Laravel 5.5 MassAssignmentException
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/46969131/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Laravel 5.5 MassAssignmentException
提问by Dion Pool
I'm following the Laravel From Scratch tutorial series, I'm currently at the part that you are creating a comment system for your articles system. But I'm having a problem, I don't really know what the error is saying at this point.
我正在关注 Laravel From Scratch 教程系列,我目前正在为您的文章系统创建评论系统。但是我遇到了问题,此时我真的不知道错误在说什么。
The error:
错误:
Illuminate\Database\Eloquent\MassAssignmentException
body
The comment model:
评论模型:
<?php
namespace App;
use Illuminate\Database\Eloquent\Model;
class Comment extends Model
{
public function post()
{
return $this->belongsTo(Post::class);
}
}
The post model:
岗位模型:
<?php
namespace App;
class Post extends Model
{
public function comments()
{
return $this->hasMany(Comment::class);
}
public function addComment($body)
{
$this->comments()->create(compact('body'));
}
}
The route I made:
我做的路线:
Route::post('/posts/{post}/comments', 'CommentsController@store');
The comments controller:
评论控制器:
<?php
namespace App\Http\Controllers;
use App\Post;
class CommentsController extends Controller
{
public function store(Post $post)
{
$post->addComment(request('body'));
return back();
}
}
Thanks in advance!
提前致谢!
回答by festie
Explanation of this error
此错误的解释
This is a security feature of Laravel. It is designed to protect you against form manipulation when using mass assignments.
这是 Laravel 的一个安全特性。它旨在保护您在使用批量分配时免受表单操纵。
For example on a sign-up form: When you have an is_admincolumn in your database, a user simply could manipulate your form to set is_adminto trueon your server, and therefore in your database. This security feature prevents that by using a whitelist to define safe fields.
例如在注册表单上:当您is_admin的数据库中有一个列时,用户可以简单地操作您的表单is_admin以true在您的服务器上设置为,因此在您的数据库中。此安全功能通过使用白名单来定义安全字段来防止这种情况发生。
How to fix that
如何解决这个问题
You need to set a $fillableproperty on your model. It's value must be an array containing all fields that are safe to mass assignable (like username, email address, ...).
您需要$fillable在模型上设置一个属性。它的值必须是一个数组,包含所有可安全分配的字段(如用户名、电子邮件地址等)。
<?php
namespace App;
use Illuminate\Database\Eloquent\Model;
class Comment extends Model
{
# This property!
protected $fillable = ['body'];
// ...
}
See "Mass assignment" in the docs: https://laravel.com/docs/5.5/eloquent#mass-assignment
请参阅文档中的“批量分配”:https: //laravel.com/docs/5.5/eloquent#mass-assignment
回答by Asur
Mass assignment is when you send an array to the model creation, basically setting a bunch of fields on the model in a single go, rather than one by one, something like what you did here:
批量分配是当您将数组发送到模型创建时,基本上是一次性在模型上设置一堆字段,而不是一个一个,就像您在此处所做的那样:
public function addComment($body)
{
$this->comments()->create(compact('body'));
}
You need to add the field you are populating to the fillable array in Comments.phpmodel:
您需要将要填充的字段添加到Comments.php模型中的可填充数组中:
<?php
namespace App;
use Illuminate\Database\Eloquent\Model;
class Comment extends Model
{
protected $fillable = ['body'];
public function post()
{
return $this->belongsTo(Post::class);
}
}
As the documentation states:
正如文档所述:
You may also use the create method to save a new model in a single line. The inserted model instance will be returned to you from the method. However, before doing so, you will need to specify either a fillable or guarded attribute on the model, as all Eloquent models protect against mass-assignment by default.
您还可以使用 create 方法将新模型保存在一行中。插入的模型实例将从该方法返回给您。但是,在这样做之前,您需要在模型上指定可填充或受保护的属性,因为所有 Eloquent 模型默认情况下都会防止批量分配。
Hope this helps you.
希望这对你有帮助。
