I am pretty new in PHP and moreover in Laravel. I came from Java and I am a Spring MVC developer. Now I am using Laravel 5.4 for a project.
I have the following doubt related to the possibility to create Laravel controller method that handle HTTP Request having a spefic list of parameters (as the controller method input parametes).
In Spring MVC I can declare controller method that accept only request having a specific list (and type, but in PHP we have not type) of parameter instead the simple Request $request object from which extract the parameters.
I think being able to declare the pameters list (insted the Request object and then extract from it) is much better because the code is more readable (you read the method signature and you know what it use) and also the application can not enter in a controller method if the user have not specified all the neede parmeters !!!
For example I have a request like this (representing the link to activate an account on my Laravel website sended on the e-mail after the user registration):
http://laravel.dev/activate?email=my-email@gmail.com&token=cce0452d95c358b5b3b97fec5662e12e
I don't wan't a controller method like this:
public function activate(Request $request) {
if ( $request->has('email') && $request->has('token')) {
$email = $request->email;
$token = $request->token;
}
}
because:
-
Looking at the input parameter I only have the Request $request object that says me nothing about what this method will use.
-
Most important I have to manually handle the extraction of the email and of the token request parameters and check if these parameters exist in the request.
What I desire is that if the HTTP Request doesn't contains the expected parameters list the method will not handle this request.
I founded this solution:
Into my web.php file I put this route:
Route::get('/activate', [ 'as' => 'activate', function() {
return app()->make(App\Http\Controllers\RegistrationController::class)->callAction('activate', $parameters = [ 'email' => request()->email, 'token' => request()->token ]);
}]);
Then this is my controller method into my RegistrationController class:
public function activate($email, $token) {
echo "Email: $email"; // myemail@gmail.com
echo "Token: $token"; // eb0d89ba7a277621d7f1adf4c7803ebc
// do stuff
}
The problem is that doing in this way I can specify the request parameters as input parameters of my controller method (making it more readable) but the main problem remain, infact I can perform an HTTP Request like this:
http://laravel.dev/activate?email=nobili.andrea@gmail.com&XDEBUG_SESSION_START=14267
that is handled by the activate() controller method.
I really want prevent that this method handle request that doesn't have the expected request parameters.
Can I do it in Laravel in some way? Maybe can I modify this solution to obtain this behavior?
via Andrea Nobili
