How to add dropdown-list inside the PHP code? - php

I have attached the code below, from which i need to know how can i add drop-down in it.
<div class="form-group">
<label class="control-label">Student/Staff</label>
{!! Form::input('text', 'student_staff', null, array('id' => 'student_staff', 'class' => 'input-lg form-control TabOnEnter', 'placeholder' => 'student_staff', 'tabindex' => 20)) !!}
</div>


{!! Form::select('student_staff', ['student' => 'Student','staff' => 'Staff'], null, array('id' => 'student_staff', 'class' => 'input-lg form-control TabOnEnter', 'placeholder' => 'student_staff', 'tabindex' => 20)) !!}
This works for me..

Related

Laravel validation doesn't validate html entities

I'm working with Laravel 5.5 and I'm trying to make validation of a form which shouldn't pass if user write html entities, for example: <h1>Hola</h1>, <script>alert(1)</script>.
But it insert all field in DB.
My controller:
protected function storeForm(CaseRequest $request){
try {
$supportCase = new SupportCase;
$supportCase->type = $request->input('type');
// all fields of table[...]
$supportCase->save();
return view('steps/finish/success')->with(['message' => 'Form success']);
} catch (Exception $e) {
echo $e->getMessage();
return view('steps/finish/error')->withErrors(['message' => 'Form error']);
}
}
My CaseRequest is this:
/**
* Determine if the user is authorized to make this request.
*
* #return bool
*/
public function authorize()
{
return true;
}
/**
* Get the validation rules that apply to the request.
*
* #return array
*/
public function rules()
{
return [
'type' => 'required|min:3|max:3|string',
'brand' => 'required|string',
'product' => 'required|string',
'order' => 'required|string',
'description' => 'required|min:10|string',
'sn' => 'nullable',
'name' => 'required|min:2|string',
'nin' => 'required|min:9|max:11|alpha_dash',
'email' => 'required|email',
'phone' => 'required|digits_between:7,12',
'address' => 'required|min:5|string',
'city' => 'required|min:2|string',
'zip' => 'required|min:2|numeric',
'state' => 'required|min:2|string',
'country' => 'required|min:2|string',
];
}
I have read the documentation and the Request is the first to be called, before than controller, and if this has any error it throw a error message. Doesn't it?.
I'm using parsley and select2, at first it has a validation in frontend with parley, and it's working well, but if I remove parsley validation now Laravel should validate it, right? but in my DB it is saving all fields (included<script>alert(1)</script>).
<div class="form" id="main-form" data-parsley-validate="data-parsley-validate">
{!! Form::open(['id' => 'main-form', 'data-parsley-validate' => 'data-parsley-validate']) !!}
<div class="col-md-7 light-form">
<fieldset>
{!! Form::label('contact', trans('frontend/steps.form.contact'), ['class' => 'upper']) !!}
{!! Form::label('name', trans('frontend/steps.form.name')) !!}
{!! Form::text('name', old('name'), [
'data-parsley-pattern' => '[ÁÉÍÓÚáéíóúa-zA-Z ]+$',
'data-parsley-required' => 'true',
'data-parsley-minlength'=>'2',
'data-parsley-required-message' => trans('frontend/steps.form-errors.name'),
'data-parsley-minlength-message' => trans('frontend/steps.form-errors.name'),
'data-parsley-pattern-message' => trans('frontend/steps.form-errors.name'),
]) !!}
</fieldset>
<fieldset>
{!! Form::label('nin', trans('frontend/steps.form.in')) !!}
{!! Form::text('nin', old('nin'), [
'data-parsley-type'=>'alphanum',
'data-parsley-required' => 'true',
'data-parsley-minlength'=>'9',
'data-parsley-maxlength'=>'11',
'data-parsley-required-message' => trans('frontend/steps.form-errors.in'),
'data-parsley-minlength-message' => trans('frontend/steps.form-errors.in'),
'data-parsley-maxlength-message' => trans('frontend/steps.form-errors.in')
]) !!}
</fieldset>
<fieldset>
{!! Form::label('phone', trans('frontend/steps.form.telf')) !!}
{!! Form::text('phone', old('phone'), [
'data-parsley-pattern' => '\d+$',
'data-parsley-required' => 'true',
'data-parsley-minlength'=>'7',
'data-parsley-maxlength'=>'12',
'data-parsley-required-message' => trans('frontend/steps.form-errors.telf'),
'data-parsley-minlength-message' => trans('frontend/steps.form-errors.telf'),
'data-parsley-maxlength-message' => trans('frontend/steps.form-errors.telf'),
'data-parsley-pattern-message' => trans('frontend/steps.form-errors.telf')
]) !!}
</fieldset>
<fieldset>
{!! Form::label('address', trans('frontend/steps.form.address')) !!}
{!! Form::text('address', old('address'), [
'data-parsley-pattern' => '^[ÁÉÍÓÚáéíóúa-zA-Z0-9-_ ]+$',
'data-parsley-required' => 'true',
'data-parsley-minlength'=>'5',
'data-parsley-pattern-message' => trans('frontend/steps.form-errors.address'),
'data-parsley-minlength-message' => trans('frontend/steps.form-errors.address'),
'data-parsley-required-message' => trans('frontend/steps.form-errors.address'),
]) !!}
</fieldset>
<div class="col-md-12 no-padding">
<div class="col-md-6 location-form">
<fieldset>
{!! Form::label('address', trans('frontend/steps.form.city')) !!}
