fix

c7f5f45a · 彭世瑜 · efcb9af9 · c7f5f45a · c7f5f45a · c7f5f45a
Showing with 142 addition and 1 deletion

blog/laravel/csrf.md blog/laravel/csrf.md +46 -0

blog/laravel/database.md blog/laravel/database.md +87 -0

blog/laravel/index.md blog/laravel/index.md +4 -0

blog/laravel/route.md blog/laravel/route.md +5 -1

未找到文件。
--- a/blog/laravel/csrf.md
+++ b/blog/laravel/csrf.md
+# 表单伪造和 CSRF 保护
+表单提交会出现419错误
+```html
+<form action="/task/getform" method="post"> 
+    用户名:<input type="text" name="user">
+    <button type="submit">提交</button>
+</form>
+```
+csrf_token
+```html
+<!-- CSRF令牌保护 -->
+<input type="hidden" name="_token" value="{{csrf_token()}}">
+<!-- 修改提交方式 -->
+<input type="hidden" name="_method" value="PUT">
+<!-- 快捷方式 -->
+@csrf
+@method('PUT')
+```
+配置白名单
+```php
+<?php
+namespace App\Http\Middleware;
+use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as Middleware;
+class VerifyCsrfToken extends Middleware
+{
+    /**
+     * The URIs that should be excluded from CSRF verification.
+     *
+     * @var array<int, string>
+     */
+    protected $except = [
+        'api/*'
+    ];
+}
+```
--- a/blog/laravel/database.md
+++ b/blog/laravel/database.md
+# 数据库
+操作数据库的方式：
+1. 原生
+2. 查询构造器
+3. EloquentORM(关系型对象映射器)
+## 数据库配置
+config/database.php
+```php
+<?php
+return [
+    'default' => env('DB_CONNECTION', 'mysql'),
+    'connections' => [
+        'mysql' => [
+            'driver' => 'mysql',
+            'url' => env('DATABASE_URL'),
+            'host' => env('DB_HOST', '127.0.0.1'),
+            'port' => env('DB_PORT', '3306'),
+            'database' => env('DB_DATABASE', 'forge'),
+            'username' => env('DB_USERNAME', 'forge'),
+            'password' => env('DB_PASSWORD', ''),
+            'unix_socket' => env('DB_SOCKET', ''),
+            'charset' => 'utf8mb4',
+            'collation' => 'utf8mb4_unicode_ci',
+            'prefix' => '',
+            'prefix_indexes' => true,
+            'strict' => true,
+            'engine' => null,
+            'options' => extension_loaded('pdo_mysql') ? array_filter([
+                PDO::MYSQL_ATTR_SSL_CA => env('MYSQL_ATTR_SSL_CA'),
+            ]) : [],
+        ],
+    ],
+];
+```
+.env 配置数据库
+```bash
+DB_CONNECTION=mysql
+DB_HOST=127.0.0.1
+DB_PORT=3306
+DB_DATABASE=laravel
+DB_USERNAME=root
+DB_PASSWORD=
+```
+## 查询
+### 原生查询
+```php
+DB::select('select * from laravel_user');
+```
+### 查询构造器
+```php
+DB::table('user')->find(19);
+```
+### EloquentORM模型
+创建模型
+```bash
+php artisan make:model Http/Models/User
+```
+查询
+```php
+User::all();
+```
+模型编码规范要求数据表是复数
+强制使用现有的数据表名
+```php
+protected $table = 'user';
+```
+https://www.bilibili.com/video/BV1gE411j78F?p=11&spm_id_from=pageDriver&vd_source=efbb4dc944fa761b6e016ce2ca5933da
\ No newline at end of file
--- a/blog/laravel/index.md
+++ b/blog/laravel/index.md
@@ -21,3 +21,7 @@ dev:
 [安装Laravel编程环境](blog/laravel/install-php.md)
 [Route路由](/blog/laravel/route.md)
+[表单伪造和 CSRF 保护](blog/laravel/csrf.md)
+[数据库](blog/laravel/database.md)
\ No newline at end of file
--- a/blog/laravel/route.md
+++ b/blog/laravel/route.md
@@ -622,4 +622,8 @@ Route::ApiResource('blogs', BlogController::class);
 php artisan make:controller CommentController --api
 ```
-https://www.bilibili.com/video/BV1gE411j78F?p=8&spm_id_from=pageDriver&vd_source=efbb4dc944fa761b6e016ce2ca5933da
+```php
\ No newline at end of file
+// 浅层嵌套
+Route::resource('blogs.comments', 'CommentController')   
+    ->shallow();
+```