{"id":129,"date":"2025-08-25T18:14:37","date_gmt":"2025-08-25T18:14:37","guid":{"rendered":"https:\/\/1v0.net\/blog\/?p=129"},"modified":"2025-08-26T08:49:40","modified_gmt":"2025-08-26T08:49:40","slug":"mastering-validation-rules-in-laravel-12","status":"publish","type":"post","link":"https:\/\/1v0.net\/blog\/mastering-validation-rules-in-laravel-12\/","title":{"rendered":"Mastering Validation Rules in Laravel 12"},"content":{"rendered":"\n

Validation is one of the most important parts of any Laravel application. It ensures that the data coming from forms, APIs, or user input is safe, correct, and ready to be stored in the database. Without validation, users could submit broken data, leave required fields empty, or even try to exploit your app with malicious input.<\/p>\n\n\n\n

In this guide, we\u2019ll go deep into mastering validation rules in Laravel 12. We\u2019ll look at basic validation, custom error messages, form request classes, and some of the most useful built-in rules. Each example is explained in detail so new developers can follow along easily.<\/p>\n\n\n\n

<\/p>\n\n\n\n

<\/div>\n\n\n\n

1 – Basic Validation with the validate()<\/code> Method<\/strong><\/h2>\n\n\n\n

<\/p>\n\n\n

\/\/ app\/Http\/Controllers\/UserController.php<\/span>\n\npublic<\/span> function<\/span> store<\/span>(Request $request)<\/span>\n<\/span>{\n    $validated = $request->validate([\n        'name'<\/span>  => 'required|string|max:255'<\/span>,\n        'email'<\/span> => 'required|email|unique:users,email'<\/span>,\n        'age'<\/span>   => 'nullable|integer|min:18'<\/span>,\n    ]);\n\n    \/\/ At this point $validated contains only valid, safe data<\/span>\n    User::create($validated);\n\n    return<\/span> redirect()->back()->with('status'<\/span>, 'User created successfully!'<\/span>);\n}<\/code><\/span>Code language:<\/span> PHP<\/span> (<\/span>php<\/span>)<\/span><\/small><\/pre>\n\n\n
Here we use $request->validate()<\/code> inside a controller method. Laravel automatically checks the input against the rules:<\/p>\n\n\n\n
    \n
  • required<\/code> means the field must be present and not empty.<\/li>\n\n\n\n
  • string<\/code> ensures the name is plain text, not an array or number.<\/li>\n\n\n\n
  • max:255<\/code> limits the length of the name field to 255 characters.<\/li>\n\n\n\n
  • email<\/code> ensures the input looks like an email address.<\/li>\n\n\n\n
  • unique:users,email<\/code> checks the email doesn\u2019t already exist in the users<\/code> table.<\/li>\n\n\n\n
  • nullable|integer|min:18<\/code> means age is optional, but if provided it must be an integer at least 18.<\/li>\n<\/ul>\n\n\n\n
    If validation fails, Laravel will automatically redirect back to the previous page with errors stored in the session. You can display them in Blade using @error<\/code>.<\/p>\n\n\n\n
    <\/p>\n\n\n\n
    <\/div>\n\n\n\n
    2 – Displaying Validation Errors in Blade<\/strong><\/h2>\n\n\n\n
    <\/p>\n\n\n
    \/\/ resources\/views\/users\/create.blade.php<\/span>\n\n<form method=\"POST\"<\/span> action=\"{{ route('users.store') }}\"<\/span> class<\/span>=\"card<\/span> card<\/span>-body<\/span>\">\n    @csrf<\/span>\n\n    <input<\/span> type<\/span>=\"text<\/span>\" name<\/span>=\"name<\/span>\" placeholder<\/span>=\"Name<\/span>\" value<\/span>=\"<\/span>{{ old('name'<\/span>) }}\" class=\"<\/span>form-control mb-2<\/span>\">\n    @error('name')\n        <div class=\"<\/span>text-danger\">{{ $message }}<\/div>\n    @enderror\n\n    <input type=\"<\/span>email\" name=\"<\/span>email\" placeholder=\"<\/span>Email\" value=\"<\/span>{{ old('email'<\/span>) }}\" class=\"<\/span>form-control mb-2<\/span>\">\n    @error('email')\n        <div class=\"<\/span>text-danger\">{{ $message }}<\/div>\n    @enderror\n\n    <input type=\"<\/span>number\" name=\"<\/span>age\" placeholder=\"<\/span>Age\" value=\"<\/span>{{ old('age'<\/span>) }}\" class=\"<\/span>form-control mb-2<\/span>\">\n    @error('age')\n        <div class=\"<\/span>text-danger\">{{ $message }}<\/div>\n    @enderror\n\n    <button class=\"<\/span>btn btn-primary\">Create User<\/button>\n<\/form><\/span><\/code><\/span>Code language:<\/span> PHP<\/span> (<\/span>php<\/span>)<\/span><\/small><\/pre>\n\n\n
