How do I pass in an HTML5 attributes like: required, auto focus...?
I can enter other attributes which have name="value", but not an attribute that consist of only one word.
Pass the array with values as third (for select as fourth) parameter:
{!! Form:: text('name', null, ['required' => true, 'some-param' => 'itsValue', 'class' => 'some-class' ]) !!}
Here are some examples:
{!! Form::label('title', 'Title') !!}
{!! Form::text('title', null, ['class' => 'form-control', 'placeholder' => 'Interview']) !!}
{!! Form::textarea('description', null, [ 'size' => '1x3', 'class' => 'form-control', 'placeholder' => 'Something']) !!}
{!! Form::select('timeOption', [null => 'Please Select', '1' => 'N/A', '2' => 'Instructor', '3' => 'Student'], null, ['required' => true]) !!}
{!! Form::date('task_date', Carbon\Carbon::now(), ['class' => 'form-control']) !!}
{!! Form::time('task_time', Carbon\Carbon::now()->format('H:i'), ['class' => 'form-control']) !!}
{!! Form::number('lat', null, ['class' => 'form-control', 'step' => 'any', 'placeholder' => '41.3770401']) !!}
{!! Form::submit('Add', ['class' => 'btn btn-success']) !!}
Related
I'm working with Laravel 5.5 and I'm trying to make validation of a form which shouldn't pass if user write html entities, for example: <h1>Hola</h1>, <script>alert(1)</script>.
But it insert all field in DB.
My controller:
protected function storeForm(CaseRequest $request){
try {
$supportCase = new SupportCase;
$supportCase->type = $request->input('type');
// all fields of table[...]
$supportCase->save();
return view('steps/finish/success')->with(['message' => 'Form success']);
} catch (Exception $e) {
echo $e->getMessage();
return view('steps/finish/error')->withErrors(['message' => 'Form error']);
}
}
My CaseRequest is this:
/**
* Determine if the user is authorized to make this request.
*
* #return bool
*/
public function authorize()
{
return true;
}
/**
* Get the validation rules that apply to the request.
*
* #return array
*/
public function rules()
{
return [
'type' => 'required|min:3|max:3|string',
'brand' => 'required|string',
'product' => 'required|string',
'order' => 'required|string',
'description' => 'required|min:10|string',
'sn' => 'nullable',
'name' => 'required|min:2|string',
'nin' => 'required|min:9|max:11|alpha_dash',
'email' => 'required|email',
'phone' => 'required|digits_between:7,12',
'address' => 'required|min:5|string',
'city' => 'required|min:2|string',
'zip' => 'required|min:2|numeric',
'state' => 'required|min:2|string',
'country' => 'required|min:2|string',
];
}
I have read the documentation and the Request is the first to be called, before than controller, and if this has any error it throw a error message. Doesn't it?.
I'm using parsley and select2, at first it has a validation in frontend with parley, and it's working well, but if I remove parsley validation now Laravel should validate it, right? but in my DB it is saving all fields (included<script>alert(1)</script>).
