Reputation: 3
I'm trying to set up a simple CMS in laravel where blog posts can be created and saved in a database. I've been following a YouTube tutorial which uses the Resource Controller and it's working fine. However the tutorial series uses the laravel-Forms to pass parameters to the Controller which is deprecated, because of this I tried replacing the laravel-Form with a regular html-Form but I can't get it to work.
The particular series and part of it I'm talking about is this one: https://www.youtube.com/watch?v=-QapNzUE4V0&index=7&list=PLillGF-RfqbYhQsN5WMXy6VsDMKGadrJ-
I will paste the "create" view which contains the form that I'm talking about underneath, and then the one I replaced it with which is not working.
<h1>Create Post</h1>
{!! Form::open(['action' => 'PostsController@store', 'method' => 'POST', 'enctype' => 'multipart/form-data ']) !!}
<form action="/posts" method="post" enctype="multipart/form-data">
<div class="form-group">
{{Form::label('title', 'Title')}}
{{Form::text('title', '', ['class' => 'form-control', 'placeholder' => 'Title'])}}
</div>
<div class="form-group">
{{Form::label('body', 'Body')}}
{{Form::textarea('body', '', ['id' => 'article-ckeditor', 'class' => 'form-control', 'placeholder' => 'Body Text'])}}
</div>
{{Form::submit('Submit', ['class'=>'btn btn-primary'])}}
{!! Form::close() !!}
So this is the one from the tutorial which is working fine, it passes all parameters from the form to the store function in the Controller. But when I use this type of form instead:
<h1>Create Post</h1>
<form action="/posts" method="post" enctype="multipart/form-data">
<div class="form-group">
<h1>Title<h1>
<input type="text" class="form-control" name="title">
</div>
<div class="form-group">
<h1>Body</h1>
<textarea name="body" id="article-ckeditor" class="form-control" cols="30" rows="10"></textarea>
</div>
<input type="submit" value="Submit">
</form>
It will direct me to /posts and simply say "Error 419 - Your session has expired" and no data will be stored in the database.
Here you can see my store function in the Controller:
public function store(Request $request)
{
$this->validate($request, [
'title' => 'required',
'body' => 'required',
]);
// Create Post
$post = new Post;
$post->title = $request->input('title');
$post->body = $request->input('body');
$post->save();
return redirect('/posts')->with('success', 'Post Created');
}
Thank you for reading! I appreciate any help!
Upvotes: 0
Views: 41
Reputation: 72
You can import laravel collective which is a seperate package now. I'm inserting the link here.
As for a normal form like yours to work u need to add a csrf field. Laravel collective has the advantage here as it automatically adds this field even if u dont declare it. Also i prefer collective over the traditional form.
Upvotes: 0
Reputation: 35220
You'll get a 419 error because the CSRF field is not present in the form request. The Laravel Form package will automatically add this for you but in a standard HTML form you will have to add it yourself. Thankfully, this is very simple. Inside your <form>
block you just need to add @csrf
e.g.
<h1>Create Post</h1>
<form action="/posts" method="post" enctype="multipart/form-data">
@csrf
<div class="form-group">
<label>Title</label>
<input type="text" class="form-control" name="title">
</div>
<div class="form-group">
<label>Body</label>
<textarea name="body" id="article-ckeditor" class="form-control" cols="30" rows="10"></textarea>
</div>
<input type="submit" value="Submit">
</form>
A note to anyone using Laravel 5.5 or lower, you will need to use {{ csrf_field() }}
instead or @csrf
.
Upvotes: 3