Form Method Spoofing
Create new project using below command in laravel
composer create-project --prefer-dist laravel/laravel blog
Create route to connect between controller and blade files
Route::get('/user', 'demoController@index');
Create controller and call blade file
php artisan make:controller demoController
Now open demoController file and implement code as below
<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
class demoController extends Controller
{
public function index()
{
return view('index');
}
}
The value sent with the _method field will be used as the HTTP request method:
<form action="/user/values" method="POST">
<input type="hidden" name="_method" value="PUT">
<input type="hidden" name="_token" value="{{ csrf_token() }}">
</form>
You may use the @method
Blade directive to generate the _method
input:
Example(1)
Open Index.blade.php and implement code as below
<!DOCTYPE html>
<html>
<head>
<title>Form Method Spoofing In laravel</title>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css">
</head>
<body>
<div class="container">
<div class="text-center">
<h1>Form Method Spoofing In Laravel</h1>
</div>
<div class="form-group col-sm-8">
<div class="well">
<form method="post" action="/user/values" method="POST">
@csrf
@method('PUT')
<div class="form-group col-sm-12">
<label>Name</label>
<input class="form-control" type="text" name="Name" value="">
</div>
<div class="form-group col-sm-12">
<label>Description</label>
<input class="form-control" type="text" name="" value="">
</div>
<div class="form-group text-center">
<input class="btn btn-primary" type="submit" value="Update" >
</div>
</form>
<div class="form-group col-sm-2"></div>
</div>
</div>
<br>
</div>
</body>
</html>