I was under the impression that $hidden field in the Model class prevented information from being returned by eloquent. My User model has this line:
protected $hidden = [
'password', 'remember_token',
];
The comment in the Model for the $hidden attribute states: "The attributes that should be hidden for arrays.". However, if I do this
Route::get('profile/{id}', function($id) {
$user = User::find($id);
dd($user);
});
I get a User object with the password visible.
Am I misunderstanding this?
I am using Laravel 5.2
That $hidden
is only used when serializing the model. (toJson() toArray()
). This only hides 'attributes' of the model. Doing a var_dump is a php level thing that is dumping the actual object.
$model->toArray()
will not contain your password field or the remember token.
Sign in to participate in this thread!
The Laravel portal for problem solving, knowledge sharing and community building.
The community