php - What is wrong with this form validation

I'm working with Laravel 5.8 and I have made this Controller method for creating some records inside the DB.

public function doTheUpload(Request $request)
{
    try{
        $request->validate([
            'video' => 'nullable|mimes:mp4',
            'video_thumb' => 'required|mimes:jpg,png,jpeg',
            'video_name' => 'required',
            'video_desc' => 'nullable',
            'available_download' => 'nullable',
        ],[
            'video.mimes' => 'video file format is not valid',
            'video_thumb.required' => 'uploading video thumbnail is required',
            'video_name.required' => 'you must enter name of video',
            'video_thumb.mimes' => 'image thumbnail file format is not valid',
        ]);

        // Do the upload process

    }catch(\Exception $e){
        dd($e);
    }
}

But this will not working and return this error:

The given data was invalid.

enter image description here

This is basically because of the form validation requests and when I remove those validations from the method, it will work absolutely fine.

So what is wrong with those form request validation that returns this error?

If you know, please let me know... I would really really appreciate any idea or suggestion from you guys.

Thanks.

Answer

Solution:

When you use Laravel's validation, you should let Laravel handle the errors, because when a rule fails, Laravel automatically throws an exception. So the first advise is no to use a try-catch block in your validation routine.

As Laravel docs states:

Displaying The Validation Errors

So, what if the incoming request parameters do not pass the given validation rules? As mentioned previously, Laravel will automatically redirect the user back to their previous location. In addition, all of the validation errors will automatically be flashed to the session.

In addition, I suggest you not to use validation in the controllers because according to good practices, it is recommended to create separate formRequest for validation, so you should slightly modify you controller to include validator class:

<?php

namespace App\Http\Controllers;

...
use App\Http\Requests\UploadVideoRequest;

...

public function doTheUpload(UploadVideoRequest $request)
{
    /*
    * Here where are calling validation as UploadVideoRequest
    */

    // logic for valid uploaded video
}

Now you have to create a form request, maybe using php artisan make:request UploadVideoRequest This command will create a form request class under app/Http/Requests, and you should fill it as:

<?php

namespace App\Http\Requests;

use Illuminate\Foundation\Http\FormRequest;

class UploadVideoRequest extends FormRequest
{
    /**
     * Determine if the user is authorized to make this request.
     *
     * @return bool
     */
    public function authorize()
    {
        /*
        * here you should check if the user is authorized to upload video 
        * or let in true if anyone can do that
        */
        return true;
    }

    /**
     * Get the validation rules that apply to the request.
     *
     * @return array
     */
    public function rules()
    {
        return [
            'video' => 'nullable|mimes:mp4',
            'video_thumb' => 'required|mimes:jpg,png,jpeg',
            'video_name' => 'required',
            'video_desc' => 'nullable',
            'available_download' => 'nullable',
        ];
    }

    /**
     * Define messages to return if an error is detected.
     *
     * @return array
     */

    public function messages()
    {
        return [
            'video.mimes' => 'video file format is not valid',
            'video_thumb.required' => 'uploading video thumbnail is required',
            'video_name.required' => 'you must enter name of video',
            'video_thumb.mimes' => 'image thumbnail file format is not valid',
        ];
    }

}

By using this approach Laravel is validating user input and managing any error via Exceptions.

Regards.

Answer

Solution:

You must specify exactly what you are validating:

$request->validate([
    'request.video' => 'nullable|mimes:mp4',
    'request.video_thumb' => 'required|mimes:jpg,png,jpeg',
    'request.video_name' => 'required',
    'request.video_desc' => 'nullable',     
    'request.available_download' => 'nullable',
], [
    'request.video.mimes' => 'video file format is not valid',
    'request.video_thumb.required' => 'uploading video thumbnail is required',
    'request.video_name.required' => 'you must enter name of video',
    'request.video_thumb.mimes' => 'image thumbnail file format is not valid',
]);

An example from my codes:

        $requestData = $request->request_data;
        
