How to pass information to a RESTful Controller in laravel5.7 without the use of Laravel-Forms

Question

I'm trying to set up a simple CMS in laravel where blog posts can be created and saved in a database. I've been following a YouTube tutorial which uses the Resource Controller and it's working fine. However the tutorial series uses the laravel-Forms to pass parameters to the Controller which is deprecated, because of this I tried replacing the laravel-Form with a regular html-Form but I can't get it to work.

The particular series and part of it I'm talking about is this one: https://www.youtube.com/watch?v=-QapNzUE4V0&index=7&list=PLillGF-RfqbYhQsN5WMXy6VsDMKGadrJ-

I will paste the "create" view which contains the form that I'm talking about underneath, and then the one I replaced it with which is not working.

<h1>Create Post</h1>
{!! Form::open(['action' => 'PostsController@store', 'method' => 'POST', 'enctype' => 'multipart/form-data  ']) !!}
<form action="/posts" method="post" enctype="multipart/form-data">
    <div class="form-group">
        {{Form::label('title', 'Title')}}
        {{Form::text('title', '', ['class' => 'form-control', 'placeholder' => 'Title'])}}
    </div>
    <div class="form-group">
            {{Form::label('body', 'Body')}}
            {{Form::textarea('body', '', ['id' => 'article-ckeditor', 'class' => 'form-control', 'placeholder' => 'Body Text'])}}
    </div>
    {{Form::submit('Submit', ['class'=>'btn btn-primary'])}}
{!! Form::close() !!}

So this is the one from the tutorial which is working fine, it passes all parameters from the form to the store function in the Controller. But when I use this type of form instead:

<h1>Create Post</h1>
<form action="/posts" method="post" enctype="multipart/form-data">
    <div class="form-group">
        <h1>Title<h1>
        <input type="text" class="form-control" name="title">
    </div>
    <div class="form-group">
            <h1>Body</h1>
            <textarea name="body" id="article-ckeditor" class="form-control" cols="30" rows="10"></textarea>
    </div>
    <input type="submit" value="Submit">
</form>

It will direct me to /posts and simply say "Error 419 - Your session has expired" and no data will be stored in the database.

Here you can see my store function in the Controller:

public function store(Request $request)
{
    $this->validate($request, [
        'title' => 'required',
        'body' => 'required',
    ]);

    // Create Post
    $post = new Post;
    $post->title = $request->input('title');
    $post->body = $request->input('body');

    $post->save();

    return redirect('/posts')->with('success', 'Post Created');
}

Thank you for reading! I appreciate any help!

Answer 1

You can import laravel collective which is a seperate package now. I'm inserting the link here.

As for a normal form like yours to work u need to add a csrf field. Laravel collective has the advantage here as it automatically adds this field even if u dont declare it. Also i prefer collective over the traditional form.

Answer 2

You'll get a 419 error because the CSRF field is not present in the form request. The Laravel Form package will automatically add this for you but in a standard HTML form you will have to add it yourself. Thankfully, this is very simple. Inside your <form> block you just need to add @csrf e.g.

<h1>Create Post</h1>
<form action="/posts" method="post" enctype="multipart/form-data">

    @csrf

    <div class="form-group">
        <label>Title</label>
        <input type="text" class="form-control" name="title">
    </div>
    <div class="form-group">
        <label>Body</label>
        <textarea name="body" id="article-ckeditor" class="form-control" cols="30" rows="10"></textarea>
    </div>
    <input type="submit" value="Submit">
</form>

CSRF docs

---

A note to anyone using Laravel 5.5 or lower, you will need to use {{ csrf_field() }} instead or @csrf.