COMPOSITE PRIMARY KEY

It seems you've hit something that is not currently possible with Laravel, since ->increments()already sets ->primary() , so when you add it yourself you end up with two PRIMARY clauses in the resulting SQL.But you may want to try creating the table with the wrong primary key, dropping it, then recreating it:

Schema::create("kitchen", function($table) { $table->increments('id'); $table->integer('restaurant_id'); $table->string('name');});

Schema::table('kitchen', function($table){ $table->dropPrimary('kitchen_id_primary');});

Schema::table('kitchen', function($table){ $table->primary(array('id', 'restaurant_id'));});

share|improve this answer

Laravel 4: Re-populating Form Fields when Validation FailsON MAY 14 IN LARAVEL TAGGED BY ABAH JOSEPH

Laravel is a web application framework with expressive, elegant syntax. We

believe development should be an enjoyable, creative experience to be truly

fulfilling. Laravel attempts to take the pain out of development by implementing

common tasks used in the majority of web projects, such as authentication,

routing, sessions, and caching. – Laravel

Here i will be explaining how to re-populate your form fields

when validations fails. For the sake of this tutorial i will be using the default route

setup. For detailed explanation of form validation and input handling, please

visit Laravel 4 official documentation.

You can use Input::old(‘field_name’) to access previously submitted data. To re-

populate a field set the default value to Input::old(‘field_name’).

Example: {{ Form::text(‘firstname’, Input::old(‘firstname’) }}.

Below is the route setup and sample code.

?

1

2

3

4

5

6

7

8

9

10

11

12

13

14

// This is our form route (the default route)

 

Route::get('/', function()

{

 

return View::make('form');

 

});

 

// This is the post handler

// our form is processed here

Route::post('/', function(){

 

        // validation rules

    $rules = array(

15

16

17

18

19

20

21

22

23

24

25

26

27

28

            'email' => 'required|min:5|email',

            'firstname' => 'required|alpha|min:5',

        );

 

    $validator = Validator::make(Input::all(), $rules);

 

    if ($validator->fails())

    {

        // if validation fails redirect with error and old input value

        return Redirect::to('/')->withErrors($validator)->withInput();

    }

 

});

Below is our form.blade.php

?

1

2

3

4

5

6

7

8

9

// form.blade.php

 

@if( $errors->count() > 0 )

 <p>The following errors have occurred:</p>

 <ul id="form-errors">

 {{ $errors->first('email', '<li>:message</li>') }}

 {{ $errors->first('firstname', '<li>:message</li>') }}

 </ul>

 @endif

10

11

12

13

14

15

16

17

 

{{ Form::open(array('url' => '/')) }}

 

 <p>{{ Form::text('firstname', Input::old('firstname') }}</p>

 

 <p>{{ Form::text('email', Input::old('email') }}</p>

 

 {{ Form::close() }}

Related Posts:

- See more at: http://abahjoseph.com/laravel-4-re-populating-form-fields-when-validation-fails/#sthash.ykBgDhHq.dpuf

Authentication & Authorisation

Posted March 20, 2013 & filed under Laravel.

Lately I’ve seen many new people come to Laravel (which is great) and

straight away, they’re comparing auth bundles/packages; which one is better

etc. I find this behaviour a little strange.

Of course I believe that you shouldn’t reinvent the wheel, but if you’re a

beginner, then the wheel is square.

Laravel can do a lot for us without using packages. A lot! You can also easily

send password reminders via email with Laravel. I encourage you to explore

the classes within vendor/laravel/framework/src/Illuminate/Auth just to see

for yourself.

Authentication.

Even within the Rails community, there’s a lot to be said for not using

Devise and just rolling-your-own from scratch with has_secure_password.

Laravel can do a lot of what an authentication package would do for us.

In my app, I’m protecting the majority of routes with before & auth filters.

1

2

3

4

5

6

7

8

9

10

11

12

// These routes override the user resource routes

Route::get('register', 'UsersController@create');

Route::post('register', 'UsersController@store');

 

// Run the guest filter before going to these routes.

// If the user is not a guest, they will be redirected accordingly

// Here I'm doing basic session CRUD. You really only need create(), store() and destroy()

Route::group(['before' => 'guest'], function() {

 Route::get('login', 'SessionController@create');

 Route::post('login', 'SessionController@store');

});

Route::get('logout', 'SessionController@destroy');

 

13

14

15

16

17

18

19

20

21

// Before the user tries to access these resources, authenticate them

Route::group(['before' => 'auth', 'https'], function() {

 // user Resource

 Route::resource('users', 'UsersController');

 

// etc.

 

});

Above you will see that I think of everything in terms of resources, and you

should too (where applicable). When a user logs into an application, a session

for that user is created, when they logout of the app, the session is destroyed.

Sounds like a resource to me. Although I don’t have the session defined as

such, it’s using the same methods you’d find in a resource controller,

however, we really only need create(), store() and destroy().

Here’s my auth filters.

1

2

3

4

5

6

Route::filter('auth', function()

{

 if (Auth::guest()) return Redirect::action('SessionController@create');

});

Route::filter('guest', function()

{

 if (Auth::check()) return Redirect::to('/');

7

8});

So that’s my simple authentication. I don’t have roles (yet) and will worry

about them when I need to. But there’s one thing we’re forgetting. Once a

user is logged in, what’s to stop them from editing the URL and changing the

ID of their group to one that doesn’t belong to them? Now we need to

implement authorisation, as in what is the user permitted to do within your

app?

Authorisation.

I’ve kept this very simple so far, but then again, it depends on your

application. A user will have many groups, each group will have many

discussions etc. So I needed to make sure that they couldn’t access groups

and discussions that they don’t belong to. I was also paranoid about users

editing a form (via Firebug or Webkit’s dev tools) to manipulate a resource

that they’ve no permission to. So basically, I’m checking these things for all

resources. I do a very simple check within the User model.

“Does this user have access to this group?”

1

2

3

/**

 * Does the user have access to this group?

 *

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

 * @param integer $id

 * @return boolean

 */

public function hasAccessToGroup($id)

{

 $user = Auth::user();

 $groups = $user->groups()->get();

 foreach ($groups as $group) {

     if ($group->id == $id) {

         return true;

     }

 }

 // User is not permitted to access this group.

 return false;

}

Simple check that returns true or false. In my controller I do a simple check

and if it returns true (they do have access), we can continue. It’s crude, sure,

but it works. I’d love to hear alternatives.

1

2

3

4

// GroupsController.php

if (Auth::user()->hasAccessToGroup($id)) {

 // etc.

}

How are you handling authentication & authorisation?