Luna Luna -4 years ago 122
PHP Question

Allow users to post url link in bio with Laravel and mysql

Question is How do I safely allow users to submit a url link or several url links in their bio,then output it to the view, similar to how Instagram allows in their bios. I'm thinking of maybe doing some sort of regular expression , search the bio text and output to view, but don't know how to safely do it without compromising my site's security:

I'm saving the bio in my users table as varchar with a length of 255

I'm validating then saving to my database like so :

$this->validate($request, [
'name' => 'regex:/^[\pL\s]+$/u|max:20', //change to allow numbers also July 14/16
'bio' => 'max:1000',

then saving to db

if ($request->has('bio')) {
$user->bio= $request->input('bio');

Answer Source

There's no point in trying to do this in PHP. Instead, store the bio as-is, and you can use a library like Autolinker.js on the client side to automatically generate the hyperlink from the text.

Since your only intention here is purely UI-driven, it's pointless to try and extract the links in PHP causing the surjective dilemma that ensues.

Say the user supplies a bio like the following...

Hi, I'm Bob! My website is!

You store that as is in your database. When it comes time to output the data to the client, you can use javascript to transform it with Autolinker.js and update the DOM like so...

$userBio = json_encode($db->getUserBio());

var bio = <?=$userBio?>;
var linkedText = bio, { className: "myLink" } );

  "Hi, I'm Bob! My website is <a class="myLink myLink-url" href="" target="_blank"></a>!"
Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download