From 46345e6d830e20f4b465327be54dfe0e98ef08df Mon Sep 17 00:00:00 2001 From: Samuel Olu Date: Thu, 20 Oct 2022 19:47:38 +0100 Subject: [PATCH 1/2] make good use of helper function provided in Illuminate/Support --- README.md | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/README.md b/README.md index 3a1b345..4b5baa1 100644 --- a/README.md +++ b/README.md @@ -620,6 +620,30 @@ $apiKey = config('api.key'); [šŸ” Back to contents](#contents) +### **Use helper functionsĀ provided in Illuminate/Support** + +There are numerous helper functionsĀ provided in Illuminate/Support, thisĀ can be used anywhere in the application, instead of trying to invent the wheel by writing your own PHP helpers, which is unsafe and can be challenging. + +Bad: +```php +public function uniqueId() +{ + $str_result = '23456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghjklmnpqrstuvwxyz'; + + $id = substr(str_shuffle($str_result), 0, 24); +} + +Good +public function uniqueId() +{ + .... + $id = Str::random(24); + .... +} +``` + +[šŸ” Back to contents](#contents) + ### **Store dates in the standard format. Use accessors and mutators to modify date format** Bad: From e83530a846becc8ac99d889c9fc2cd2d0380f267 Mon Sep 17 00:00:00 2001 From: Samuel Olu Date: Thu, 20 Oct 2022 19:50:33 +0100 Subject: [PATCH 2/2] remeber to set app debug to true in production --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 4b5baa1..a3abb0c 100644 --- a/README.md +++ b/README.md @@ -686,4 +686,6 @@ Use modern PHP syntax where possible, but don't forget about readability. Avoid using View Composers and similar tools unless you really know what you're doing. In most cases, there is a better way to solve the problem. +After you have doneĀ all you canĀ to secure the application. One final reminder is to make sure you don't forget to setĀ APP_DEBUG=TRUE in theĀ .env file. If you leave the debug mode enabled, hackers will be able to access some private parts of your code as well as configuration information and third-party login credentials. + [šŸ” Back to contents](#contents)