form validation for member editing

added some form validation in the member controller to make sure all necessary info is provided before editing/creating member
2024-09-29 16:11:50 -06:00 · 2024-09-29 16:11:50 -06:00 · 098cd72186
commit 098cd72186
parent 31f45c4af5
1 changed files with 46 additions and 14 deletions
--- a/app/Http/Controllers/MemberController.php
+++ b/app/Http/Controllers/MemberController.php
@ -76,12 +76,21 @@ class MemberController extends Controller
        //check if logged in member id matches profile request id
        $member = Auth::user();
        if ($member->uuid == $request->id) {
+            //validate required fields
+            $valid = $request->validate([
+                'handle' => ['required'],
+                'email'  => ['required'],
+            ]);
+            if ($valid) {
                $response = $this->member->editProfile($request);
                if ($response['status'] == true) {
                    return back()->with('message', $response['message']);
                } else {
                    return back()->withErrors([$response['message']]);
                }
+            } else {
+                return back()->withErrors(['Misssing some required info, homie.']);
+            }
        } else {
            return back()->withErrors(['This is not your profile to edit.']);
        }
@ -92,13 +101,23 @@ class MemberController extends Controller
        $token = csrf_token();
        //role check
        $member = Auth::user();
-        if ($member->role == 0 || $member->role == 1) {
+        if ($member->role == 0) {
+            $valid = $request->validate([
+                'handle' => ['required'],
+                'email'  => ['required'],
+                'role'   => ['required']
+            ]);
+
+            if ($valid) {
                $response = $this->member->edit($request);
                if ($response['status'] == true) {
                    return back()->with('message', $response['message']);
                } else {
                    return back()->withErrors([$response['message']]);
                }
+            } else {
+                return back()->withErrors(['Misssing some required info, homie.']);
+            }
        } else {
            return back()->withErrors(['Nah, you can\'t do this. Wrong permissions.']);
        }
@ -108,13 +127,26 @@ class MemberController extends Controller
    {
        $token  = csrf_token();
        $member = Auth::user();
-        if ($member->role == 0 || $member->role == 1) {
+        if ($member->role == 0) {
+            $valid = $request->validate([
+                'handle'             => ['required'],
+                'email'              => ['required'],
+                'role'               => ['required'],
+                'pronouns'           => ['required'],
+                'fresh_pass'         => ['required'],
+                'fresh_pass_confirm' => ['required'],
+            ]);
+
+            if ($valid) {
                $response = $this->member->add($request);
                if ($response['status'] == true) {
                    return redirect('/den/member')->with('message', $response['message']);
                } else {
                    return back()->withErrors([$response['message']]);
                }
+            } else {
+                return back()->withErrors(['Misssing some required info, homie.']);
+            }
        } else {
            return back()->withErrors(['Nah, you can\'t do this. Wrong permissions.']);
        }