when need create sort of form in laravel use single route both form displaying , saving. reason need use route::any('login', 'logincontroller@login') doesn't feel right.
for example typical login form controller method:
public function login() { // handle submit if(\input::ismethod('post')) { if(\auth::attempt(array('username' => \input::get('username'), 'password' => \input::get('password')))) { return \redirect::intended('profile'); } else { return \redirect::back()->withinput() ->witherrors(['auth-validation' => 'invalid username or password']); } } // show form $this->layout->content = \view::make('frontend/login'); } the question is: there security risks of route::any or other cannot think of in long run?
any security risks depends on doing request , conditionals and/or checks using respond different verbs.
but, can limit verbs match() method instead of any():
route::match(['get', 'post'], '/uri', 'controller@method'); 
Comments
Post a Comment