15 php validation laravel laravel-4 laravel-5
我正在尝试使用Laravel 5.1的表单请求验证,以授权请求是否来自所有者.当用户试图更新表的一部分的验证用于clinics通过show.blade.php.
我到目前为止的设置:
routes.php文件:
Route::post('clinic/{id}',
array('as' => 'postUpdateAddress', 'uses' => 'ClinicController@postUpdateAddress'));
ClinicController.php:
public function postUpdateAddress($id,
\App\Http\Requests\UpdateClinicAddressFormRequest $request)
{
$clinic = Clinic::find($id);
$clinic->save();
return Redirect::route('clinic.index');
}
UpdateClinicAddressFormRequest.php:
public function authorize()
{
$clinicId = $this->route('postUpdateAddress');
return Clinic::where('id', $clinicId)
->where('user_id', Auth::id())
->exists();
}
Show.blade.php
{!! Form::open(array('route' => array('postUpdateAddress', $clinic->id), 'role'=>'form')) !!}
{!! Form::close() !!}
如果我
dd($clinicId)在授权函数中,它返回null,所以我认为这就是问题所在!
任何帮助,为什么提交它说'禁止'将非常感激.
Eme*_*bah 34
您收到Forbidden Error因为authorize()表单请求的方法返回false:
问题是: $clinicId = $this->route('postUpdateAddress');
要在表单请求中访问路由参数值,您可以执行以下操作:
$clinicId = \Route::input('id'); //to get the value of {id}
所以authorize()应该是这样的:
public function authorize()
{
$clinicId = \Route::input('id'); //or $this->route('id');
return Clinic::where('id', $clinicId)
->where('user_id', Auth::id())
->exists();
}