{!! Form::text('city', old('city'), [
'data-parsley-required' => 'true',
'data-parsley-minlength'=>'2',
'data-parsley-pattern' => '[ÁÉÍÓÚáéíóúa-zA-Z ]+$',
'data-parsley-minlength-message' => trans('frontend/steps.form-errors.city'),
'data-parsley-required-message' => trans('frontend/steps.form-errors.city'),
'data-parsley-pattern-message' => trans('frontend/steps.form-errors.city'),
]) !!}
</fieldset>
<fieldset>
{!! Form::label('zip', trans('frontend/steps.form.zip')) !!}
{!! Form::text('zip', old('zip'), [
'data-parsley-required' => 'true',
'data-parsley-minlength'=>'2',
'data-parsley-minlength-message' => trans('frontend/steps.form-errors.zip'),
'data-parsley-required-message' => trans('frontend/steps.form-errors.zip')
]) !!}
</fieldset>
</div>
<div class="col-md-6 no-padding">
<fieldset>
{!! Form::label('state', trans('frontend/steps.form.state')) !!}
{!! Form::text('state', old('state'), [
'data-parsley-pattern' => '[ÁÉÍÓÚáéíóúa-zA-Z ]+$',
'data-parsley-required' => 'true',
'data-parsley-minlength'=>'2',
'data-parsley-required-message' => trans('frontend/steps.form-errors.state'),
'data-parsley-minlength-message' => trans('frontend/steps.form-errors.state'),
'data-parsley-pattern-message' => trans('frontend/steps.form-errors.state'),
]) !!}
</fieldset>
<fieldset>
{!! Form::label('country', trans('frontend/steps.form.country')) !!}
{!! Form::text('country', old('country'), [
'data-parsley-required' => 'true',
'data-parsley-pattern' => '[ÁÉÍÓÚáéíóúa-zA-Z ]+$',
'data-parsley-minlength'=>'2',
'data-parsley-required-message' => trans('frontend/steps.form-errors.country'),
'data-parsley-minlength-message' => trans('frontend/steps.form-errors.country'),
'data-parsley-pattern-message' => trans('frontend/steps.form-errors.country'),
]) !!}
</fieldset>
</div>
</div>
</div>
<div class="col-md-5 dark-form">
<fieldset>
{!! Form::label('order', trans('frontend/steps.form.order'), ['class' => 'upper']) !!}
{!! Form::text('order', old('order'), [
'placeholder' => '123567',
'data-parsley-type' => 'digits',
'data-parsley-type-message' => trans('frontend/steps.form-errors.order_format'),
'data-parsley-required' => 'true',
'data-parsley-required-message' => trans('frontend/steps.form-errors.order')
]) !!}
<span class="loading style-2"></span>
</fieldset>
<fieldset id="brand-wrap">
<label class="upper" for="brand">
{!! trans('frontend/steps.form.brand') !!}
<img class="tip" title="{!! trans('frontend/steps.form.brand_tooltip') !!}"
src="{!! asset('assets/img/frontend/icons/info.png') !!}"/>
</label>
{!! Form::select('brand', $layout->brands->pluck('name', 'id'), old('brand'), [
'id'=> 'brand',
'class' => 'select2',
'data-parsley-required' => 'true',
'data-parsley-required-message' => trans('frontend/steps.form-errors.brand')
])
!!}
<span class="loading style-2"></span>
</fieldset>
<fieldset id="product-wrap">
{!! Form::label('product', trans('frontend/steps.form.product'), ['class' => 'upper']) !!}
{!! Form::select('product', ['null' => 'null'], old('product'), [
'id'=> 'product_select',
'class' => 'select2',
'data-parsley-required' => 'true',
'data-parsley-required-message' => trans('frontend/steps.form-errors.product')
])
!!}
</fieldset>
<fieldset>
{!! Form::label('description', trans('frontend/steps.form.problem'), ['class' => 'upper']) !!}
{!! Form::textarea('description', old('description'), [
'data-parsley-pattern' => '[áéíóúÁÉÍÓÚäëïöüÄËÏÖÜa-zA-Z0-9-_ ]+$',
'data-parsley-minlength'=>'10',
'data-parsley-required' => 'true',
'data-parsley-type-message' => trans('frontend/steps.form-errors.problem'),
'data-parsley-required-message' => trans('frontend/steps.form-errors.problem'),
'data-parsley-minlength-message' => trans('frontend/steps.form-errors.problem'),
'data-parsley-pattern-message' => trans('frontend/steps.form-errors.problem')
]) !!}
</fieldset>
<fieldset id="serial-wrap">
{!! Form::label('sn', trans('frontend/steps.form.serial')) !!}
{!! Form::text('sn', old('sn'), [
'id' => 'sn',
'data-parsley-required' => 'false',
'data-parsley-required-message' => trans('frontend/steps.form-errors.imei'),
'data-parsley-lunhvalidator' => '15',
'data-parsley-lunhvalidator-message' => trans('frontend/steps.form-errors.invalid-imei')
])
!!}
</fieldset>
<fieldset>
{!! Form::label('email', trans('frontend/steps.form.email')) !!}
{!! Form::email('email', old('email'), [
'data-parsley-type'=> 'email',
'data-parsley-required' => 'true',
'data-parsley-type-message' => trans('frontend/steps.form-errors.email'),
'data-parsley-required-message' => trans('frontend/steps.form-errors.email')
]) !!}
</fieldset>
#if($case == "INC")
<button class="upper" type="button" onclick="nextStep(this)" data-type="FORM" data-field="transaction"
data-next="eleventh" data-case="{!! $case !!}"
data-value="">{!! trans('frontend/steps.form.continue') !!}</button>
#else
<button class="upper" type="button" onclick="nextStep(this)" data-type="FORM" data-field="transaction"
data-next="fifth" data-case="{!! $case !!}"
data-value="">{!! trans('frontend/steps.form.continue') !!}</button>
#endif
</div>
{!! Form::close() !!}
</div>

