The following tutorial column of Laravel will introduce Laravel to ignore whitelists and blacklists. I hope it will be helpful to friends in need!
$fillable Whitelist: Allow insertion Field Default is: []$guarded Blacklist: Not allowed to insert fields Default is: ['*'] //Set all fields to the blacklist culprit
$request->query->set('user_id', Auth::id());Comment::create( $request->all());This is my favorite way of writing, if you can write one less Don't write two codes.
Of course the insertion will fail.
Manually add all field settings to protected $fillable = ['user_id','nickname',....];
It would be too troublesome not to consider this way of writing.
protectd $guarded = [];
This way of writing is better, because by default all fields are It's a blacklist, just reset it.
static $unguarded = true;
ignoreblack white Verification of list.
is as comfortable as solve2.
To understand why whitelist and blacklist are needed, do Steps 2,3.
And it can ensure that users cannot send data that damages the system.
(For example, my user_id, it is useless if the user sends user_id)
The above is the detailed content of About Laravel ignoring whitelist and blacklist. For more information, please follow other related articles on the PHP Chinese website!
Introduction to laravel components
Introduction to laravel middleware
What are the design patterns used by laravel?
Which one is easier, thinkphp or laravel?
How to remove people from the blacklist on WeChat
Laravel Tutorial
How to take screenshots on Huawei mate60pro
What system is Honor?
The difference between threads and processes
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
