Is there any way to add an optional parameter in the middle of a route ?
Example routes:
/things/entities/
/things/1/entities/
I tried this, but it does not work:
get('things/{id?}/entities', 'MyController@doSomething');
I know I can do this...
get('things/entities', 'MyController@doSomething');
get('things/{id}/entities', 'MyController@doSomething');
... but my question is: Can I add an optional parameter in the middle of a route?
Recommended approach if you put here only methods (not classes):
In composer.json make sure you add this file to files key inside autoload like this:
"autoload": {
// here other autoload things
"files": ["app/Helpers/AnythingHelper.php"]
},
Run composerdump-autoload`
For classes obviously you should use standard PSR-4 autoloading
The "illuminate/html" component is no more supported by Laravel and is not compatible with the 5.2 version.
You can replace it with laravelcollective/html
You have to:
remove the reference of "illuminate/html": "^5.0@dev", from composer.json
add "laravelcollective/html": "5.1.*" (or the version you want)
run composer update to update the dependecies (this will remove your "illuminate/html" component and install the "laravelcollective/html" component
Now you have to replace your HTML service provider with:
'providers' => [
CollectiveHtmlHtmlServiceProvider::class,
],
and the facades:
'aliases' => [
'Form' => CollectiveHtmlFormFacade::class,
'Html' => CollectiveHtmlHtmlFacade::class,
],
Man-in-the-middle attacks on SSL are really only possible if one of SSL's preconditions is broken, here are some examples;
The server key has been stolen - means the attacker can appear to be the server, and there is no way for the client to know.
The client trusts an untrustworthy CA (or one that has had it's root key stolen) - whoever holds a trusted CA key can generate a certificate pretending to be the server and the client will trust it. With the number of CAs pre-existing in browsers today, this may be a real problem. This means that the server certificate would appear to change to another valid one, which is something most clients will hide from you.
The client doesn't bother to validate the certificate correctly against its list of trusted CA's - anyone can create a CA. With no validation, "Ben's Cars and Certificates" will appear to be just as valid as Verisign.
The client has been attacked and a fake CA has been injected in his trusted root authorities - allows the attacker to generate any cert he likes, and the client will trust it. Malware tends to do this to for example redirect you to fake banking sites.
Especially #2 is rather nasty, even if you pay for a highly trusted certificate, your site will not be in any way locked to that certificate, you have to trust all CAs in the client's browser since any of them can generate a fake cert for your site that is just as valid. It also does not require access to either the server or the client.
My thoughts are along similar lines to Niko's idea. However, I would suggest placing the 2nd .+? inside the optional group instead of the first, as follows:
%interestingbit%.+?(?:(?<optionalCapture>OPTIONAL_THING).+?)?%anotherinterestingbit%
This avoids unnecessary backtracking. If the first .+? is inside the optional group and OPTIONAL_THING does not exist in the search string, the regex won't know this until it gets to the end of the string. It will then need to backtrack, perhaps quite a bit, to match %anotherinterestingbit%, which as you said will always exist.
Also, since OPTIONAL_THING, when it exists, will always be before %anotherinterestingbit%, then the text after it is effectively optional as well and fits more naturally into the optional group.
No. Optional parameters need to go to the end of the route, otherwise Router wouldn't know how to match URLs to routes. What you implemented already is the correct way of doing that:
You could try doing it with one route:
and pass * or 0 if you want to fetch entities for all things, but I'd call it a hack.
There are some other hacks that could allow you to use one route for that, but it will increase the complexity of your code and it's really not worth it.