<div class="form" id="main-form" data-parsley-validate="data-parsley-validate">
{!! Form::open(['id' => 'main-form', 'data-parsley-validate' => 'data-parsley-validate']) !!}
<div class="col-md-7 light-form">
<fieldset>
{!! Form::label('contact', trans('frontend/steps.form.contact'), ['class' => 'upper']) !!}
{!! Form::label('name', trans('frontend/steps.form.name')) !!}
{!! Form::text('name', old('name'), [
'data-parsley-pattern' => '[ÁÉÍÓÚáéíóúa-zA-Z ]+$',
'data-parsley-required' => 'true',
'data-parsley-minlength'=>'2',
'data-parsley-required-message' => trans('frontend/steps.form-errors.name'),
'data-parsley-minlength-message' => trans('frontend/steps.form-errors.name'),
'data-parsley-pattern-message' => trans('frontend/steps.form-errors.name'),
]) !!}
</fieldset>
<fieldset>
{!! Form::label('nin', trans('frontend/steps.form.in')) !!}
{!! Form::text('nin', old('nin'), [
'data-parsley-type'=>'alphanum',
'data-parsley-required' => 'true',
'data-parsley-minlength'=>'9',
'data-parsley-maxlength'=>'11',
'data-parsley-required-message' => trans('frontend/steps.form-errors.in'),
'data-parsley-minlength-message' => trans('frontend/steps.form-errors.in'),
'data-parsley-maxlength-message' => trans('frontend/steps.form-errors.in')
]) !!}
</fieldset>
<fieldset>
{!! Form::label('phone', trans('frontend/steps.form.telf')) !!}
{!! Form::text('phone', old('phone'), [
'data-parsley-pattern' => '\d+$',
'data-parsley-required' => 'true',
'data-parsley-minlength'=>'7',
'data-parsley-maxlength'=>'12',
'data-parsley-required-message' => trans('frontend/steps.form-errors.telf'),
'data-parsley-minlength-message' => trans('frontend/steps.form-errors.telf'),
'data-parsley-maxlength-message' => trans('frontend/steps.form-errors.telf'),
'data-parsley-pattern-message' => trans('frontend/steps.form-errors.telf')
]) !!}
</fieldset>
<fieldset>
{!! Form::label('address', trans('frontend/steps.form.address')) !!}
{!! Form::text('address', old('address'), [
'data-parsley-pattern' => '^[ÁÉÍÓÚáéíóúa-zA-Z0-9-_ ]+$',
'data-parsley-required' => 'true',
'data-parsley-minlength'=>'5',
'data-parsley-pattern-message' => trans('frontend/steps.form-errors.address'),
'data-parsley-minlength-message' => trans('frontend/steps.form-errors.address'),
'data-parsley-required-message' => trans('frontend/steps.form-errors.address'),
]) !!}
</fieldset>
<div class="col-md-12 no-padding">
<div class="col-md-6 location-form">
<fieldset>
{!! Form::label('address', trans('frontend/steps.form.city')) !!}
{!! Form::text('city', old('city'), [
'data-parsley-required' => 'true',
'data-parsley-minlength'=>'2',
'data-parsley-pattern' => '[ÁÉÍÓÚáéíóúa-zA-Z ]+$',
'data-parsley-minlength-message' => trans('frontend/steps.form-errors.city'),
'data-parsley-required-message' => trans('frontend/steps.form-errors.city'),
'data-parsley-pattern-message' => trans('frontend/steps.form-errors.city'),
]) !!}
</fieldset>
<fieldset>
{!! Form::label('zip', trans('frontend/steps.form.zip')) !!}
{!! Form::text('zip', old('zip'), [
'data-parsley-required' => 'true',
'data-parsley-minlength'=>'2',
'data-parsley-minlength-message' => trans('frontend/steps.form-errors.zip'),
'data-parsley-required-message' => trans('frontend/steps.form-errors.zip')
]) !!}
</fieldset>
</div>
<div class="col-md-6 no-padding">
<fieldset>
{!! Form::label('state', trans('frontend/steps.form.state')) !!}
{!! Form::text('state', old('state'), [
'data-parsley-pattern' => '[ÁÉÍÓÚáéíóúa-zA-Z ]+$',
'data-parsley-required' => 'true',
'data-parsley-minlength'=>'2',
'data-parsley-required-message' => trans('frontend/steps.form-errors.state'),
'data-parsley-minlength-message' => trans('frontend/steps.form-errors.state'),
'data-parsley-pattern-message' => trans('frontend/steps.form-errors.state'),
]) !!}
</fieldset>
<fieldset>
{!! Form::label('country', trans('frontend/steps.form.country')) !!}
{!! Form::text('country', old('country'), [
'data-parsley-required' => 'true',