Validation doesn't change input data. It just ensures the input matches your defined rules.
Technically there is no need to remove HTML tags. They won't do any harm in the database and can be escaped when outputting with {{ $content }}.
If you don't want to save HTML in your database use strip_tags() on the relevant fields.
But don't rely on it to prevent XSS, escaping output is still necessary

Two forms same page - one returns null the other works

When I run $value = $request->session()->all(); Controller one gives the value 'product' as null. The second gives the right product id. They are on the same page. Both are forms within bootstrap modals. Why are they giving different session data? Stumped.
the form is submitted from a product page -> the id i want isnt submitted from the form -> the id is from the product page
Controller One
{!! Form::open(['action' => 'ControllerOne#store', 'method' => 'POST', 'enctype' => 'multipart/form-data']) !!}
{{Form::label('time', 'Select a Time')}}
{{Form::time('time', '', ['class' => 'form-control', 'placeholder' => 'Time'])}}
{{Form::label('date', 'Select a Date')}}
{{Form::text('date', '', ['class' => 'form-control', 'placeholder' => 'Date'])}}
<div class="modal-footer">
{{Form::submit('Add', ['class'=>'btn btn-primary'])}}
{!! Form::close() !!}
Controller Two
{!! Form::open(['action' => 'ControllerTwo#store', 'method' => 'POST', 'enctype' => 'multipart/form-data']) !!}
{{Form::label('listing', 'Price (NZD)')}}
{{Form::text('price', '', ['class' => 'form-control', 'placeholder' => 'Price'])}}
{{Form::label('listing', 'Name')}}
{{Form::text('name', '', ['class' => 'form-control', 'placeholder' => 'Name'])}}
{{Form::label('listing', 'Phone Number')}}
{{Form::number('phone_number', '', ['class' => 'form-control', 'placeholder' => 'Phone Number'])}}
{{Form::label('listing', 'Comments/Conditions')}}
{{Form::textarea('conditions', '', ['class' => 'form-control', 'placeholder' => 'Comments/Conditions'])}}
{{Form::submit('Submit', ['class'=>'btn btn-success'])}}
{!! Form::close() !!}

