Hello im creating a app that haves 2 type of users (employer, jobseeker), but i have a security issue (html injection), in my form i have a hidden field that calls "account_type_id" where i in the AuthController check the type of account, and depending of the account type i validate or create this type of user data. At first i wanted to use in the same controller the registration of different users, but now im not quite sure how i could check in the AuthController wich type of user is being register, the only difference i notice in both of them is that they use different routes where each one use different register forms.
How could i check wich type of user being register without using hidden fields on the form?
Example code:
AuthController:
protected function validator(array $data)
{
$accountType = AccountType::find($data['account_type_id']);
if($accountType->name === "employer"){
return Validator::make($data, [
//employer validation
]);
}else{
return Validator::make($data, [
//candidate validation
...
]);
}
}
/**
* Create a new user instance after a valid registration.
*
* @param array $data
* @return User
*/
protected function create(array $data)
{
// Check type of account
$accountType = AccountType::find($data['account_type_id']);
if($accountType->name === "employer"){
//employer create
}else{
//Candidate user create
}
return $user;
}
from Newest questions tagged laravel-5 - Stack Overflow http://ift.tt/2jRf2qZ
via IFTTT
Aucun commentaire:
Enregistrer un commentaire