'data-parsley-pattern' => '[ÁÉÍÓÚáéíóúa-zA-Z ]+$',
'data-parsley-minlength'=>'2',
'data-parsley-required-message' => trans('frontend/steps.form-errors.country'),
'data-parsley-minlength-message' => trans('frontend/steps.form-errors.country'),
'data-parsley-pattern-message' => trans('frontend/steps.form-errors.country'),
]) !!}
</fieldset>
</div>
</div>
</div>
<div class="col-md-5 dark-form">
<fieldset>
{!! Form::label('order', trans('frontend/steps.form.order'), ['class' => 'upper']) !!}
{!! Form::text('order', old('order'), [
'placeholder' => '123567',
'data-parsley-type' => 'digits',
'data-parsley-type-message' => trans('frontend/steps.form-errors.order_format'),
'data-parsley-required' => 'true',
'data-parsley-required-message' => trans('frontend/steps.form-errors.order')
]) !!}
<span class="loading style-2"></span>
</fieldset>
<fieldset id="brand-wrap">
<label class="upper" for="brand">
{!! trans('frontend/steps.form.brand') !!}
<img class="tip" title="{!! trans('frontend/steps.form.brand_tooltip') !!}"
src="{!! asset('assets/img/frontend/icons/info.png') !!}"/>
</label>
{!! Form::select('brand', $layout->brands->pluck('name', 'id'), old('brand'), [
'id'=> 'brand',
'class' => 'select2',
'data-parsley-required' => 'true',
'data-parsley-required-message' => trans('frontend/steps.form-errors.brand')
])
!!}
<span class="loading style-2"></span>
</fieldset>
<fieldset id="product-wrap">
{!! Form::label('product', trans('frontend/steps.form.product'), ['class' => 'upper']) !!}
{!! Form::select('product', ['null' => 'null'], old('product'), [
'id'=> 'product_select',
'class' => 'select2',
'data-parsley-required' => 'true',
'data-parsley-required-message' => trans('frontend/steps.form-errors.product')
])
!!}
</fieldset>
<fieldset>
{!! Form::label('description', trans('frontend/steps.form.problem'), ['class' => 'upper']) !!}
{!! Form::textarea('description', old('description'), [
'data-parsley-pattern' => '[áéíóúÁÉÍÓÚäëïöüÄËÏÖÜa-zA-Z0-9-_ ]+$',
'data-parsley-minlength'=>'10',
'data-parsley-required' => 'true',
'data-parsley-type-message' => trans('frontend/steps.form-errors.problem'),
'data-parsley-required-message' => trans('frontend/steps.form-errors.problem'),
'data-parsley-minlength-message' => trans('frontend/steps.form-errors.problem'),
'data-parsley-pattern-message' => trans('frontend/steps.form-errors.problem')
]) !!}
</fieldset>
<fieldset id="serial-wrap">
{!! Form::label('sn', trans('frontend/steps.form.serial')) !!}
{!! Form::text('sn', old('sn'), [
'id' => 'sn',
'data-parsley-required' => 'false',
'data-parsley-required-message' => trans('frontend/steps.form-errors.imei'),
'data-parsley-lunhvalidator' => '15',
'data-parsley-lunhvalidator-message' => trans('frontend/steps.form-errors.invalid-imei')
])
!!}
</fieldset>
<fieldset>
{!! Form::label('email', trans('frontend/steps.form.email')) !!}
{!! Form::email('email', old('email'), [
'data-parsley-type'=> 'email',
'data-parsley-required' => 'true',
'data-parsley-type-message' => trans('frontend/steps.form-errors.email'),
'data-parsley-required-message' => trans('frontend/steps.form-errors.email')
]) !!}
</fieldset>
#if($case == "INC")
<button class="upper" type="button" onclick="nextStep(this)" data-type="FORM" data-field="transaction"
data-next="eleventh" data-case="{!! $case !!}"
data-value="">{!! trans('frontend/steps.form.continue') !!}</button>
#else
<button class="upper" type="button" onclick="nextStep(this)" data-type="FORM" data-field="transaction"
data-next="fifth" data-case="{!! $case !!}"
data-value="">{!! trans('frontend/steps.form.continue') !!}</button>
#endif
</div>
{!! Form::close() !!}
</div>
Validation doesn't change input data. It just ensures the input matches your defined rules.
Technically there is no need to remove HTML tags. They won't do any harm in the database and can be escaped when outputting with {{ $content }}.
If you don't want to save HTML in your database use strip_tags() on the relevant fields.
