Restrict input to letters

I use this to restrict keyboard inputs to accept only letters.

This by the way relies on jQuery.

The CSS Selector

<input type="text" class="restrict-to-letters" placeholder="Enter a number here" />

The jQuery

$('.restrict-to-letters').on('keydown',function(e){
  return isLetter(e);
});

The Javascript

function isLetter(event){
  if(event){
    var charCode = (event.which) ? event.which : event.keyCode;
    if(
        (charCode < 65 || charCode > 90) && //key code 65 to 90 is for a-z
        (charCode < 35 || charCode > 40) && //key code 35 to 40 are for navigational keys
        charCode != 8 && //key code for backspace
        charCode != 32 // key code 32 for space
      ){
      return false;
    }
  }
  return true;
}
Advertisements

Laravel 5 – exclude CSRF Verification for specific routes

The Situation

Laravel 5 comes with Crsf Verification set up and active out of the box. This in itself is what I’d describe as pure awesomeness. It means that automatically all your routes are protected from Cross-Site Request Forgery, which is what CSRF stands for, really.

This post nicely explains how the CSRF verification works and actually does give a solution as to how to exclude routes, I came up with my solution because of this post actually  🙂

Take a look at the above mentioned post for a better understanding of how CSRF Verification is done in Laravel

The Problem

Simply, all routes are protected and checked for a CSRF token any time that route is used. That is not necessarily a problem, or the problem.

The problem I had was the fact that my login route was also throwing a TokenMismatchException if the login page was displayed for longer than the session length, or my browser loaded a cached version of the login page when I go to the login URL.

My Solution

I’ll do a little explanation here. In the VerifyCsrfToken Middleware, there’s a handle method that calls the parent handle method of the Illuminate\Foundation\Http\Middleware\VerifyCsrfToken class which it extends. The handle method does it’s checks and either throws the TokenMismatchException or calls a method that adds a cookie to the request and passes it on.

This is what my VerifyCsrfToken.php Middleware looks like now:

<?php namespace App\Http\Middleware; use Closure; use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as BaseVerifier; class VerifyCsrfToken extends BaseVerifier { /** * Array with list of routes to be excluded from the CSRF Verification */ private $excludedRoutes = [ 'auth/login' ]; /** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if( $this->excludedRoute( $request->path() ) ){
          return parent::addCookieToResponse($request, $next($request));
      }

      return parent::handle($request, $next);
  }

  /**
  * Check if a route is excluded from CsrfVerification
  *
  * @param $route The route to check
  * @return boolean
  */
  private function excludedRoute($route){
      for ($i=0; $i < sizeof($this->excludedRoutes); $i++) {
          if($route == $this->excludedRoutes[$i])
              return true;
      }

      return false;
  }

}

What I did here is to add an array, excludedRoutes, to the class and a excludedRoute method which takes a String (the path )as a parameter and returns a boolean telling me whether the route passed to it is part of the excluded routes. If it is, I then return the parent CsrfVerification class’ addCookieToReponse method like it would on a verified route else return the parent’s handle method and that’s it!

Restrict input to numbers

I use this to restrict keyboard inputs to accept only numbers.

This by the way relies on jQuery. Improvements are welcome in the comments.

The CSS Selector

<input type="number" class="restrict-to-numbers" placeholder="Enter a number here" />

The jQuery

$('.restrict-to-numbers').keydown(function (e) {
    return isNumber(e);
});

The JavaScript

function isNumber(event) {
    if (event) {
        var charCode = (event.which) ? event.which : event.keyCode;
        if (charCode != 190 && charCode > 31 &&
            (charCode < 48 || charCode > 57) &&
            (charCode < 96 || charCode > 105) &&
            (charCode < 37 || charCode > 40) &&
             charCode != 110 && charCode != 8 && charCode != 46)
        return false;
    }
    return true;
}