        // data
        $company_name = $requestData['company_name'];
        $company_type = $requestData['company_type'];
        $company_address = $requestData['company_address'];
        $latitude = $requestData['latitude'];
        $longitude = $requestData['longitude'];
        $company_branch_count = $requestData['company_branch_count'];
        $yes_radio = strval($requestData['yes_radio']);
        $no_radio = strval($requestData['no_radio']);
        $company_contact_user_first_name = $requestData['company_contact_user_first_name'];
        $company_contact_user_last_name = $requestData['company_contact_user_last_name'];
        $company_contact_user_email = $requestData['company_contact_user_email'];
        $company_contact_user_password = $requestData['company_contact_user_password'];
        $company_contact_user_phone = $requestData['company_contact_user_phone'];
        $company_kvkk_ok = strval($requestData['company_kvkk_ok']);
        $shipping_method_yourself = $yes_radio === 'true' && $yes_radio != $no_radio ? 1 : 0;

        if ($company_kvkk_ok == 'false') {
            return json_encode([
                'operation_status' => 'error',
                'error_messages' => 'no',
            ]);
        }

        // Validate
        $validator = Validator::make($request->all(), [
            "request_data.company_name" => "required|string|min:5",
            "request_data.company_type" => "required|in:0,1,2,3,4,5,6,7,8,9,10,11,12",
            "request_data.company_address" => "required",
            "request_data.latitude" => "required",
            "request_data.longitude" => "required",
            "request_data.company_branch_count" => "required|integer",
            "request_data.yes_radio" => "required",
            "request_data.no_radio" => "required",
            "request_data.company_contact_user_first_name" => "required",
            "request_data.company_contact_user_last_name" => "required",
            "request_data.company_contact_user_email" => [
                'required',
                'email',
                Rule::unique('users', 'email')->where(function ($query) use ($company_contact_user_email) {
                    return $query->where('email', $company_contact_user_email);
                }),
                Rule::unique('companies', 'company_contact_user_email')->where(function ($query) use ($company_contact_user_email) {
                    return $query->where('company_contact_user_email', $company_contact_user_email);
                }),
            ],
            "request_data.company_contact_user_password" => "required|min:6",
            "request_data.company_contact_user_phone" => "required",
            "request_data.company_kvkk_ok" => "required",
        ], [
            'request_data.company_name.required' => __('company name required'),
            'request_data.company_name.string' => __('company name must be string'),
            'request_data.company_name.min' => __('company name must be at least 5 characters'),
            'request_data.company_type.required' => __('company type required'),
            'request_data.company_type.in' => __('company type invalid'),
            'request_data.company_address.required' => __('company address required'),
            'request_data.latitude.required' => __('latitude required'),
            'request_data.longitude.required' => __('longitude required'),
            'request_data.company_branch_count.required' => __('company branch count required'),
            'request_data.company_branch_count.integer' => __('company branch count must be integer'),
            'request_data.yes_radio.required' => __('yes radio required'),
            'request_data.no_radio.required' => __('no radio required'),
            'request_data.company_contact_user_first_name.required' => __('company contact user first name required'),
            'request_data.company_contact_user_last_name.required' => __('company contact user last name required'),
            'request_data.company_contact_user_email.required' => __('company contact user email required'),
            'request_data.company_contact_user_email.email' => __('company contact user email invalid'),
            'request_data.company_contact_user_email.unique' => __('email already taken'),
            'request_data.company_contact_user_password.required' => __('company contact user password required'),
            'request_data.company_contact_user_password.min' => __('company contact user password must be at least 6 characters'),
            'request_data.company_contact_user_phone.required' => __('company contact user phone required'),
            'request_data.company_kvkk_ok.required' => __('company kvkk ok required'),
        ]);

        if ($validator->fails()) {
            $messages = $validator->messages();
            return json_encode([
                'operation_status' => 'not_validated',
                'request' => $requestData,
                'messages' => $messages,
            ]);
        }

Source