First question: How do I make these type of links good for SEO
I can't confidently say that it's bad in its current state as I'm not too clued up on SEO, see this link for some more info http://webmasters.stackexchange.com/questions/15393/is-a-url-with-a-query-string-better-or-worse-for-seo-then-one-without-one https://webmasters.stackexchange.com/questions/15393/is-a-url-with-a-query-string-better-or-worse-for-seo-then-one-without-one
I'm guessing if you wanted to make it somewhat more human and or seo friendly you can set your route up as so:
Route::get('{search}/{color}/{etc}', [
'uses' => 'SearchController@postSearchResults'
]);
Then you'd need to add some parameters to the controller:
public function postSearchResults($search, $color, $etc) {
$query = DB::connection('mysql')->table('cards')
->where('name', 'LIKE', '%'.$search.'%')
->where('color', 'LIKE', '%'.$color.'%')
->where('etc', 'LIKE', '%'.$etc.'%')
->get();
return parent::ajaxView('results', compact('query'));
}
Note: you may want to change your method name to getSearchResults() instead of postSearchResults(), as you are using the GET ajax method when calling the route, right?
and is this secure? It seems like it would be easy to inject code?
From the Laravel Documentation: http://laravel.com/docs/5.0/queries#introduction
Note: The Laravel query builder uses PDO parameter binding throughout to protect your application against SQL injection attacks. There is no need to clean strings being passed as bindings.
Second question: After getting the corresponding input from the user, I have the following in my SearchController to deal with the input:
... your code
Is the above secure or is there something I should do in addition to make it secure?
I'd like to think it's pretty secure based on what is aforementioned regarding how the query builder works.
Finally, don't consider this a complete answer. I'd definitely do some more digging around or maybe someone with more knowledge will come and post another answer! All the best!
First question: How do I make these type of links good for SEO
I can't confidently say that it's bad in its current state as I'm not too clued up on SEO, see this link for some more info http://webmasters.stackexchange.com/questions/15393/is-a-url-with-a-query-string-better-or-worse-for-seo-then-one-without-one
I'm guessing if you wanted to make it somewhat more human and or seo friendly you can set your route up as so:
Route::get('{search}/{color}/{etc}', [
'uses' => 'SearchController@postSearchResults'
]);
Then you'd need to add some parameters to the controller:
public function postSearchResults($search, $color, $etc) {
$query = DB::connection('mysql')->table('cards')
->where('name', 'LIKE', '%'.$search.'%')
->where('color', 'LIKE', '%'.$color.'%')
->where('etc', 'LIKE', '%'.$etc.'%')
->get();
return parent::ajaxView('results', compact('query'));
}
Note: you may want to change your method name to getSearchResults() instead of postSearchResults(), as you are using the GET ajax method when calling the route, right?
and is this secure? It seems like it would be easy to inject code?
From the Laravel Documentation: http://laravel.com/docs/5.0/queries#introduction
Note: The Laravel query builder uses PDO parameter binding throughout to protect your application against SQL injection attacks. There is no need to clean strings being passed as bindings.
Second question: After getting the corresponding input from the user, I have the following in my SearchController to deal with the input:
... your code
Is the above secure or is there something I should do in addition to make it secure?
I'd like to think it's pretty secure based on what is aforementioned regarding how the query builder works.
Finally, don't consider this a complete answer. I'd definitely do some more digging around or maybe someone with more knowledge will come and post another answer! All the best!
First question: How do I make these type of links good for SEO
I can't confidently say that it's bad in its current state as I'm not too clued up on SEO, see this link for some more info https://webmasters.stackexchange.com/questions/15393/is-a-url-with-a-query-string-better-or-worse-for-seo-then-one-without-one
I'm guessing if you wanted to make it somewhat more human and or seo friendly you can set your route up as so:
Route::get('{search}/{color}/{etc}', [
'uses' => 'SearchController@postSearchResults'
]);
Then you'd need to add some parameters to the controller:
public function postSearchResults($search, $color, $etc) {
$query = DB::connection('mysql')->table('cards')
->where('name', 'LIKE', '%'.$search.'%')
->where('color', 'LIKE', '%'.$color.'%')
->where('etc', 'LIKE', '%'.$etc.'%')
->get();
return parent::ajaxView('results', compact('query'));
}
Note: you may want to change your method name to getSearchResults() instead of postSearchResults(), as you are using the GET ajax method when calling the route, right?
and is this secure? It seems like it would be easy to inject code?
From the Laravel Documentation: http://laravel.com/docs/5.0/queries#introduction
Note: The Laravel query builder uses PDO parameter binding throughout to protect your application against SQL injection attacks. There is no need to clean strings being passed as bindings.
Second question: After getting the corresponding input from the user, I have the following in my SearchController to deal with the input:
... your code
Is the above secure or is there something I should do in addition to make it secure?
I'd like to think it's pretty secure based on what is aforementioned regarding how the query builder works.
Finally, don't consider this a complete answer. I'd definitely do some more digging around or maybe someone with more knowledge will come and post another answer! All the best!
First question: How do I make these type of links good for SEO
I can't confidently say that it's bad in its current state as I'm not too clued up on SEO, see this link for some more info http://webmasters.stackexchange.com/questions/15393/is-a-url-with-a-query-string-better-or-worse-for-seo-then-one-without-one
I'm guessing if you wanted to make it somewhat more human and or seo friendly you can set your route up as so:
Route::get('{search}/{color}/{etc}', [
'uses' => 'SearchController@postSearchResults'
]);
Then you'd need to add some parameters to the controller:
public function postSearchResults($search, $color, $etc) {
$query = DB::connection('mysql')->table('cards')
->where('name', 'LIKE', '%'.$search.'%')
->where('color', 'LIKE', '%'.$color.'%')
->where('etc', 'LIKE', '%'.$etc.'%')
->get();
return parent::ajaxView('results', compact('query'));
}
Note: you may want to change your method name to getSearchResults() instead of postSearchResults(), as you are using the GET ajax method when calling the route, right?
and is this secure? It seems like it would be easy to inject code?
From the Laravel Documentation: http://laravel.com/docs/5.0/queries#introduction
Note: The Laravel query builder uses PDO parameter binding throughout to protect your application against SQL injection attacks. There is no need to clean strings being passed as bindings.
Second question: After getting the corresponding input from the user, I have the following in my SearchController to deal with the input:
... your code
Is the above secure or is there something I should do in addition to make it secure?
I'd like to think it's pretty secure based on what is aforementioned regarding how the query builder works.
Finally, don't consider this a complete answer. I'd definitely do some more digging around or maybe someone with more knowledge will come and post another answer! All the best!