1. If syntax is written in the template engine:
@if (conditional expression 1)
execute statement 1
@elseif (conditional expression 2)
execute statement 2
@elseif (conditional expression 3)
execute statement 3
@else
default execute statement
@ Endif
case:
2. Template inheritance / containment
Inheritance not only exists in the php class, but also in the view. The content of the public part is the parent class, and the different content is the subclass.
Same as the inheritance in php, the methods in the parent class can Rewrite
the syntax required in the parent class; @yieid ('NAME') ;, as shown
in the following figure. The syntax required in the subclass is
@extends ('name of the parent class')
@section (' NAME ')
@endsection
as shown below:
One of them includes @include (' welcome ') which means to import the template file, that is to say, the inclusion, it should be noted that the introduction is a pure static template, when the imported template has variables It is easy to make mistakes, not recommended
3. CSRF attack
XSS, SQL injection
CSRF is a cross-site request forgery operation, which is generally used for website csrf verification to prevent some copy websites from performing some bad deception.
Laravel automatically generates a SCRF Token for each user session. The Token can be used to verify whether the logged-in user and the requester are the same person. If not, the request fails [the principle is the same as the verification principle] On the same website, the value of Token is different, which prevents certain illegal means.
Laravel provides a global help function csrf_token () to get the Token value, so just add the following HTML code in the view submission form to bring the Token in the request:
The laravel framework enables csrf verification by default, so it must be processed in the foreground form.
SCRF verification only takes effect for POST requests in the laravel framework, and does not process GET requests.
As shown in the following figure:
