Laravel Idea for PhpStorm - Full-featured IDE for productive artisans!

Prohibited Validation Rules in Laravel

Published on by

Prohibited Validation Rules in Laravel image

Laravel 8 now has three validation rules for prohibited fields, including prohibited_if, prohibited_unless, and prohibited. Let's walk through a few examples of where the prohibited* validation rules might be useful, and look at each one in more detail.

Prohibited If and Unless

Jess Archer contributed the prohibited if/unless validation rules released in Laravel Laravel 8.32. The basic idea of "prohibited" validation rules is that a given field should be prohibited from having data if another field is present or if a field should be allowed in a request at all.

Here's the example Jess provided in the pull request for this feature, which illustrates perfectly how to use this rule to explicitly prevent contradictory input:

Validator::validate([
'is_deceased' => false,
'date_of_death' => '2021-03-09'
], [
'date_of_death' => 'prohibited_unless:is_deceased,true'
]);

Another example might be someone accepting terms of service that has identified as a minor. Perhaps the application requires a parental registration to consent on their behalf:

Validator::validate([
'is_minor' => true,
'tos_accepted' => true
], [
'tos_accepted' => 'prohibited_if:is_minor,true'
]);

Prohibited Validation Rule

After Laravel 8.32, Philo Hermans contributed a prohibited rule in Laravel 8.34 which ensures that an input is not present when validating:

// PUT /api/licenses/123-456
// {"name":"hello-world", "key":"random-key"}
 
$validated = $request->validate([
'name' => 'required|max:255',
'key' => 'prohibited',
]);
 
// Response: 422
// The key field is prohibited

The above is a good example where a user might expect to update an API key by sending a PUT request to a resource. In a typical application, that field is likely ignored during the request. However, a successful response might lead the user to believe they were able to update the key when in reality, the API ignored it. The prohibited rule will clarify that this field is not allowed and is considered immutable.

Learn More

The list of available validation rules is an excellent resource to see available rules and how to use them.

You can always go for custom validation objects to craft custom validation rules if you run into a situation where the built-in rules don't quite suit your needs.

Laravel has extensive Validation documentation that should bring you up-to-speed on everything related to validating input from users. Also, if you're new to Laravel, Laracasts has a Form Validation Essentials video (likely getting updating to Laravel 8 soon) that will help you immensely in visualizing how validation works.

Paul Redmond photo

Staff writer at Laravel News. Full stack web developer and author.

Cube

Laravel Newsletter

Join 40k+ other developers and never miss out on new tips, tutorials, and more.

Laravel Forge logo

Laravel Forge

Easily create and manage your servers and deploy your Laravel applications in seconds.

Laravel Forge
Tinkerwell logo

Tinkerwell

The must-have code runner for Laravel developers. Tinker with AI, autocompletion and instant feedback on local and production environments.

Tinkerwell
No Compromises logo

No Compromises

Joel and Aaron, the two seasoned devs from the No Compromises podcast, are now available to hire for your Laravel project. ⬧ Flat rate of $7500/mo. ⬧ No lengthy sales process. ⬧ No contracts. ⬧ 100% money back guarantee.

No Compromises
Kirschbaum logo

Kirschbaum

Providing innovation and stability to ensure your web application succeeds.

Kirschbaum
Shift logo

Shift

Running an old Laravel version? Instant, automated Laravel upgrades and code modernization to keep your applications fresh.

Shift
Bacancy logo

Bacancy

Supercharge your project with a seasoned Laravel developer with 4-6 years of experience for just $2500/month. Get 160 hours of dedicated expertise & a risk-free 15-day trial. Schedule a call now!

Bacancy
Lucky Media logo

Lucky Media

Get Lucky Now - the ideal choice for Laravel Development, with over a decade of experience!

Lucky Media
Lunar: Laravel E-Commerce logo

Lunar: Laravel E-Commerce

E-Commerce for Laravel. An open-source package that brings the power of modern headless e-commerce functionality to Laravel.

Lunar: Laravel E-Commerce
LaraJobs logo

LaraJobs

The official Laravel job board

LaraJobs
SaaSykit: Laravel SaaS Starter Kit logo

SaaSykit: Laravel SaaS Starter Kit

SaaSykit is a Multi-tenant Laravel SaaS Starter Kit that comes with all features required to run a modern SaaS. Payments, Beautiful Checkout, Admin Panel, User dashboard, Auth, Ready Components, Stats, Blog, Docs and more.

SaaSykit: Laravel SaaS Starter Kit
Rector logo

Rector

Your partner for seamless Laravel upgrades, cutting costs, and accelerating innovation for successful companies

Rector
MongoDB logo

MongoDB

Enhance your PHP applications with the powerful integration of MongoDB and Laravel, empowering developers to build applications with ease and efficiency. Support transactional, search, analytics and mobile use cases while using the familiar Eloquent APIs. Discover how MongoDB's flexible, modern database can transform your Laravel applications.

MongoDB

The latest

View all →
The Inertia.js v2 Beta is Here image

The Inertia.js v2 Beta is Here

Read article
Mastering Laravel, No Compromises, and SourceDive with Joel Clermont image

Mastering Laravel, No Compromises, and SourceDive with Joel Clermont

Read article
Now you can install PHP and the Laravel installer with a single command image

Now you can install PHP and the Laravel installer with a single command

Read article
WireSpy is a Sleek New Debug Bar for Laravel Livewire image

WireSpy is a Sleek New Debug Bar for Laravel Livewire

Read article
The Laracon AU schedule is now live image

The Laracon AU schedule is now live

Read article
Supercharge PhpStorm with Laravel Idea image

Supercharge PhpStorm with Laravel Idea

Read article