In our previous Laravel blog, we wrote about the various methods to save data to your database. Whether you do this manually or via mass assignment, data should always be validated before being stored. Luckily, Laravel 5 has a build-in validator class to perform this job quick and easy.
Manual validation
Probably the easiest way to validate user input, is to use the Validator facade directly in the controller method that stores the data. Suppose we want to store a new customer and save its name, emailaddress and date of birth. Name and emailaddress are required, but the date of birth is optional. We can use the follow code snippet:
public function store (Request $request->all())
{
$validator = \Validator::make($request->all(), [
'name' => 'required|min:6',
'email' => 'required|email',
'date_of_birth' => 'date'
]);
if ($validator->passes()) {
Customer::create($request->all());
return Redirect::to('customer');
} else {
return Redirect::to('customer/create')->withErrors($validator);
}
}
The array within the Validator object defines the rules for this request, where the array keys correspond to the names of the input fields. E.g. the name of the customer is required and should have at least 6 characters. The date of birth is not required, but if it’s included in the request, it should be of format date (‘yyyy-mm-dd’);
Only if the request obeys these rules, the customer should be saved to the database. Otherwise, return to the previous page, show the form with the user input and show the error messages.
In addition to the validation rules applied in this example, there are much more predefined rules. A full list can be found here. If those validation rules are not sufficient, custom validation rules can be created.
Form request
To keep the controller methods clean, or to apply more extensive validation, a form request can be used as follows: Go to your command line tool and navigate to the root folder of your Laravel project. Write
php artisan make:request CustomerRequest
A file is created in the App/Http/Request folder, with an authorize method and a rules method. Within the rules method, the validation rules can be defined:
public function rules()
{
return [
'name' => 'required|min:6',
'email' => 'required|email',
'date_of_birth' => 'date'
];
}
The store method can now be reduced to:
public function store (Request\CustomerRequest $request->all())
{
Customer::create($request->all());
return Redirect::to('customer');
}
Write your own validation rules
Although Laravel comes with a lot of very useful validation methods out of the box, you sometimes need more. For example, suppose only customers with a gmail address are allowed to register at your website. Of course this is a silly example, but it illustrates the possibilities:
public function rules()
{
\Validator::extend('gmail', function($attribute,$value) {
if (strpos($value,'gmail') === false {
return false;
}
return true;
});
return [
'name' => 'required|min:6',
'email' => 'required|email|gmail',
'date_of_birth' => 'date'
];
}
First, we write an extension for the validator in which you define your custom rules. Next, add the custom rule to the rules array to apply it to the specified form field
Custom error messages
When the validation rules are not obeyed, Laravel automatically generates the text of the error messages. In case the default error messages are not informative enough for the user, they can be easily customized within the CustomerRequest. Create an additional function ‘messages’:
public function messages ()
{
return [
'date_of_birth.date' => 'Your custom message for the invalid date of birth',
'email.gmail' => 'Please supply a gmailaddress'
];
}
Summary
Validation of user input before saving to the database is very important. Laravel provides different methods to perform this validation. The Validator facade is suitable for use in a controller method, but another option is to create a form request that can be easily reused. Many validation rules are already included in Laravel by default. Customization is possible: both custom rules and custom error messages can be applied.
