Form Request Validation with Laravel Validator

Reading time: 6m

Form Requests are a great tool in Laravel to cut down on development time and having to do messy finite state machine matching, regular expression replacements, and so forth.  This tutorial will teach you how to create and have a little fun with validating your forms.

First, you’ll need to open up Terminal, PuTTy, or your favorite SSH client, and change directories to your Laravel project root.  This is where you’d see the “app”, “config”, and “resources” directories listed.  From there, we’ll use Artisan to create a request with make:request

php artisan make:request ContactFormRequest

This will create app/Http/Requests/ContactFormRequest.php which we can modify to suit our needs.  This file is a class that extends FormRequest, and we can add validation rules into the rules method.  Here’s what the class looks like when generated:

<?php

namespace App\Http\Requests;

use Illuminate\Foundation\Http\FormRequest;

class ContactFormRequest extends FormRequest
{
 /**
 * Determine if the user is authorized to make this request.
 *
 * @return bool
 */
 public function authorize()
 {
 return false;
 }

/**
 * Get the validation rules that apply to the request.
 *
 * @return array
 */
 public function rules()
 {
 return [
 //
 ];
 }
}

What we could do is, if we know the name property of the form elements that we’re expecting to be submitted, we can write rules to validate them by returning an array (as the phpdoc states), by removing the “//” inside of the array brackets in the above rules method.

return [
    'name'  => 'required|string|min:7|max:50',
    'email' => 'required|string|email|min:7|max:35',
    'phone' => 'required|min:10|max:20|regex:/^\+?[\d\s-\(\)x]+$',
    'message' => 'required|string|min:30'
];

The above rules state that:

  • name is required
    • Must be a string
    • Must be between 7 and 50 characters in length
  • email is required
    • Must be a string
    • Must be formatted like an email address
    • Must be between 7 and 35 characters in length
  • phone is required
    • Must be between 10 and 20 characters in length
    • Optional + at the beginning
    • May contain digits (0-9), spaces (\s), parenthesis \(\), and x as shorthand for phone extension
  • message is required
    • Must be a string
    • Must be greater than or equal to 30 characters in length

Now, in our controller(s) that we want to use this for, we can inject a type-hinted dependency into the method arguments:

<?php

namespace App\Http\Controllers;

class AboutController extends Controller {
  public function postContactUs(ContactFormRequest $request)
  {
     $name  = $request->input('name');
     $email = $request->input('email');
     // ...
     // Things to do if ContactFormRequest validates
     // ...
  }
}

You’ve now moved the validation logic from your Controller to a Request, which means all of your form variable assignments are filtered, and only if all of the form validation passes.  There’s lots more things you can do with the Validator class, but that’s left as an exercise for the reader.

Leave a Reply

Your email address will not be published. Required fields are marked *