Laravel Blade Request method - php

Recently I started learning Laravel by following the Laravel From Scratch cast(https://laracasts.com/series/laravel-5-from-scratch).
Right now I'm trying to add additional functionality to the registration form(starting with error feedback) and I already ran into a problem.
Is there a (native) way to check wether the form has been submitted or not?
I tried to use:
{{ Request::method() }}
But even after pressing Register on the default scaffold generated by running the command php artisan make:auth it returns GET while the action of the form is POST and it triggers a route with a POST Request type.
The reason for all of this is that I want to add a CSS class to a element based on the following requirements.
if form is submitted
if $errors->has('name') //is there an error for name(example)
add 'has-error' class
else
add 'has-success' class
endif
endif
Does anybody know a solution for it?


I think you want to achieve this:
if( old('name') ){ // name has been submitted
if( $errors->first('name') ){ // there is at least an error on it
// add error class
}else{ // has been submitted without errors
// add valid class
}
}
That in a input field is something like this:
<input name="name" class="validate{{ old('name') ? ( $errors->first('name') ? ' invalid' : ' valid') : '' }}" type="text" value="{{ old('name') }}">


Rick,
You can validate you should have a look at the validate function in Laravel. You can validate the input you sent in and when there are errors send them back into your view.
For examples look at the url: https://laravel.com/docs/5.1/validation
Hope this helps.

Related

Laravel 5.4: TokenMismatchException [duplicate]

I know that this is a known error with things like forms in Laravel. But I am facing an issue with basic authentication in Laravel 5.2.
I created the auth using Laravel;
php artisan make:auth
Now I have the same copy of code on my server and my local. On my local I am getting no issue whatsoever. However on my server, when I try to register a user I get the error saying TokenMismatchException in VerifyCsrfToken.php Line 67
Both my local and server environments are in sync, yet I keep getting the error on registration. Any help on how I can fix this?

I'm assuming you added $this->middleware('auth'); inside the constructor of your controller to get the authentication working. In your login/register forms, if you are using {!! Form::someElement !!}, add the following line at the top as well:
{!! csrf_field() !!}
Or if you are using input tags inside your forms, just add the following line after <form> tag:
<input type="hidden" name="_token" value="{{ csrf_token() }}">
Hope this helps.

I had a similar issue and it was an easy fix.
Add this in your HTML meta tag area :
<meta name="csrf-token" content="{{ csrf_token() }}">
Then under your JQuery reference, add this code :
<script type="text/javascript">
$.ajaxSetup({
headers: {
'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content')
}
});
</script>
If you are using the HTML form submit (not AJAX) then you need to put :
{{ csrf_field() }}
inside your form tags.

I was about to start pulling out my hair!
Please check your session cookie domain in session.php config. There is a domain option that has to match your environment and it's good practice to have this configurable with you .env file for development.
'domain' => env('COOKIE_DOMAIN', 'some-sensible-default.com'),

If nothing is working you can remove the CSRF security check by going to App/Http/Middleware/VerifyCsrfToken.php file and adding your routes to protected $excpt.
e.g. if i want to remove CSRF protection from all routes.
protected $except = [
'/*'
];
P.S although its a good practice to include CSRF protection.

You need to have this line of code in the section of your HTML document, you could do that by default , it won't do any harm:
<meta name="csrf-token" content="{{ csrf_token() }}" />
And in your form you need to add this hidden input field:
<input type="hidden" name="_token" value="{{ csrf_token() }}">
Thats it, worked for me.

I was facing the same issue with my application running on laravel 5.4
php artisan session:table
php artisan make:auth
php artisan migrate
.. and then following command works for me :)
chmod 777 storage/framework/sessions/
One more possibility of this issue, if you have set SESSION_DOMAIN (in .env) different than HOST_NAME
Happy coding

I have also faced the same issue and solved it later.
first of all execute the artisan command:
php artisan cache:clear
And after that restart the project.
Hope it will help.

Your form method is post. So open the Middleware/VerifyCsrfToken .php file , find the isReading() method and add 'POST' method in array.

