grahamcampbell / laravel-binput Goto Github PK
View Code? Open in Web Editor NEWAn input protector for Laravel
Home Page: https://gjcampbell.co.uk
License: MIT License
An input protector for Laravel
Home Page: https://gjcampbell.co.uk
License: MIT License
use Illuminate\Illuminate\Http\Request;
by
use Illuminate\Http\Request;
I was wondering what the benefits are, if any, of using the CodeIgniter Security class instead of the single-purpose HTML Purifier library. I don't actually have any preference for one or the other, just curious about your reasoning.
I really like Binput's approach of wrapping Illuminate\Http\Request for transparent input sanitization. It seems like this could even be used with FormRequest as well (clean before validation), no?
It looks like an HTML Purifier-based library like etcinit/purifier could function as a drop-in replacement for Laravel-Security, since they both implement a simple clean() method.
Please make i compatible laravel 4.2.* i can not update 4.1 to 4.2 just because of this package
Why do you require PHP 5.4, but still support Laravel 4.1, which requres PHP 5.3.7?
UPD:
I have PHP 5.3 on my hosting, and thats why I use Laravel 4.1 - so here is the connection ... But I can't use your package because it requires PHP 5.4.
https://i.imgur.com/kqMWdSg.png
โฎ should output as ‮
‮ should output as ‮
N.B after posting, it appears even GitHub hasn't yet fixed that either, however they have in code blocks as seen above (in editor perspective: http://i.imgur.com/n2xdgJp.png)
That would be an RTL (Right-to-Left) unicode character, there are a few others which alter the layout of text which should also be addressed
Hi,
I've tried to extend the Binput directly to my request, but it ignore all the validation rules.
//Request.php
use GrahamCampbell\Binput\Binput;
abstract class Request extends Binput
{
}
//UserRequest
public function rules()
{
return [
'email' => 'required|email|unique:users,email',
'password' => 'required|numeric|digits:6',
];
}
It works perfectly. Everything is clean and trim. But if I try to not fill the email field. But it pass the validation request.
Am I doing mistake or is this how binput works?
Thanks
Hey @GrahamCampbell I actually am not 100% sure what this does, and how it does what it does. ๐ Could you maybe add a section to explain what it does and also another one with actual usage examples?
From the tests I gathered that it is input sanitisation, but to what extend, and what is actually possible with it? Some more real code examples would be great, thanks.
We need some unit tests...
Error:
FatalErrorException in Facade.php line 210: Call to undefined method GrahamCampbell\Binput\Facades\Binput::get()
CODE:
Route::get('test', function(){
$test = BInput::get('test');
return $test;
});
test:
http://localhost/test?test=hello
[REDACTED]
Hi,
When I'm using this package and trying to pass input which contain file (I've tried image),
It filter the image and converted the object to string, which cause it to fail in the laravel image validation.
Mor.
To maintain 'identical api' with the laravel request class the package should support calling input()
with no parameters. Currently it errors out due to lack of a parameter.
Only utf8 is currently supported.
The proposed API examples for 3 functions:
// second (optional) parameter default to null where encoding will be autodetected
Binput::all($trim = true, $clean = true, $encoding = null);
Binput::only($keys = array('key'), $trim = true, $clean = true, $encoding = null);
Binput::get($key = null, $default = null, $trim = true, $clean = true, $encoding = null);
// here we are forcing the encoding to utf8
Binput::all($trim = true, $clean = true, $encoding = 'utf8');
Binput::only($keys = array('key'), $trim = true, $clean = true, $encoding = null);
Binput::get($key = null, $default = null, $trim = true, $clean = true, $encoding = null);
Related GrahamCampbell/Laravel-Security#15.
Laravel's Request class allowes the $key
parameter to be null
for the methods old
and input
, which is not the case in your Binput class. E.g. Input::old()
returns an array with all input parameters.
Please adapt this behaviour or at least mention this difference in the documentation. Currently the doc says "The [...] methods have an identical api to the methods found on the laravel request class ...", which is not exactly true.
Hello,
When upgrading a Laravel application to v10.x of the Laravel framework, I get the following error message from Composer:
composer.json requires graham-campbell/binput ^11.0, found graham-campbell/binput[11.0.x-dev] but it does not match your minimum-stability.
Browsing https://packagist.org/packages/graham-campbell/binput, it looks like v11.0
is not available there (only 11.0.x-dev
). I'd prefer not to drop my minimum-stability
(to install 11.0.x-dev
), is a v11.0
published release in the works? ๐
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.