But don't rely on it to prevent XSS, escaping output is still necessary
When I run $value = $request->session()->all(); Controller one gives the value 'product' as null. The second gives the right product id. They are on the same page. Both are forms within bootstrap modals. Why are they giving different session data? Stumped.
the form is submitted from a product page -> the id i want isnt submitted from the form -> the id is from the product page
Controller One
{!! Form::open(['action' => 'ControllerOne#store', 'method' => 'POST', 'enctype' => 'multipart/form-data']) !!}
{{Form::label('time', 'Select a Time')}}
{{Form::time('time', '', ['class' => 'form-control', 'placeholder' => 'Time'])}}
{{Form::label('date', 'Select a Date')}}
{{Form::text('date', '', ['class' => 'form-control', 'placeholder' => 'Date'])}}
<div class="modal-footer">
{{Form::submit('Add', ['class'=>'btn btn-primary'])}}
{!! Form::close() !!}
Controller Two
{!! Form::open(['action' => 'ControllerTwo#store', 'method' => 'POST', 'enctype' => 'multipart/form-data']) !!}
{{Form::label('listing', 'Price (NZD)')}}
{{Form::text('price', '', ['class' => 'form-control', 'placeholder' => 'Price'])}}
{{Form::label('listing', 'Name')}}
{{Form::text('name', '', ['class' => 'form-control', 'placeholder' => 'Name'])}}
{{Form::label('listing', 'Phone Number')}}
{{Form::number('phone_number', '', ['class' => 'form-control', 'placeholder' => 'Phone Number'])}}
{{Form::label('listing', 'Comments/Conditions')}}
{{Form::textarea('conditions', '', ['class' => 'form-control', 'placeholder' => 'Comments/Conditions'])}}
{{Form::submit('Submit', ['class'=>'btn btn-success'])}}
{!! Form::close() !!}
I have a search form to filter out accounts to show their transactions using relations. I have it working to filter a single account. I need to create the filter multiple accounts together. Here is my code for filtering a single selection since I am ne to Laravel< I am getting stuck. Thanks in advance.
public $relations = [];
public function account($account)
{
return $this->where('account_id', $account);
} }
This is my form:-
{!! Form::open(['url' => 'incomes/revenues', 'role' => 'form', 'method' => 'GET']) !!}
<div class="pull-left">
<span class="title-filter hidden-xs">{{ trans('general.search') }}:</span>
<!--{!! Form::text('search', request('search'), ['class' => 'form-control input-filter input-sm', 'placeholder' => trans('general.search_placeholder')]) !!}-->
{!! Form::text('start', request('start'), ['class' => 'form-control input-filter input-sm', 'placeholder' => trans('general.date_placeholder')]) !!}
{!! Form::text('end', request('end'), ['class' => 'form-control input-filter input-sm', 'placeholder' => trans('general.date_placeholder')]) !!}
{!! Form::select('customer', $customers, request('customer'), ['class' => 'form-control input-filter input-sm']) !!}
{!! Form::select('category', $categories, request('category'), ['class' => 'form-control input-filter input-sm']) !!}
{!! Form::select('account', $accounts, request('account'), ['multiple' => 'true','class' => 'form-control input-filter input-sm']) !!}
{!! Form::button('<span class="fa fa-filter"></span> ' . trans('general.filter'), ['type' => 'submit', 'class' => 'btn btn-sm btn-default btn-filter']) !!}
controller
public function index()
{
$revenues = Revenue::with(['account', 'category', 'customer'])->isNotTransfer()->collect(['paid_at'=> 'desc']);
$customers = collect(Customer::enabled()->pluck('name', 'id'))
->prepend(trans('general.all_type', ['type' => trans_choice('general.customers', 2)]), '');
$categories = collect(Category::enabled()->type('income')->pluck('name', 'id'))
->prepend(trans('general.all_type', ['type' => trans_choice('general.categories', 2)]), '');
$accounts = collect(Account::enabled()->pluck('name', 'id'))
->prepend(trans('general.all_type', ['type' => trans_choice('general.accounts', 2)]), '');
$transfer_cat_id = Category::transfer();
return view('incomes.revenues.index', compact('revenues', 'customers', 'categories', 'accounts', 'transfer_cat_id'));
}
