Im creating a survey that is sent by newsletter email, and basically the app records the user data based on the email of the user, if the email isnt present in the route isnt possible to fill in the survey, but im not quite sure if im doing it right way and also for security purpose maybe i should have some kind of validation regarding the email. Can someone suggest me what is the best practise or the way im doing is already alright?!
The url that the users enter is like:
http://domain.com/surveys/23/email@hotmail.com/show
Here is my code:
Route:
Route::get('surveys/{id}/{email}/show/', 'SurveyController@show');
Controller:
public function show($id,$email)
{
$survey = Survey::find($id);
$email = $email;
return view('admin.surveys.show', compact('survey','email'));
}
View:
Html
...
@if(!empty($email))
show the survey form
@else
A message saying is not possibile fill without a email
@endif
Note: The survey is completelly a part from the newsletter system, it cannot have any kind of integration between them.
