent created file in app/Http/Requests, then update rules() to be:
public function rules()
{
return [
'name' => 'required|notIn:admin,operator',
];
}
Then update your controller to use the new validation:
After name space add:
use App\Http\Requests\RegisterControllerRequest;
And finally inject the validation as a parameter in your register method:
public function register (RegisterControllerRequest $request)
For more information check documentation: https://laravel.com/docs/7.x/validation#form-request-validation

Laravel - Validator::make fails my unique rule

I'm trying to use a validation on 'name' as unique, but to be ignored if the objected that has that same name is the same object being updated.
The Validation keeps failing, can you help me figuring out why?
Validator Function - I'm using same validator function to both create and update and only need to apply the rule on the update.
protected function validator(array $data, Wharehouse $wharehouse = null)
{
//different validations for create and edit
if($wharehouse != null){
return Validator::make($data, [
'name' => ['required', 'string', 'max:255', Rule::unique('wharehouses')->ignore($wharehouse)],
'espacoTotal' => ['required', 'numeric', 'max:60000']
]);
}else{
return Validator::make($data, [
'name' => ['required', 'string', 'max:255', Rule::unique('wharehouses')],
'espacoTotal' => ['required', 'numeric', 'max:60000']
]);
}
}
Validation Call
protected function editById(Request $request)
{
$wharehouse = Wharehouse::find($request->wharehouse_id);
$validation = $this->validator($request->all(),$wharehouse);
if ($validation->fails()) {
return Redirect::to('/wharehouses')->withInput()->withErrors($validation);
} else {
$wharehouse->name = $request->input('name');
$wharehouse->espacoTotal = $request->input('espaco');
$wharehouse->save();
return back()->with('create.success','Armazem actualizado com sucesso.');
}
}

Append the id of the instance currently being updated to the validator.
Pass the id of your instance to ignore the unique validator.
In the validator, use a parameter to detect if you are updating or
creating the resource.
If updating, force the unique rule to ignore a given id: unique:table,column,except,idColumn
//rules
'name' => ['required', 'string', 'max:255', 'unique:users,name,' . $userId],

Laravel: Validation unique on update

I know this question has been asked many times before but no one explains how to get the id when you're validating in the model.
'email' => 'unique:users,email_address,10'
My validation rule is in the model so how do I pass the ID of the record to the validation rule.
Here is my models/User
protected $rules_update = [
'email_address' => 'required|email|unique:users,email_address,'.$id,
'first_name' => "required",
'last_name' => "required",
'password' => "required|min:6|same:password_confirm",
'password_confirm' => "required:min:6|same:password",
'password_current' => "required:min:6"
];
models/BaseModel
protected $rules = array();
public $errors;
/*
* #data: array, Data to be validated
* #rules: string, rule name in model
*/
public function validate($data, $rules = "rules") {
$validation = Validator::make($data, $this->$rules);
if($validation->passes()) {
return true;
}
$this->errors = $validation->messages();
return false;
}

Just a side note, most answers to this question talk about email_address while in Laravel's inbuilt auth system, the email field name is just email. Here is an example how you can validate a unique field, i.e. an email on the update:
In a Form Request, you do like this:
public function rules()
{
return [
'email' => 'required|email|unique:users,email,'.$this->user->id,
];
}
Or if you are validating your data in a controller directly:
public function update(Request $request, User $user)
{
$request->validate([
'email' => 'required|email|unique:users,email,'.$user->id,
]);
}
Update:
If you are updating the signed in user and aren't injecting the User model into your route, you may encounter undefined property when accessing id on $this->user. In that case, use:
public function rules()
{
return [
'email' => 'required|email|unique:users,email,'.$this->user()->id,
];
}
A more elegant way since Laravel 5.7 is:
public function rules()
{
return [
'email' => ['required', 'email', \Illuminate\Validation\Rule::unique('users')->ignore($this->user()->id)]
];
}
P.S: I have added some other rules, i.e. required and email, in order to make this example clear for newbies.

One simple solution.
In your Model
protected $rules = [
'email_address' => 'sometimes|required|email|unique:users',
..
];
In your Controller, action:update
...
$rules = User::$rules;
$rules['email_address'] = $rules['email_address'] . ',id,' . $id;
$validationCertificate = Validator::make($input, $rules);

There is an elegant way to do this. If you are using Resource Controllers, your link to edit your record will look like this:
/users/{user}/edit OR /users/1/edit
And in your UserRequest, the rule should be like this :
public function rules()
{
return [
'name' => [
'required',
'unique:users,name,' . $this->user
],
];
}
Or if your link to edit your record look like this:
/users/edit/1
You can try this also:
public function rules()
{
return [
'name' => [
'required',
'unique:users,name,' . $this->id
],
];
}

From Laravel 5.7, this works great
use Illuminate\Validation\Rule;
Validator::make($data, [
'email' => [
'required',
Rule::unique('users')->ignore($user->id),
],
]);
Forcing A Unique Rule To Ignore A Given ID:

Test below code:
'email' => 'required|email|unique:users,email_address,'. $id .'ID'
Where ID is the primary id of the table

If i understand what you want:
'email' => 'required|email|unique:users,email_address,'. $id .''
In model update method, for exemple, should receive the $id with parameter.
Sorry my bad english.