There are lot of possibilities that can cause this problem.
let me mention one.
Have you by any chance altered your session.php config file?
May be you have changed the value of domain from null to you site name or anything else in session.php
'domain' => null,
Wrong configuration in this file can cause this problem.

By default session cookies will only be sent back to the server if the browser has a HTTPS connection. You can turn it off in your .env file (discouraged for production)
SESSION_SECURE_COOKIE=false
Or you can turn it off in config/session.php
'secure' => false,

I also get this error, but I was solved the problem. If you using php artisan serve add this code {{ csrf_field() }} under {!! Form::open() !!}
php artisan cache:clear
Clear cache & cookies browser
Using Private Browser (Mozilla) / Incognito Window (Chrome)
Open your form/page and then submit again guys
I hope this is solve your problem.

Make sure
{!! csrf_field() !!}
is added within your form in blade syntax.
or in simple form syntax
<input type="hidden" name="_token" value="{{ csrf_token() }}">
along with this,
make sure, in session.php (in config folder), following is set correctly.
'domain' => env('SESSION_DOMAIN', 'sample-project.com'),
or update the same in .env file like,
SESSION_DOMAIN=sample-project.com
In my case {!! csrf_field() !!} was added correctly but SESSION_DOMAIN was not configured correctly. After I changed it with correct value in my .env file, it worked.

change the session driver in session.php to file mine was set to array.

Can also occur if 'www-data' user has no access/write permissions
on the folder:
'laravel-project-folder'/storage/framework/sessions/

Below worked for me.
<input type = "hidden" name = "_token" value = "<?php echo csrf_token(); ?>">

Have you checked your hidden input field where the token is generated?
If it is null then your token is not returned by csrf_token function.You have to write your route that renders the form inside the middleware group provide by laravel as follows:
Route::group(['middleware' => 'web'], function () {
Route::get('/', function () {
return view('welcome');
});
Here root route contains my sign up page which requires csrf token. This token is managed by laravel 5.2.7 inside 'web' middleware in kernel.php.
Do not forget to insert {!! csrf_field() !!} inside the form..

Go to app/provides.
Then, in file RouteServiceProvider.php, you'll have to delete 'middleware' => 'web' in protected function mapWebRoutes(Router $router)

The problem by me was to small post_max_size value in php.ini.

Put this code in between <form> and </form> tag:
<input type="hidden" name="_token" value="{{ csrf_token() }}">

I had the same issue but I solved it by correcting my form open as shown below :
{!!Form::open(['url'=>route('auth.login-post'),'class'=>'form-horizontal'])!!}
If this doesn't solve your problem, can you please show how you opened the form ?

You should try this.
Add {{ csrf_field() }} just after your form opening tag like so.
<form method="POST" action="/your/{{ $action_id }}">
{{ csrf_field() }}

Are you redirecting it back after the post ? I had this issue and I was able to solve it by returning the same view instead of using the Redirect::back().
Use this return view()->with(), instead of Redirect::back().

For me, I had to use secure https rather than http.

try changing the session lifetime on config/session.php like this :
'lifetime' => 120, to 'lifetime' => 360,
Here I set lifetime to 360, hope this help.

I got this error when uploading large files (videos). Form worked fine, no mismatch error, but as soon as someone attached a large video file it would throw this token error. Adjusting the maximum allowable file size and increasing the processing time solved this problem for me. Not sure why Laravel throws this error in this case, but here's one more potential solution for you.
Here's a StackOverflow answer that goes into more detail about how to go about solving the large file upload issue.
PHP change the maximum upload file size

In my case, I had a problem when trying to login after restarting server, but I had csrf field in the form and I didn't refresh the page, or it kept something wrong in the cache.
This was my solution. I put this piece of code in \App\Http\Middleware\VerifyCsrfToken.php
public function handle($request, Closure $next)
{
try {
return parent::handle($request, $next); // TODO: Change the autogenerated stub
} catch(TokenMismatchException $e) {
return redirect()->back();
}
}
What it does is catching the TokenMismatchException and then redirecting the user back to the page (to reload csrf token in header and in the field).
It might not work always, but it worked for my problem.

