Rooly2021-03-23 11:40:40
Rooly, 2021-03-23 11:40:40

How to properly organize apiResource Laravel?

Colleagues, could you share some advice.

I once wrote for one REST API project (get, post, put, delete methods) and did getting data from the model using the protected $hidden and protected $ appends properties, but I did the getting using the getAttrNameAttribute ($ value) functions.

Recently, I learned about such Laravel functionality as apiResource and I can’t accept it in any way, or I’m used to what I found, now I need to make a REST API for one project and again I want to apply the initial workpiece (maybe just because I'm used to it)

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Nick Sdk, 2018-03-05

Added one more condition to make it more "correct"

$sql_type_array = [];
for ($i=1; $i<=11; $i++) {
  $tag_name = 'tag' . $i;
  if (isset($_POST[$tag_name]) && (int)$_POST[$tag_name] === 1) {
    $sql_type_array[] = 'type' . $i . ' != NULL';
$query3 = mysqli_query($lnk, "SELECT * FROM applications WHERE name='".$_POST['name']."' AND status='".$_POST['status']."' " . implode(' AND ', sql_type_array);

In general, it is better to never make such requests at all when your data from POST or GET goes directly to the SQL query.
In a case like yours, you can easily perform SQL injection
Read about SQL injection
about prepared SQL

jazzus, 2021-03-23

Api resources do not cancel the methods of working with the model. Using Laravel and using some of your semi-bicycles instead of laravel tools (for example, response json with models) is not prohibited, but it is unprofessional, illogical (why do you need a framework then), ugly and makes the quality of the code worse (readability, support, etc.). Therefore, only - yes, use, no options) In resources, you can use getters or not use getters, but form parameters directly in the resource, links to other resources, etc. Including collections. There are no difficulties there. You list the required parameters in the resource and call them in the controller with one line of code. Usually 2 minutes for the whole process.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question