How can I sanitize laravel Request inputs?

php laravel forms request sanitization
Tarek Adam picture Tarek Adam · Jan 15, 2016 · Viewed 10.2k times · Source

I have MyRequest.php class extending App\Http\Requests\Request. I want to trim() every input before validation because an e-mail with a space after it does not pass validation.

However sanitize() was removed from src/Illuminate/Foundation/Http/FormRequest.php

Answer

Tarek Adam picture Tarek Adam · Jan 15, 2016

  1. Create an abstract SanitizedRequest class that extends the usual Request class.

  2. YourRequest class should extend your SanitizedRequest abstract class.

  3. Your SanitizedRequest class overrides Request::all() as like so...

    namespace App\Http\Requests\Forms;
use App\Http\Requests\Request;

abstract class SanitizedRequest extends Request{

    private $clean = false;

    public function all(){
        return $this->sanitize(parent::all());
    }


    protected function sanitize(Array $inputs){
        if($this->clean){ return $inputs; }

        foreach($inputs as $i => $item){
            $inputs[$i] = trim($item);
        }

        $this->replace($inputs);
        $this->clean = true;
        return $inputs;
    }
}

Then a normal CustomRequest, but extend SanitizedRequest instead of laravel's Request class

    class ContactRequest extends SanitizedRequest{
        public function authorize(){ return true; }
        public function rules(){ return []; }
    }

Related questions

Laravel - Form Input - Multiple select for a one to many relationship

One of the requirements in an application that I am building is for a form input which takes in a varying number of items for a single field. For instance, sports that I play are ('Soccer','Tennis','Croquet'). There are …

Read More
How to redirect back to form with input - Laravel 5

How do I redirect back to my form page, with the given POST params, if my form action throws an exception?

Read More
Laravel form html with PUT method for PUT routes

I Have this in my routes : +--------+---------------------------+--------------+--------------------------- ---------+----------------+---------------+ | Domain | URI | Name | Action | Before Filters | After Filters | +--------+---------------------------+--------------+--------------------------- ---------+----------------+---------------+ | | GET|HEAD / | | postcontroller | auth | | | | GET|HEAD login | | homecontroller@dologin | | | | | POST login | | homecontroller@…

Read More