Here is the solution:
For Update:
public function controllerName(Request $request, $id)
{
$this->validate($request, [
"form_field_name" => 'required|unique:db_table_name,db_table_column_name,'.$id
]);
// the rest code
}
That's it. Happy Coding :)

The Best Option is here try just once no need more code when unique validation on updating data
'email' => 'unique:users,email_address,' . $userId,
hereemailis field name and users is table name and email_address is table attribute name which you want unique and $userid is updating row id

public function rules()
{
switch($this->method())
{
case 'GET':
case 'DELETE':
{
return [];
}
case 'POST':
{
return [
'name' => 'required|unique:permissions|max:255',
'display_name' => 'required',
];
}
case 'PUT':
case 'PATCH':
{
return [
'name' => 'unique:permissions,name,'.$this->get('id').'|max:255',
'display_name' => 'required',
];
}
default:break;
}
}

an even simpler solution tested with version 5.2
in your model
// validator rules
public static $rules = array(
...
'email_address' => 'email|required|unique:users,id'
);

You can try this.
protected $rules_update = [
'email_address' => 'required|email|unique:users,email_address,'. $this->id,
'first_name' => "required",
'last_name' => "required",
'password' => "required|min:6|same:password_confirm",
'password_confirm' => "required:min:6|same:password",
'password_current' => "required:min:6"
];

In Laravel 8.x you can use Rule::unique method as well
Forcing A Unique Rule To Ignore A Given ID:
use Illuminate\Validation\Rule;
public function update(Request $request, Post $post)
{
$validatedData = $request->validate([
'name' => ['required', 'max:60', Rule::unique('posts')->ignore($post->id)],
]);
$post->update($validatedData);
return redirect(route('posts.index'))->with('status', 'post updated successfully');
}

Do One step in controller
Works Fine with Laravel 9
$request->validate([
'name'=>'required|unique:categories,name,'.$id,
]);

If you have a separate rules method. You can use easier the following syntax.
public function rules()
{
return [
'email' => "required|unique:users,email,{$this->id}"
];
}

$rules = [
"email" => "email|unique:users, email, '.$id.', user_id"
];
In Illuminate\Validation\Rules\Unique;
Unique validation will parse string validation to Rule object
Unique validation has pattern: unique:%s,%s,%s,%s,%s'
Corresponding with: table name, column, ignore, id column, format wheres
/**
* Convert the rule to a validation string.
*
* #return string
*/
public function __toString()
{
return rtrim(sprintf('unique:%s,%s,%s,%s,%s',
$this->table,
$this->column,
$this->ignore ?: 'NULL',
$this->idColumn,
$this->formatWheres()
), ',');
}

There is a simple and elegant way to do this. If you are passing the user_id in a body request or through a query parameter.
e.g
/update/profile?user_id=
Then in your request rules
public function rules(Request $request)
{
return [
'first_name' => 'required|string',
'last_name' => 'required|string',
'email' => ['required','email', 'string', Rule::unique('users')->ignore($request->user_id )],
'phone_number' => ['required', 'string', Rule::unique('users')->ignore($request->user_id )],
];
}
Better Still, you can pass in auth->id() in place of $request->user_id to get the login user id.

Found the easiest way, working fine while I am using Laravel 5.2
public function rules()
{
switch ($this->method()) {
case 'PUT':
$rules = [
'name' => 'required|min:3',
'gender' => 'required',
'email' => 'required|email|unique:users,id,:id',
'password' => 'required|min:5',
'password_confirmation' => 'required|min:5|same:password',
];
break;
default:
$rules = [
'name' => 'required|min:3',
'gender' => 'required',
'email' => 'required|email|unique:users',
'password' => 'required|min:5',
'password_confirmation' => 'required|min:5|same:password',
];
break;
}
return $rules;
}

i would solve that by doing something like this
public function rules()
{
return [
'name' =>
'required|min:2|max:255|unique:courses,name,'.\Request::get('id'),
];
}
Where you get the id from the request and pass it on the rule

You can also use model classpath, if you don't want to hard code the table name.
function rules(){
return [
'email' => ['required','string',
Rule::unique(User::class,'email')->ignore($this->id)]
];
}
Here $this->id is either 0 or the record Id to be updated.

Use for Laravel 6.0
use Illuminate\Validation\Rule;
public function update(Request $request, $id)
{
// Form validation
$request->validate([
'category_name' => [
'required',
'max:255',
Rule::unique('categories')->ignore($id),
]
]);
}

After researching a lot on this laravel validation topic including unique column, finally got the best approach. Please have a look
In your controller
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Validator;
class UserController extends Controller
{
public function saveUser(Request $request){
$validator = Validator::make($request->all(),User::rules($request->get('id')),User::$messages);
if($validator->fails()){
return redirect()->back()->withErrors($validator)->withInput();
}
}
}
saveUser method can be called for add/update user record.
In you model
class User extends Model
{
public static function rules($id = null)
{
return [
'email_address' => 'required|email|unique:users,email_address,'.$id,
'first_name' => "required",
'last_name' => "required",
'password' => "required|min:6|same:password_confirm",
'password_confirm' => "required:min:6|same:password",
'password_current' => "required:min:6"
];
}
public static $messages = [
'email_address.required' => 'Please enter email!',
'email_address.email' => 'Invalid email!',
'email_address.unique' => 'Email already exist!',
...
];
}

