mardi 29 décembre 2015

Route protection - Laravel

So I have a route with 3 parameters like so

Route::get('search-restaurant/{location}/{day}/{time}', 'WebController@search_restaurant');

For every request to this route, I want to verify these parameters in some way or another.

For the time parameter I've seen documentation of how to attach a regex to it but no documentation in 5.2 but even if I found the docs I need to verify others as well

So basically I have tried two different ways to check and verify the parameters but none are working.

Method 1 - Conroller

public function search_restaurant ($location, $day, $time) {

    if($day != 'today' || $day != 'tomorrow') {
        abort(500);
    } elseif (!in_array($location, $locations)) {
        abort(500);
    } elseif (!preg_match("/(2[0-3]|[01][0-9])([0-5][0-9])/", $time) && $time != "asap") {
        abort(500);
    } elseif ($day == "tomorrow" && $time == "asap") {
        abort(500);
    } else {
    .....//rest of code - send to view
    }
}

Method 2 - Middleware

public function handle($request, Closure $next)
{

    $location = $request->route('location');
    $day = $request->route('day');
    $time = $request->route('time');

    $locations = Array('central','garki-1','garki-2','wuse-2','wuse-1','gwarimpa','maitama','asokoro');

    if($day != 'today' || $day != 'tomorrow') { // check string
        abort(500);
    } elseif (!in_array($location, $locations)) { // check against array
        abort(500);
    } elseif (!preg_match("/(2[0-3]|[01][0-9])([0-5][0-9])/", $time) && $time != "asap") { // check agains regex
        abort(500);
    } elseif ($day == "tomorrow" && $time == "asap") { // check against string
        abort(500);
    }

    return $next($request);
}

As you can see I'm simple doing simple if..else statements on the variables but the conditions seem to always be true. I have tried these rules one by one also but every time they fail and I get sent to 500 page.

Any guidance appreciated



via Chebli Mohamed

Aucun commentaire:

Enregistrer un commentaire