I have a simple form that sends a value to controller:
JavaScript
x
<form action="{{route('mollie.payment')}}" method="post" >@csrf{{-- <input name="text" type="text">--}}<button type="submit" name="test" value="23.00">Send</button></form>This value will be static and this value cannot be modified. But of course it can be easily changed in Chrome dev tools.
How can I better implement this?
I though of doing validation like this:
JavaScript
public function preparePayment(Request $request) { $this->validate($request,[ 'test' => '230.00' ]);But it doesn’t work:
JavaScript
BadMethodCallExceptionMethod IlluminateValidationValidator::validate230.00 does not exist.What is good way of securing this value?
Advertisement
Answer
Make use of laravel form request to validate request payload.
You can create new form request via command
JavaScript
php artisan make:request StorePaymentRequestThen goto newly created file in appHttpRequests folder and write all the rules in here.
JavaScript
<?phpnamespace AppHttpRequestsStorePaymentRequest;use IlluminateFoundationHttpFormRequest;=class GetPayoutRequest extends FormRequest{ public function rules() { return [ 'status' => 'numeric|between:23.00,23.00' }}Use this StorePaymentRequest in preparePayment controller method.
JavaScript
public function preparePayment(StorePaymentRequest $request){ $requestPayload = $request->validated(); dd($requestPayload);}Now, request will be able to come up here if it successfully passed the validation otherwise ValidationException will be thrown automatically.