An easy to use request sanitizer that allows you to sanitize your form data before validating it.
arondeparon/laravel-request-sanitizer is a Laravel package for an easy to use request sanitizer that allows you to sanitize your form data before validating it..
It currently has 112 GitHub stars and 160.005 downloads on Packagist (latest version 6.2.0).
Install it with composer require arondeparon/laravel-request-sanitizer.
Discover more Laravel packages by arondeparon
or browse all Laravel packages to compare alternatives.
Last updated
The arondeparon/laravel-request-sanitizer package provides a fluent interface to sanitize form requests before validating them.
Often, validating your request is not enough. The request sanitizer allows you to easily
manipulate your form data before passing it to the validator. You can start using it in a matter
of minutes and it is fully compatible with Laravel's FormRequest object.
Syntax is similar to the way rules are added to a Form Request.
class StoreCustomerInformationRequest extends FormRequest
{
use SanitizesInputs;
protected $sanitizers = [
'lastname' => [
Capitalize::class,
],
'mobile_phone' => [
RemoveNonNumeric::class
],
];
}
composer require arondeparon/laravel-request-sanitizer
SanitizesInputs trait to your form request.$sanitizers
property of your form request.The sanitizer supports wildcard patterns in your form keys, allowing you to apply sanitizers to multiple fields that match a pattern. This is particularly useful when dealing with arrays or nested data structures.
class StoreUsersRequest extends FormRequest
{
use SanitizesInputs;
protected $sanitizers = [
// Apply to all email fields in the users array
'users.*.email' => [
Lowercase::class,
TrimDuplicateSpaces::class
],
// Apply to all name fields in the users array
'users.*.name' => [
Capitalize::class
],
// Multiple wildcards for deeply nested structures
'departments.*.employees.*.email' => [
Lowercase::class
]
];
}
Example input:
$request = [
'users' => [
['email' => '[email protected]', 'name' => 'john doe'],
['email' => '[email protected]', 'name' => 'jane smith']
],
'departments' => [
'sales' => [
'employees' => [
['email' => '[email protected]'],
['email' => '[email protected]']
]
]
]
];
After sanitization:
$sanitized = [
'users' => [
['email' => '[email protected]', 'name' => 'John Doe'],
['email' => '[email protected]', 'name' => 'Jane Smith']
],
'departments' => [
'sales' => [
'employees' => [
['email' => '[email protected]'],
['email' => '[email protected]']
]
]
]
];
The wildcard pattern (*) will match any single segment in the dot notation path. You can use multiple wildcards to match nested structures at any depth.
Trim - simple PHP trim() implementationTrimDuplicateSpaces replaces duplicate spaces with a single space.RemoveNonNumeric - removes any non numeric characterCapitalize - capitalizes the first character of a stringUppercase - converts a string to uppercaseLowercase - converts a string to lowercaseFilterVars - simple PHP filter_var sanitizerCarbonDate - cast a string to a Carbon objectThe FilterVars sanitizer acts as a wrapper of the default PHP filter_var function.
It accepts the same (optional) parameters as the original function.
Both parameters can be either an array or string type:
{
protected $sanitizers = [
'last_name' => [
FilterVars::class => [
'filter' => FILTER_SANITIZE_STRING,
'options' => FILTER_FLAG_STRIP_BACKTICK
]
]
];
}
For more information on filter_vars please refer to https://www.php.net/manual/en/function.filter-var.php.
Writing your own sanitizer can be done by implementing the Sanitizer interface, which requires only
one method.
interface Sanitizer
{
public function sanitize($input);
}
$ composer test
The MIT License (MIT). Please see License File for more information.
