How to revert to previous packages if Laravel’s “composer update” breaks site?

When you run composer update and some packages break after the update, you can revert your project to the previous working state. Here’s how to handle it:

1. Check composer.lock file

After running composer update, the composer.lock file gets updated with the new versions of your dependencies. If things break, you can use Git to revert to the previous composer.lock.

2. Revert composer.lock using Git

If you are using Git and you committed the composer.lock file before running the update, you can easily go back to the previous version of the file. Here’s how:

git checkout HEAD^ composer.lock

This command checks out the previous version of the composer.lock file (the version before the last commit). If you want to revert to a specific commit, use the commit hash instead:

git checkout <commit-hash> composer.lock

3. Reinstall the previous dependencies

After reverting the composer.lock file, you need to install the previous versions of the packages defined in the restored composer.lock:

composer install

Note: Do not use composer update, as this will update the packages again. composer install will install the versions defined in composer.lock.

4. Commit the reverted composer.lock (if necessary)

After confirming that everything works as expected, commit the reverted composer.lock file:

git add composer.lock
git commit -m "Revert composer.lock to previous working state"

5. Lock Specific Package Versions (Optional)

If you want to prevent certain packages from being updated in the future, you can specify the exact versions in composer.json by using the caret (^) or tilde (~) version constraints. For example:

{
   "require": {
       "package/name": "^1.0"
   }
}

This ensures that composer update won’t update beyond the specified version.

By following these steps, you can safely revert your Composer dependencies back to a working state after an update causes issues.

What is `protected $fillable` in a Laravel model?

In Laravel, the `protected $fillable` property is used to define an array of attributes that are mass assignable. This means these attributes can be assigned using mass-assignment techniques, such as when creating a new model instance or updating an existing one using the `create` or `update` methods.

Mass Assignment

Mass assignment is a way to assign multiple attributes to a model instance in a single step, typically using an array. For example, you might have a form where a user can submit several pieces of information at once. Instead of assigning each piece of information individually, you can pass the entire array to the `create` or `update` method.

Here’s an example of how you might use the `$fillable` property in a Laravel model:

namespace App\Models;

use Illuminate\Database\Eloquent\Model;

class Post extends Model
{
    // Define the attributes that are mass assignable
    protected $fillable = [
        'title', 
        'content', 
        'author_id'
    ];
}

In this example, the `Post` model has three attributes (`title`, `content`, and `author_id`) that are mass assignable.

Using Mass Assignment

With the `$fillable` property defined, you can now safely use mass assignment:

// Creating a new post
$post = Post::create([
    'title' => 'My First Post',
    'content' => 'This is the content of my first post.',
    'author_id' => 1
]);

// Updating an existing post
$post->update([
    'title' => 'Updated Title',
    'content' => 'This is the updated content.'
]);

The primary purpose of the `$fillable` property is to prevent mass-assignment vulnerabilities. Without `$fillable` (or its counterpart `$guarded`), any attribute in the model can be mass assigned, which could potentially allow malicious users to update sensitive fields that they shouldn’t have access to.

Mass Assignment Vulnerability

So what is this mass assignment vulnerability? Consider a scenario where a user can submit their profile information. If the user model has an attribute like `is_admin`, and this attribute is not protected, a malicious user could submit a form with an `is_admin` field and set its value to `true`, giving themselves admin privileges.

By defining the `$fillable` property, you explicitly specify which attributes are safe to be mass assigned, thus mitigating this risk.

So, using the `$fillable` property is a best practice in Laravel to ensure that only the intended attributes can be mass assigned, enhancing the security of your application.

Vite assets are still localhost on production server

If you are using vite.js (for example when using Laravel assets bundler) then running the npm run build command triggers the build process for your project. When you run this command, Vite.js will perform several tasks to prepare your application for production deployment.

If you use Git and upload/deploy your files to production server and you css is not working then check the source code.  If you see something like this on your production server :

<script type="module" src="http://127.0.0.1:4523/@vite/client"></script>
<script type="module" src="http://127.0.0.1:4523/resources/js/app.js"></script></code>

then check if the “hot” file was accidentally uploaded to your server (github) to your Laravel public folder. Delete it and it should work. This file is used when running the dev server but will break production.

