1

In my Laravel blade template, I have a table in which I want to add another column after this code

<td>{{format_price($mission->amount)}}</td>

I added this :

    @php
        $amount_to_be_collected = DB::table('shipments')
        ->select('amount_to_be_collected')
        ->where('mission_id', $mission->id)
        ->get();
    @endphp

<td>{{format_price($amount_to_be_collected)}}</td>

What is wrong with this code?

Improve this question
9
  • @groovy_guy there is no difference (sql injection wise) between a code in the blade and one in the controller. both are server side (if that is what you though of). Commented Oct 30, 2021 at 9:45
  • $amount_to_be_collected is collection. Commented Oct 30, 2021 at 9:47
  • @Abdelouahad Elfihri it would be better if your mention problem you facing error anything? Commented Oct 30, 2021 at 9:50
  • @groovy_guy it still not open to SQL injection since he is using the eloquent query builder and not a raw statement. Being in the blade or the controller has nothing to do with this type of vulnerabilities Commented Oct 30, 2021 at 9:52
  • 1
    @groovy_guy yeah, using @php --- @endphp is no good in the blade and putting a query in the blade is very bad. but nothing to do with SQL injection Commented Oct 30, 2021 at 9:56

2 Answers 2

Reset to default
2

First of all, You should not put DB query code in your blade.

Now, when you run a query using eloquent and call get(), the response is a Collection::class instance that can be treated as an array but cannot be automatically transformed into a number/string.

If you only need the value of on field for one entry, use value() instead.

$amount_to_be_collected = DB::table('shipments')
    ->where('mission_id', $mission->id)
    ->value('amount_to_be_collected');
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

thanks millions times brother it works
0

Note: It is not good to use db queries in blade views, you can also use helper

Try this before using DB facade you need to call this class in blade view Running Database Queries

use Illuminate\Support\Facades\DB;
Improve this answer

1 Comment

Laravel has an alias for the DB facade on the root namespace, you can use \DB directly

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.