Multi option filter from selection in laravel

I have a search form to filter out accounts to show their transactions using relations. I have it working to filter a single account. I need to create the filter multiple accounts together. Here is my code for filtering a single selection since I am ne to Laravel< I am getting stuck. Thanks in advance.
public $relations = [];
public function account($account)
{
return $this->where('account_id', $account);
} }
This is my form:-
{!! Form::open(['url' => 'incomes/revenues', 'role' => 'form', 'method' => 'GET']) !!}
<div class="pull-left">
<span class="title-filter hidden-xs">{{ trans('general.search') }}:</span>
<!--{!! Form::text('search', request('search'), ['class' => 'form-control input-filter input-sm', 'placeholder' => trans('general.search_placeholder')]) !!}-->
{!! Form::text('start', request('start'), ['class' => 'form-control input-filter input-sm', 'placeholder' => trans('general.date_placeholder')]) !!}
{!! Form::text('end', request('end'), ['class' => 'form-control input-filter input-sm', 'placeholder' => trans('general.date_placeholder')]) !!}
{!! Form::select('customer', $customers, request('customer'), ['class' => 'form-control input-filter input-sm']) !!}
{!! Form::select('category', $categories, request('category'), ['class' => 'form-control input-filter input-sm']) !!}
{!! Form::select('account', $accounts, request('account'), ['multiple' => 'true','class' => 'form-control input-filter input-sm']) !!}
{!! Form::button('<span class="fa fa-filter"></span> ' . trans('general.filter'), ['type' => 'submit', 'class' => 'btn btn-sm btn-default btn-filter']) !!}
controller
public function index()
{
$revenues = Revenue::with(['account', 'category', 'customer'])->isNotTransfer()->collect(['paid_at'=> 'desc']);
$customers = collect(Customer::enabled()->pluck('name', 'id'))
->prepend(trans('general.all_type', ['type' => trans_choice('general.customers', 2)]), '');
$categories = collect(Category::enabled()->type('income')->pluck('name', 'id'))
->prepend(trans('general.all_type', ['type' => trans_choice('general.categories', 2)]), '');
$accounts = collect(Account::enabled()->pluck('name', 'id'))
->prepend(trans('general.all_type', ['type' => trans_choice('general.accounts', 2)]), '');
$transfer_cat_id = Category::transfer();
return view('incomes.revenues.index', compact('revenues', 'customers', 'categories', 'accounts', 'transfer_cat_id'));
}

Laravel Collective HTML5 attributes

How do I pass in an HTML5 attributes like: required, auto focus...?
I can enter other attributes which have name="value", but not an attribute that consist of only one word.

Pass the array with values as third (for select as fourth) parameter:
{!! Form:: text('name', null, ['required' => true, 'some-param' => 'itsValue', 'class' => 'some-class' ]) !!}

Here are some examples:
{!! Form::label('title', 'Title') !!}
{!! Form::text('title', null, ['class' => 'form-control', 'placeholder' => 'Interview']) !!}
{!! Form::textarea('description', null, [ 'size' => '1x3', 'class' => 'form-control', 'placeholder' => 'Something']) !!}
{!! Form::select('timeOption', [null => 'Please Select', '1' => 'N/A', '2' => 'Instructor', '3' => 'Student'], null, ['required' => true]) !!}
{!! Form::date('task_date', Carbon\Carbon::now(), ['class' => 'form-control']) !!}
{!! Form::time('task_time', Carbon\Carbon::now()->format('H:i'), ['class' => 'form-control']) !!}
{!! Form::number('lat', null, ['class' => 'form-control', 'step' => 'any', 'placeholder' => '41.3770401']) !!}
{!! Form::submit('Add', ['class' => 'btn btn-success']) !!}