To exclude this file being uploaded to github you add it to .gitignore file:

/public/hot

Fatal error: Unparenthesized `a ? b : c ? d : e` is not supported in DatabaseInterface.php on line 615

You will get this error when you upgrade your PHP 7 to PHP 8 (or even 7.3 to 7.4 or something like that) but keep your old phpmyadmin version. This error can be in any code but in our case it is in phpMyAdmin\libraries\classes\DatabaseInterface.php file so we need to fix it for phpMyAdmin. We will not fix the code itself because in this case it is not needed.

The solution here is for Laragon. It is a little longer, but easy, Laragon oriented solution so you can better understand how it works. Scroll down to the end to do this manually (faster).

Laragon solution

It is possible that your Laragon came with older phpMyAdmin version. So we will tell Laragon to download the latest one.

Open your {INSTALLATION_PATH}\laragon\etc\apps\phpMyAdmin folder. Just in case, backup this phpMyAdmin folder first. Then delete all files in it so the folder is empty.

Right click the laragon tray icon, then Tools then Quick add and then Configuration…

laragon options configuration quick app

this will open packages. conf file in your text editor. Find this line :

# phpMyAdmin
phpmyadmin= *******

of course you will see a link to phpmyadmin download page. It will pobably be link to a specific version.

Change it to this (latest version of phpmyadmin) and save the file.

# phpMyAdmin
phpmyadmin=https://www.phpmyadmin.net/downloads/phpMyAdmin-latest-all-languages.zip

Note: if the second line starts with # you need to delete the # character.

Right click the laragon tray icon again, then Tools then Quick add and then phpmyadmin… and Laragon with automatixally downlaod the latest phpMyAdmin and install it.

laragon phpmyadmin

Restart Laragon, open yourproject.test/phpmyadmin/ in your browser (your project will be called different than yourproject.test) and phpmyadmin should work.

Manual solution

1. backup and then delete all files in {INSTALLATION_PATH}\laragon\etc\apps\phpMyAdmin folder
2. Download the latest version of phpMyAdmin from https://www.phpmyadmin.net/downloads/
3. Extract the content of downloaded ZIP file into a empty phpMyAdmin folder
4. Restart laragon and phpMyAdmin should work.

Download latest Laragon & Install Laravel 9

I like to use Laragon sometimes for my Laravel development. I had Laragon 5 installed and wanted to create new Laravel 9 project. When I selected Quick App-> Laravel it installed Laravel 8! I looked at Laragon website but the latest one there is Laragon 5 with PHP 7. Laravel 9 requires PHP 8.

Good news is that Laragon has already updated to Laragon 6 with PHP 8 but for some reason there is no downlaod link on their downlaod page (at the time of writing this post).

So what you need to do is go to Laragon github page and download latest laragon-wamp.exe from there. Then you do a backup of your current laragon folder on your PC and then just install the latest Laragon – it will keep all your files and settings, just upgrade to latest Laragon with PHP 8.

After you are done right click the Laragon icon, quick app and Laravel and it will install Laravel 9 (and probably next versions as long as they require PHP 8)

Laravel – Remove Public from URL

Why is my Laravel URL mysite.com/public by default and how do I remove “public” from URL?

Probably the first question most people ask when they install their new Laravel site.

Here are 2 ways, luckily it is easy to do.

1. The most standard one is to just edit .htaccess file and add these lines:

<IfModule mod_rewrite.c>
   RewriteEngine On 
   RewriteRule ^(.*)$ public/$1 [L]
</IfModule>

Note: For this to work you must have mod_rewrite enabled on your Apache server because rewrite module is required to apply these settings.

2. This option is either easier or more complicated, depending on if you can edit ‘Document root’ on your hosting server. So, if you have access to Cpanel of your hosting AND they allow you to change ‘Document root’ then change it from let say “/public_html” to “/public_html/public”. That should do the trick.

If you can’t edit ‘Document root’ by yourself (security measure etc) then the best is to ask your host support to change it to “/public_html/public” (assuming your root folder for website is /public_html . If it is /www then let them change it to /www/public).

Using Laragon for Laravel projects

I am in the process of migrating one of my sites from Codeigniter (anyone remember it? It promised so much but then fell behind, especially when Laravel came out years ago) to Laravel. It’s been a while since I used Laravel but I always love developing with it.

I always use XAMPP for local development but luckily I googled for alternatives and found Laragon. What an awesome find. At first I thought it was just for Laravel, due to name Laragon but you can use it for everything.

So here is how easy it was to install latest Laravel and start local development.