Try php artisan cache:clear or manually delete storage cache from server.

If you check some of the default forms from Laravel 5.4 you fill find how this is done:
<form class="form-horizontal" role="form" method="POST" action="{{ route('password.email') }}">
{{ csrf_field() }}
<div class="form-group{{ $errors->has('email') ? ' has-error' : '' }}">
<label for="email" class="col-md-4 control-label">E-Mail Address</label>
<div class="col-md-6">
<input id="email" type="email" class="form-control" name="email" value="{{ old('email') }}" required> #if ($errors->has('email'))
<span class="help-block">
<strong>{{ $errors->first('email') }}</strong>
</span> #endif
</div>
</div>
<div class="form-group">
<div class="col-md-6 col-md-offset-4">
<button type="submit" class="btn btn-primary">
Send Password Reset Link
</button>
</div>
</div>
</form>
{{ csrf_field() }}
is the most appropriate way to add a custom hidden field that Laravel will understand.
csrf_filed() uses csrf_token() inside as you can see:
if (! function_exists('csrf_field')) {
/**
* Generate a CSRF token form field.
*
* #return \Illuminate\Support\HtmlString
*/
function csrf_field()
{
return new HtmlString('<input type="hidden" name="_token" value="'.csrf_token().'">');
}
}
And csrf_field() method uses session for the job.
function csrf_token()
{
$session = app('session');
if (isset($session)) {
return $session->token();
}
throw new RuntimeException('Application session store not set.');
}

I have same issue when I was trying out Laravel 5.2 at first, then I learnt about {{!! csrf_field() !!}} to be added in the form and that solved it. But later I learnt about Form Helpers, this takes care of CSRF protection and does not give any errors. Though Form Helpers are not legitimately available after Laravel 5.2, you can still use them from LaravelCollective.

Got to your laravel folder :: App/http/Middleware/VerifyCsrfToken.php
<?php
namespace App\Http\Middleware;
use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as BaseVerifier;
class VerifyCsrfToken extends BaseVerifier
{
/**
* The URIs that should be excluded from CSRF verification.
*
* #var array
*/
protected $except = [
// Pass your URI here. example ::
'/employer/registration'
];
}
And it will exclude this url from the Csrf validation. Works for me.

Assist with using native html form in laravel

Hello: I have done tons of html forms in wordpress and am now trying to do the same in laravel. The problem is with submitting the form; it is not going to my destination or passing the post variables as I would expect. (i am getting errors on the loading of the page).
I know it has something to do with the "routes" and possibly also CSRF? (been reading a lot on this and seeing all kinds of info
I have seen things about using Laravel to build a form "open form/close form" but I am trying to find a way to just use an html form
I have the default laravel installed with nothing extra...
I tried adding a "post" route but that did not help...
here is what i have now:
this is from my routes.php file:
Route::post('gz_form', ['as' => 'gz_form', 'uses' => 'cont15_gzap#gzap_cont_function']);
here is the top of my form:
<form method="post" autocomplete="off" action="{{ route('gz_form') }}" >
<input name="_token" type="hidden" value="{{ csrf_token() }}"/>
<input type="hidden" name="gc_post" value=2 />
(I threw on that token input as some people suggested that...)
Anyway - I am hoping someone can help me with this...

you have to check your route method .. is it post or get .. and check if your route named already or not ..
Route::post('/gz_form', 'YourController#handler')->name('gz_form');
while you using {{ route('gz_form') }} you need to name it

I was able to get this to work using both of your inputs - but once i had it down to the token mismatch - i finally got it to work by changing the input on my form to:
<input type="hidden" name="_token" value="<?php echo csrf_token(); ?>">
i found that somewhere and by doing that the token mismatch went away...
But thanks for your help guys - getting this to work took more than one step and so your help was needed and helpful...