Laravel Vue.js Conditional Rendering

I am new to Vue.js and I want to render a form element only if another form select field is selected. I hope you understand what I mean.
Here st my Laravel Form:
<div class="form-group">
{!! Form::label('mailarchive', 'Mailarchive: ', ['class' => 'col-sm-3 control-label']) !!}
<div class="col-sm-6">
{!! Form::select('mailarchive', ['-' => 'No', 'Gold' => 'Gold', 'Silver' => 'Silver', 'Bronze' => 'Bronze'], null, ['class' => 'form-control']) !!}
</div>
</div>
<div class="form-group">
{!! Form::label('instance', 'Instance: ', ['class' => 'col-sm-3 control-label']) !!}
<div class="col-sm-6">
{!! Form::select('mailarchive', ['Select' => 'Select', '1' => 'SV01', '2' => 'SV02'], null, ['class' => 'form-control']) !!}
</div>
</div>
The second form-group (label: instance) should only be visible when 'Gold', 'Silver' or 'Bronze' in the first select field is selected, but not visible if 'No' is selected.
Thanks for your help!
Wipsly
// Update
I edited my code to this
<div class="form-group">
{!! Form::label('mailarchive', 'Mailarchive: ', ['class' => 'col-sm-3 control-label']) !!}
<div class="col-sm-6">
{!! Form::select('mailarchive', ['-' => 'No', 'Gold' => 'Gold', 'Silver' => 'Silver', 'Bronze' => 'Bronze'], null, ['class' => 'form-control v-model="mailarchive"']) !!}
</div>
</div>
<div class="form-group v-show="mailarchive !='-'"">
{!! Form::label('instance', 'Instance: ', ['class' => 'col-sm-3 control-label']) !!}
<div class="col-sm-6">
{!! Form::select('mailarchive', ['Select' => 'Select', '1' => 'SV01', '2' => 'SV02'], null, ['class' => 'form-control']) !!}
</div>
</div>
And here is my javascript
<script type="text/javascript">
new Vue({
el: '#mailarchive'
})
</script>
But nothing happens. What do I wrong?

A lot to tackle here. First, you should set a "parent" Vue instance rather than creating a new Vue instance for individual input fields. For example, lets say you want to make the entire form a Vue instance, then when you open your form, set an id like this:
{!! Form::open(['id' => 'example']) !!}
Then, when you create your Vue instance, reference that id:
<script type="text/javascript">
new Vue({
el: '#example'
})
</script>
Next, this code you have is incorrect:
{!! Form::select('mailarchive', ['-' => 'No', 'Gold' => 'Gold', 'Silver' => 'Silver', 'Bronze' => 'Bronze'], null, ['class' => 'form-control v-model="mailarchive"']) !!}
Specifically, pay attention to this part: ['class' => 'form-control v-model="mailarchive"']
What you are doing here is creating some weird class. When you specify extra HTML attributes, you need to pass an array of those attributes like this:
{!! Form::select('mailarchive', ['-' => 'No', 'Gold' => 'Gold', 'Silver' => 'Silver', 'Bronze' => 'Bronze'], null, ['class' => 'form-control', 'v-model' => 'mailarchive']) !!}
From there, another problem is how you are using v-show.
This is what you have: <div class="form-group v-show="mailarchive !='-'"">
Once again, for some reason, you are putting v-directives inside your class. Instead, use it as its own HTML attribute like this:
<div class="form-group" v-show="mailarchive !== '-'">
All that together, you should see something like this:
{!! Form::open(['id' => 'example']) !!}
<div class="form-group">
{!! Form::label('mailarchive', 'Mailarchive: ', ['class' => 'col-sm-3 control-label']) !!}
<div class="col-sm-6">
{!! Form::select('mailarchive', ['-' => 'No', 'Gold' => 'Gold', 'Silver' => 'Silver', 'Bronze' => 'Bronze'], null, ['class' => 'form-control', 'v-model' => 'mailarchive']) !!}
</div>
</div>
<div class="form-group" v-show="mailarchive !== '-'">
{!! Form::label('instance', 'Instance: ', ['class' => 'col-sm-3 control-label']) !!}
<div class="col-sm-6">
{!! Form::select('mailarchive', ['Select' => 'Select', '1' => 'SV01', '2' => 'SV02'], null, ['class' => 'form-control']) !!}
</div>
</div>
{!! Form::submit() !!}
{!! Form::close() !!}
</div>
<script>
new Vue({
el: '#example'
});
</script>
Here is a working example on jsfiddle: http://jsfiddle.net/zj8hwjc9/1/

You will need to bind the first field to a var with v-model="mailArchive" then on the second form group use v-show="mailArchive !='-'"

Categories