Reputation: 976
Secure and clean code in laravel 5.1
In fact i have a question about the clean of code
i try to get some value in blade file , I Am confused between two approaches
i think both are right but i need to know who's clean and secure more with the reason
First approach in my blade directly using Eloquent
@foreach
(Auth::user()->company->country->cities as $city) {{$city->name}}
@endforeach
Second approach using Injecting Services by create this method in my model and use it in my blade using laravel 5.1 Injecting Services
public function getCity()
{
foreach(Auth::user()->company->country->cities as $city) {
return $city->name ;
// OR
return $city ;
// i think this is one of benefits to use this approach
// because in my view i can use getCity()->id or getCity()->name
}
}
Thanks For Your Time .
Upvotes: 4
Views: 512
Answers (4)
Reputation:
I think The best way that achieves MVC Design pattern whatever your code
public function getCities()
{
//in your model model
return $cities = Auth::user()->company->country->cities;
}
public function index()
{
//call return getCities();
}
//finally in your view loop over $cities
@foreach ($cities as $city)
{{$city->name}}
@endforeach
Upvotes: 2
Reputation: 91
Your second approach wouldn't work, because the function will finish while returning the name of the first city (or the first city itself). To make it work you could rewrite it, so that it returns all cities and loop through them in blade.
So if you use that function your code might look like:
@foreach($serviceName->getCities() as $city)
{{ $city->name }}
@endforeach
which is a nice thing, because the view doesn't have to care about where the cities will come from. If you use such a service on different views, it will be much easier to update.
Regarding security: There is no difference between those two approaches. As long as you print your output using the '{{ }}' operator. It'll prevent possible XSS attacks.
Upvotes: 4
Reputation: 4292
If you have setup eloquent relationship correctly then you should get the cities by using the following code
foreach(Auth::user()->cities as $city)
{
{!! $city->whatever !!}
}
Upvotes: 0
Reputation: 19285
The best place to get your data from the model is in the controller, and then pass the data to the view:
This is a key-point of any MVC architecture that brings separation of concerns: your controller's purpose is to get the data from the model and to pass it to the views. The purpose of the view is to get the data from the controller and to present it. So, the only thing a view needs is a variable passed from the controller
This way the app logic is kept in the controller and it will be easy for you to mantain your application. So:
In your controller:
public function index()
{
//get data from model
$cities = Auth::user()->company->country->cities;
//pass the data to the view
return View::make('your_view', ['cities' => $cities] );
}
Then, in your view:
@foreach ($cities as $city)
{{$city->name}}
@endforeach
Upvotes: 1
Related Questions
- How to secure function calls from PHP framework Codeigniter, Laravel
- How to save data in database safe in laravel 5.1?
- Laravel 5.5 and Entrust
- How to secure inputs in laravel 5.4
- About Laravel 5.1 Security
- Laravel 5.1 how to make my eloquent query closure secured
- security of input::get and eloquent
- Laravel 5.2 - Tips to make this better?
- Protecting methods using Laravel 5 Auth
- Laravel: configuring to protect sensitive info