  1.  Go to Laragon website and download it, full or lite. Install (also select development folder) and start the services. Now you have a running web server!I changed few preferences (I don’t want it to start with Windows but I want it to start minimized and start ALL services at once) but you can do whatever is best for you.Another great thing: It comes with my favorite Console Emulator CMDER (not my screenshot):
  2. Let’s install Laravel. Right click blue (or green) Laragon tray Icon -> Quick App -> Laravel, name the project (folder)  and Laragon will begin to install Laravel via console. If you get asked for admin permission to open console (for hosts if I remember correctly) say yes.   When it finishes you should be able to open the web at ProjectName.test . I have to say that the first time I installed Laravel the scripts in console did not finish so it didnt work. I deleted the project folder, restarted the step  2. again and then it worked – Laravel was installed!
    laragon install laravel
  3.  I noticed that phpmyadmin was not installed. It is super easy again to install it :  Right click blue (or green) Laragon Icon -> Tools -> Quick Add -> *phpmyadmin . Wait few moment and you can access it at localhost/phpmyadmin/

And that is all. I installed local web server, Laravel and phpmyadmin with few clicks.

Curl Error : SSL certificate problem: unable to get local issuer certificate Laravel Wamp

Got this error when trying to use a Laravel API package that used Curl:

Curl Error : SSL certificate problem: unable to get local issuer certificate

I am using WAMP (local development) so the solution that worked was this (Let’s assume your PHP version is 7.1.9):

1. Download/save this file: http://curl.haxx.se/ca/cacert.pem into (your wamp path might differ) the C:\wamp64\bin\php\php7.1.9 folder.

2. Now you have to edit php.ini file but in my case it was not the one that is in the above folder (I tried that one first but still got the same error) but it was the one in this (your wamp and apache folder might differ) folder:  C:\wamp64\bin\apache\apache2.4.27\bin . The easiest way to open this file is to click on the green W (Wamp) icon in the tray, then PHP and then php.ini and Windows should open this file for you.

3. Find this line
;curl.cainfo
and change it to :
curl.cainfo = "C:\wamp614\bin\php\php7.1.9\cacert.pem"
Dont forget to remove the ; at the start of the line and of course use your wamp path.

4. Restart (or exit and start) the WAMP server and the error should be gone!

 

Laravel Composer using the wrong PHP version

I installed WAMP for offline development, then Composer and then Laravel. Everything was OK until I used Composer to download some Laravel package and I got this kind of error:

This package requires php >=7.0.0 but your PHP version (5.6.25) does not satisfy that requirement

Number don’t matter but I needed newer PHP. OK, I changed PHP version on WAMP, restarted it..and Laravel composer gave me the same error!

Long story short, after an hour of googling and trying all the suggested solutions like editing composer.json and this and that, nothing worked!

The solution is simple: reinstall Composer! D’oh!

When you run setup you can select the PHP version you want Composer to use (of course you have to have this PHP version installed on your PC or server) and the Composer will use it from then on:

 

laravel composer php version

After doing this this I was able to install the package. To be honest, I was quite upset that so many people offered some complicated solutions (that didn’t even work for me) on various forums and wasted my time when the solution was so simple.

 

 

 

How to check Laravel version?

Every now and then you would like to check what version of Laravel do you have installed. How to determine that? Here are a couple of ways. I tested this for Laravel 4.

1. The easiest way is to simply run artisan command php artisan --version from your CLI and it will return your Laravel version:

check laravel version

2. You can also browse to and open file vendor\laravel\framework\src\Illuminate\Foundation\Application.php. You will see the version of your Laravel instalation near the top of the class, defined as a constant:

/**
	 * The Laravel framework version.
	 *
	 * @var string
	 */
	const VERSION = '4.0.10';

3. You can also place a little code in your routes.php file at the end and then access it like yourdomain.com/laravel-version . This of course assumes that there is nothing in your routes.php file that would not allow the access of /laravel-version route.

Route::get('laravel-version', function()
{
$laravel = app();
return "Your Laravel version is ".$laravel::VERSION;
});

Please keep in mind that it is best not to keep this code on your production server. It’s not that it is harmful but there is simply no need for this because the first two methods that I showed you are simpler. If you still want to keep it then maybe you can comment it out.

There are other ways, especially with code but why complicate things when these 3 are the easiest? 🙂

If you know some simpler ways then please let me know in the comments.