    The old()<\/code> helper keeps the previous value if the form fails validation. The @error<\/code> directive shows the error message for each field if validation fails.<\/p>\n\n\n\n
    <\/p>\n\n\n\n
    <\/div>\n\n\n\n
    3 – Commonly Used Validation Rules<\/strong><\/h2>\n\n\n\n
    <\/p>\n\n\n\n
      \n
    • required<\/code> \u2014 Field must be present and not empty.<\/li>\n\n\n\n
    • nullable<\/code> \u2014 Field can be empty, but if present, it must follow other rules.<\/li>\n\n\n\n
    • email<\/code> \u2014 Must be a valid email format.<\/li>\n\n\n\n
    • url<\/code> \u2014 Must be a valid URL.<\/li>\n\n\n\n
    • min:n<\/code> \/ max:n<\/code> \u2014 Minimum or maximum length\/size.<\/li>\n\n\n\n
    • numeric<\/code> \/ integer<\/code> \u2014 Value must be a number.<\/li>\n\n\n\n
    • date<\/code> \u2014 Must be a valid date (Y-m-d, etc.).<\/li>\n\n\n\n
    • confirmed<\/code> \u2014 Requires a matching _confirmation<\/code> field (commonly used for passwords).<\/li>\n\n\n\n
    • unique:table,column<\/code> \u2014 Ensures no duplicates in the database.<\/li>\n\n\n\n
    • exists:table,column<\/code> \u2014 Ensures the value exists in another table (useful for foreign keys).<\/li>\n<\/ul>\n\n\n\n
      Laravel provides dozens of validation rules out of the box. These rules are simple strings, but you can also pass arrays if you need more flexibility.<\/p>\n\n\n\n
      <\/p>\n\n\n\n
      <\/div>\n\n\n\n
      4 – Custom Error Messages<\/strong><\/h2>\n\n\n\n
      <\/p>\n\n\n
      \/\/ app\/Http\/Controllers\/UserController.php<\/span>\n\npublic<\/span> function<\/span> store<\/span>(Request $request)<\/span>\n<\/span>{\n    $messages = [\n        'name.required'<\/span> => 'Please enter your full name.'<\/span>,\n        'email.required'<\/span> => 'We need your email address.'<\/span>,\n        'email.unique'<\/span>  => 'That email is already taken, please choose another.'<\/span>,\n    ];\n\n    $validated = $request->validate([\n        'name'<\/span>  => 'required|string|max:255'<\/span>,\n        'email'<\/span> => 'required|email|unique:users,email'<\/span>,\n        'age'<\/span>   => 'nullable|integer|min:18'<\/span>,\n    ], $messages);\n\n    User::create($validated);\n\n    return<\/span> redirect()->back()->with('status'<\/span>, 'User created successfully!'<\/span>);\n}<\/code><\/span>Code language:<\/span> PHP<\/span> (<\/span>php<\/span>)<\/span><\/small><\/pre>\n\n\n
      Here we pass a second argument to validate()<\/code> with an array of messages. This overrides Laravel\u2019s default messages with custom, user-friendly text.<\/p>\n\n\n\n
      <\/p>\n\n\n\n
      <\/div>\n\n\n\n
      5 – Using Form Request Classes<\/strong><\/h2>\n\n\n\n
      <\/p>\n\n\n
      php<\/span> artisan<\/span> make<\/span>:request<\/span> StoreUserRequest<\/span><\/code><\/span>Code language:<\/span> CSS<\/span> (<\/span>css<\/span>)<\/span><\/small><\/pre>\n\n\n
      This command creates a new class in app\/Http\/Requests\/StoreUserRequest.php<\/code>. Inside it, you define validation rules and messages:<\/p>\n\n\n
      namespace<\/span> App<\/span>\\Http<\/span>\\Requests<\/span>;\n\nuse<\/span> Illuminate<\/span>\\Foundation<\/span>\\Http<\/span>\\FormRequest<\/span>;\n\nclass<\/span> StoreUserRequest<\/span> extends<\/span> FormRequest<\/span>\n<\/span>{\n    public<\/span> function<\/span> authorize<\/span>()<\/span>: bool<\/span>\n    <\/span>{\n        return<\/span> true<\/span>; \/\/ allow all for now<\/span>\n    }\n\n    public<\/span> function<\/span> rules<\/span>()<\/span>: array<\/span>\n    <\/span>{\n        return<\/span> [\n            'name'<\/span>  => 'required|string|max:255'<\/span>,\n            'email'<\/span> => 'required|email|unique:users,email'<\/span>,\n            'age'<\/span>   => 'nullable|integer|min:18'<\/span>,\n        ];\n    }\n\n    public<\/span> function<\/span> messages<\/span>()<\/span>: array<\/span>\n    <\/span>{\n        return<\/span> [\n            'name.required'<\/span> => 'Your name is required.'<\/span>,\n            'email.unique'<\/span>  => 'This email is already registered.'<\/span>,\n        ];\n    }\n}<\/code><\/span>Code language:<\/span> PHP<\/span> (<\/span>php<\/span>)<\/span><\/small><\/pre>\n\n\n