Laravel 5.4 "MethodNotAllowedHttpException" (Basic Task List)

i was trying to follow this tutorial on Laravel, even though most of the code & directories there were outdated, i managed to make the "Add Task" and also The Form to show up after a few errors.
now the problem, the delete button.
when i click on it, it shows a "MethodNotAllowedHttpException".
i changed the source code to match the newest version of Laravel.
my form (current version) :
<form action="{{ url('/task/'.$task->id) }}" method="POST">
{{ method_field('DELETE') }}
{{ csrf_field() }}
<button type="submit" class="btn btn-danger">
<i class="fa fa-btn fa-trash"></i>Delete
</button>
</form>
my route :
Route::delete('/task/{id}', function ($id) {
Task::findOrFail($id)->delete();
return redirect('/');
});
i've been trying to fix this for 4 hours now, changing the methods of my route and form; but to no avail.
this is my first question on this site, sorry if there's something wrong in this question.
thanks~
edit:
to further help the effort, here's the complete error log
Error log, in Google Chrome

Change
<form action="{{ url('task/'.$task->id) }}" method="DELETE">
to
<form action="{{ url('task/'.$task->id) }}" method="POST">
Because form method DELETE does not exist, Laravel just "overwrites" this method with the hidden input "method" (you can place this input using "{{ method_field('DELETE') }}").

Form dosent support method Delete or Put ... It support only get and post methods, if You want implement delete in laravel this article will help you
link

Answer :
Turns out the problem lies in the Database-table itself, let me explain :
i was referring to a 'tasks' table that is referred as 'task' in code (no problem)
BUT, i was referring to a column called "ID" in my table as "id" in my code, creating the error (a rookie mistake).
thanks to #Autista_z for the pointer, and everyone else below for the guidance!

form update with file upload laravel

I'm having a bit of an issue when it comes to updating a form and and having an file input. Here is what I am working with.
I have a form in laravel 5.1 which has a post method and a hidden 'Patch' method. This works as is should updating the fields that are in the form. However, when it introduce:
<input type="file" id="profile_picture" name="image_url" />
into the form, i get a:
MethodNotAllowedHttpException in RouteCollection.php line 218:
laravel error. I have tried changing the
<input type='hidden' name='_method' value='PATCH'>
to PUT and it still doesnt like it.
My form looks like this:
<form action='{{url("profiles/$user->id")}}' method="post" class="form-horizontal" enctype="multipart/form-data">
route resource looks like this:
Route::resource('profiles', 'ProfilesController');
I can't figure out what I am missing here...Any help is much appreciated.

I believe it has to do with the exact route you are typing out in the "action" parameter matching up with the profile controller's update method.
Try changing
action'{{url("profiles/$user->id")}}'
to
action='{{ route("profiles.update", $user->id) }}'
Additionally, you could use the Laravel Collective HTML package to simply opening and closing of forms.

Also for POST Request types, you need to send the CSRF token along with your form data. If you are using laravel blade template in your view, you may use
{{ csrf_field() }}
which translates to
<input type="hidden" name="_token" value={{ csrf_token() }}
Please refer the documentation for this.

Populating checkboxes in laravel blade

I'm trying to make a form partial that can be reused for both INSERT and UPDATE. I'm stuck on populating checkboxes. Here what I have:
<input type="checkbox" id="Paid" value="1" name="Paid"
{{ (old('Paid') ?? $invoice->Paid ?? false) ? 'checked' : '' }} />
It works for when loading the form the first time on both new records and updating. The problem is when a user unchecks the box when editing a record but something else on the form fails validation. When the form loads after failed validation the box that was unchecked is checked again. The database value from $invoice->Paid is loaded because the old() returns false.

You should be able to do this like so:
{{ old('Paid', $invoice->Paid) ? 'checked="checked"' : '' }}
As long as the old value was true, or the Paid property of the $invoice model is not null/false, then it will apply the checked value, else it will not.

I tried for hours to get this working. In the end I gave up and installed LaravelCollective HTML package:
https://laravelcollective.com/docs/5.3/html
Form model binding in this package works for populating checkboxes in the above scenario.

One approach is to test the value of old('_token'):
#if (!(old('_token') && $invoice->Paid) || (old('Paid')))
checked
#endif

Categories