This is what I ended up doing. I'm sure there is a more efficient way of doing this but this is what i came up with.
Model/User.php
protected $rules = [
'email_address' => 'sometimes|required|email|unique:users,email_address, {{$id}}',
];
Model/BaseModel.php
public function validate($data, $id = null) {
$rules = $this->$rules_string;
//let's loop through and explode the validation rules
foreach($rules as $keys => $value) {
$validations = explode('|', $value);
foreach($validations as $key=>$value) {
// Seearch for {{$id}} and replace it with $id
$validations[$key] = str_replace('{{$id}}', $id, $value);
}
//Let's create the pipe seperator
$implode = implode("|", $validations);
$rules[$keys] = $implode;
}
....
}
I pass the $user_id to the validation in the controller
Controller/UserController.php
public function update($id) {
.....
$user = User::find($user_id);
if($user->validate($formRequest, $user_id)) {
//validation succcess
}
....
}

While updating any Existing Data Write validator as following:
'email' => ['required','email', Rule::unique('users')->ignore($user->id)]
This will skip/ignore existing user's id's unique value matching for the specific column.

Test below code:
$validator = Validator::make(
array(
'E-mail'=>$request['email'],
),
array(
'E-mail' => 'required|email|unique:users,email,'.$request['id'],
));

Since you will want to ignore the record you are updating when performing an update, you will want to use ignore as mentioned by some others. But I prefer to receive an instance of the User rather then just an ID. This method will also allow you to do the same for other models
Controller
public function update(UserRequest $request, User $user)
{
$user->update($request->all());
return back();
}
UserRequest
public function rules()
{
return [
'email' => [
'required',
\Illuminate\Validation\Rule::unique('users')->ignoreModel($this->route('user')),
],
];
}
update: use ignoreModel in stead of ignore

Very easy to do it ,
Write it at your controller
$this->validate($request,[
'email'=>['required',Rule::unique('yourTableName')->ignore($request->id)]
]);
Note : Rule::unique('yourTableName')->ignore($idParameter) , here $idParameter you can receive from get url also you can get it from hidden field.
Most important is don't forget to import Rule at the top.

If a login user want to update the email then auth() helper function will give us the login user id auth()->user()->id
Laravel helpers#method-auth
Validator::make($data, [
'email' => [
'required',
Rule::unique('users')->ignore(auth()->user()->id),
],
]);
if Admin want to change the specific user information from User list then validation will be like this :
Validator::make($data, [
'email' => [
'required',
Rule::unique('users')->ignore($request->user),
],
Laravel validation#rule-unique
$request object contain the current route related model objects. Which gives the model.
Try dd($request)

Most answers to this question refer to email_address, but in Laravel's inbuilt authentication system, the email field name is just email. Here is an example of validating a unique field, i.e. an email on the update:
Form Requests look like this:
public function rules()
{
return [
'email' => [ 'required','email', Rule::unique('users')->ignore($this->id ?? 0)]];
}
?? 0 If you use this then if hare id does not exist this request will not give you an error
Save
Whenever you access the id property of $this->user, you may encounter an undefined property if you haven't injected the User model into your route. If that is the case, use:
public function rules()
{
return [
'email' => 'required|email|unique:users,email,'.$this->user()->id ?? 0,
];
}
?? 0 If you use this then if hare id does not exist this request will not give you an error

My solution:
$rules = $user->isDirty('email') ? \User::$rules : array_except(\User::$rules, 'email');
Then in validation:
$validator = \Validator::make(\Input::all(), $rules, \User::$messages);
The logic is if the email address in the form is different, we need to validated it, if the email hasn't changed, we don't need to validate, so remove that rule from validation.

For unique rule in the controller - which obviously will be different for the store method and the update method, I usually make a function within the controller for rules which will return an array of rules.
protected function rules($request)
{
$commonRules = [
'first_name' => "required",
'last_name' => "required",
'password' => "required|min:6|same:password_confirm",
'password_confirm' => "required:min:6|same:password",
'password_current' => "required:min:6"
];
$uniqueRules = $request->id
//update
? ['email_address' => ['required', 'email', 'unique:users,email' . $request->get('id')]]
//store
: ['email_address' => ['required', 'email', 'unique:users,email']];
return array_merge($commonRules, $uinqueRules);
}
Then in the respective store and update methods
$validatedData = $request->validate($this->rules($request));
This saves from defining two different rule sets for store and update methods.
If you can afford to compromise a bit on readability, it can also be
protected function rules($request)
{
return [
'first_name' => "required",
'last_name' => "required",
'password' => "required|min:6|same:password_confirm",
'password_confirm' => "required:min:6|same:password",
'password_current' => "required:min:6",
'email_address' => ['required', 'email', 'unique:users,email' . $request->id ?: null]
];
}

Categories