In my project I use Lumen and I want to implement some kind of validation for my GET request.
The example URL would look like this:
[URL]/blubb/bla?tags[]=1&tags[]=2
In my code I validate the URL like this:
public function handleRequest(Request $request)
{
try {
$validatedData = $this->validate($request, [
'tags' => 'nullable|array'
]);
} catch (ValidationException $th) {
// return Error.
}
// go on.
}
My problem is that if a user uses an URL like this one, the validation does not trigger and the "go on." part is called.
[URL]/blubb/bla?invalidParameter=1
Is there a way to only allow a single "kind" of GET Parameter?
EDIT: The "tags" is nullable because my API endpoint can be called without any GET parameters.
You could get the full array with $request->all() and have a look at the keys.
$paramValidation = $request->all()
unset $paramValidation['tags'];
if (count($paramValidation)) {
// error
}
However, maybe you just want to ignore other params. Have a look at the method $request->validated().