in this course we will learn Laravel Eloquent Cheatsheet - everything you need to know ,How to order a Laravel hasMany relationship?,A list of operators on Eloquent's where() method,How to provide a default model object for relationships?,How to prevent Eloquent from adding created_at or updated_at timestamps?,How to undelete a soft deleted Eloquent row?,How to generate an array for a dropdown (with ['key' => 'value']) suitable for a dropdown, from a Laravel collection of Eloquent objects?
How to Application protection From XSS Exploit is a well-known vulnerability in a web app whereby an attacker can inject client-side code into a web page. This is can be done through user input areas such as search boxes, comments, posts, etc.
There are two types of XSS Exploits.
In non-persistent mode, the malicious code is not permanent. Imagine a search box that returns results in response to the search query when the user clicks the Search button. If an attacker were to inject code in the search box, it would be executed only once (in response to the process of displaying the search results). A simple page refresh will wipe out the malicious code.
In persistent mode, the Injected malicious code is permanent. Suppose we have a website similar to 4chan, where anyone can create and read posts. An attacker injects the code to initiate the attack. Since the post is saved (so that future visitors can read it), it will be executed every time someone lands on the page with the infected code.
Validation is defined as the process of ensuring your application is using correct data. For example, if you want to validate age, the field should contain integers only. Likewise, phone numbers should also consist of numbers exclusively. We can also validate by the length of the input. For example it would make sense to limit the age field in an app to 3 digits or Phone Numbers to be between 10-14 digits.
Sanitization is the process of cleaning data to make it safe. By removing any unnecessary characters, we can make sure data is validated and safe for use in the input fields.
I have created a very simple to-do app using the Laravel Docs. The user could add and delete tasks in the app. I will not use controllers for such a small app and instead will create the functions directly in the routes.php file.