Ok, so I have a partial contact form in the layout, and I'm trying to get the inputted data to pass to the full contact view form instead of submitting request via clicking the submit button. In my partial, it has name, email, and phone input. I want the info to populate the appropriate input and the remaining inputs in the full contact form and the rest to be blank waiting for users to input them. Then naturally on submit it sends out. the full contact form is already working, I just need to get this partial on the layout to work. The problem is it's redirecting it to a view that's a get method. I myself don't like this idea, but it's for my job and this is what they want. I would preferr to not have to make another view. This is what i have so far
the layout form:
{!! Form::open(array('url' => 'contact_index')) !!}
<div class="form-group">
{!! Form::label('Name:') !!}
{!! Form::text('name', null, ['class' => 'form-control', 'placeholder' => '', 'size' => '25']) !!}
</div>
<div class="form-group">
{!! Form::label('Email:') !!}
{!! Form::email('email', null, ['class' => 'form-control', 'placeholder' => '', 'size' => '25']) !!}
</div>
<div class="form-group">
{!! Form::label('Phone:') !!}
{!! Form::text('phone', null, ['class' => 'form-control', 'placeholder' => '', 'size' => '25']) !!}
</div>
<br/>
<div class="form_group">
{!! Form::submit('Submit', ['class' => 'btn btn-primary form-control']) !!}
</div>
{!! Form::close() !!}
this is the controller it redirects to
public function Index()
{
$email = Input::get('email');
$name = Input::get('name');
$phone = Input::get('phone');
session_start();
$_SESSION['name'] = $name;
$_SESSION['email'] = $email;
$_SESSION['phone'] = $phone;
return View('contact_views.Index',compact('email','name','phone'));
}
This is the view of the full contact:
{!! Form::open(array('url' => 'Contact')) !!}
<div class="form-group">
{!! Form::label('Email:') !!}
{!! Form::email('email', null, ['class' => 'form-control',
'placeholder' => '', value =>'$_SESSION['email']', size' => '25']) !!}
</div>
<div class="form-group">
{!! Form::label('Name:') !!}
{!! Form::text('name', null, ['class' => 'form-control', 'placeholder' => '',
value =>'$_SESSION['name']', 'size' => '25']) !!}
</div>
<div class="form-group">
{!! Form::label('Phone:') !!}
{!! Form::text('phone', null, ['class' => 'form-control', 'placeholder' => '',
value =>'$_SESSION['phone']', 'size' => '25']) !!}
</div>
<div class="form-group">
{!! Form::label('Subject:') !!}
{!! Form::text('subject', null, ['class' => 'form-control', 'placeholder' => '',
value =>'', 'size' => '25']) !!}
</div>
<div class="form-group">
{!! Form::label('Message:') !!}
{!! Form::textarea('message', null, ['class' => 'form-control', 'placeholder' => '',
value =>'', 'size' => '25x12']) !!}
</div>
<br/>
<div class="form_group">
{!! Form::submit('Submit', ['class' => 'btn btn-primary form-control']) !!}
</div>
{!! Form::close() !!}
As of now this is the error I'm getting FatalErrorException in b6da938076cfb151c583150cb7d0dec6 line 51:
syntax error, unexpected 'email' (T_STRING), expecting ']' .
You have an extra single quote on the line next to the "size" variable
'placeholder' => '', value =>'$_SESSION['email']', size' => '25']) !!}
y have this Controller with GET vars:
localhost/ordersys/public/admin/orders?provid=220001&price=500
{!! Form::open(array('action' => array('Admin\OrdersController#filter'), 'role'=>'search', 'method' => 'GET')) !!}
{!! Form::text('provid', null, array('class' => 'typeahead form-group form-control', 'placeholder' => 'Search by Provid here...')) !!}
{!! Form::text('price', null, array('class' => 'typeahead form-group form-control', 'placeholder' => 'Price max ...')) !!}
{!! Form::submit('Search', array('class' => 'btn btn-default search-bar-btn')) !!}
{!! Form::close() !!}
$varprovid = Input::get('provid');
$varprice = Input::get('price');
$collection = DB::table('orders')
->where('cod_prov', $varprovid)
->where('price', '<', $varprice)
->paginate(15);
This work, but how can catch the Inputs Input::get('provid'), Input::get('price') from Form and filter Collection using Where clauses dynamically. I can build array and use foreach loop? Any idea please, thanks.