      Form requests separate validation logic from controllers. You can now type-hint this request class in your controller:<\/p>\n\n\n
      \/\/ app\/Http\/Controllers\/UserController.php<\/span>\n\npublic<\/span> function<\/span> store<\/span>(StoreUserRequest $request)<\/span>\n<\/span>{\n    User::create($request->validated());\n    return<\/span> redirect()->back()->with('status'<\/span>, 'User created!'<\/span>);\n}<\/code><\/span>Code language:<\/span> PHP<\/span> (<\/span>php<\/span>)<\/span><\/small><\/pre>\n\n\n
      This makes your controllers cleaner and your validation rules reusable across multiple places.<\/p>\n\n\n\n
      <\/p>\n\n\n\n
      <\/div>\n\n\n\n
      6 – Conditional Validation<\/strong><\/h2>\n\n\n\n
      <\/p>\n\n\n
      \/\/ Example: phone is required only if contact_method = phone<\/span>\n\n$request->validate([\n    'contact_method'<\/span> => 'required|in:email,phone'<\/span>,\n    'email'<\/span> => 'required_if:contact_method,email|email'<\/span>,\n    'phone'<\/span> => 'required_if:contact_method,phone|digits:10'<\/span>,\n]);<\/code><\/span>Code language:<\/span> PHP<\/span> (<\/span>php<\/span>)<\/span><\/small><\/pre>\n\n\n
      Here, required_if<\/code> makes the email<\/code> field required if contact_method<\/code> is set to \u201cemail\u201d, and the phone<\/code> field required if \u201cphone\u201d is selected. This gives you dynamic validation depending on user choices.<\/p>\n\n\n\n
      <\/p>\n\n\n\n
      <\/div>\n\n\n\n
      7 – Custom Validation Rules<\/strong><\/h2>\n\n\n\n
      <\/p>\n\n\n
      php<\/span> artisan<\/span> make<\/span>:rule<\/span> Uppercase<\/span><\/code><\/span>Code language:<\/span> CSS<\/span> (<\/span>css<\/span>)<\/span><\/small><\/pre>\n\n\n
      This generates a rule class. Inside you define your custom logic:<\/p>\n\n\n
      \/\/ app\/Rules\/Uppercase.php<\/span>\n\nnamespace<\/span> App<\/span>\\Rules<\/span>;\n\nuse<\/span> Closure<\/span>;\nuse<\/span> Illuminate<\/span>\\Contracts<\/span>\\Validation<\/span>\\ValidationRule<\/span>;\n\nclass<\/span> Uppercase<\/span> implements<\/span> ValidationRule<\/span>\n<\/span>{\n    public<\/span> function<\/span> validate<\/span>(string $attribute, mixed $value, Closure $fail)<\/span>: void<\/span>\n    <\/span>{\n        if<\/span> (strtoupper($value) !== $value) {\n            $fail('The :attribute must be uppercase.'<\/span>);\n        }\n    }\n}<\/code><\/span>Code language:<\/span> PHP<\/span> (<\/span>php<\/span>)<\/span><\/small><\/pre>\n\n\n
      Now you can use it like this:<\/p>\n\n\n
      $request->validate([\n    'code'<\/span> => ['required'<\/span>, new<\/span> \\App\\Rules\\Uppercase],\n]);<\/code><\/span>Code language:<\/span> PHP<\/span> (<\/span>php<\/span>)<\/span><\/small><\/pre>\n\n\n
      This ensures the code<\/code> field is always uppercase. Custom rules let you handle business logic that built-in rules don\u2019t cover.<\/p>\n\n\n\n
      <\/p>\n\n\n\n
      <\/div>\n\n\n\n
      Wrapping Up<\/strong><\/h2>\n\n\n\n
      <\/p>\n\n\n\n
      You now have a strong understanding of validation in Laravel 12: from basic rules and error messages to form requests and custom validators. Validation is a core part of keeping your app secure and reliable, and Laravel makes it both powerful and easy to use.<\/p>\n\n\n\n
      As you build bigger apps, you\u2019ll often combine multiple rules, create reusable form request classes, and even add custom validation rules specific to your project\u2019s business logic.<\/p>\n\n\n\n
      <\/p>\n\n\n\n
      <\/div>\n\n\n\n
      Next Steps<\/strong><\/h2>\n\n\n\n
      <\/p>\n\n\n\n
      Once you\u2019re comfortable with the basics of Laravel validation, here are some advanced topics you can explore to take your skills further:<\/p>\n\n\n\n
        \n
      • File Upload Validation:<\/strong> Learn to validate file types, sizes, and dimensions (e.g., images, PDFs).<\/li>\n\n\n\n
      • Regex Rules:<\/strong> Use regular expressions for highly customized validation logic.<\/li>\n\n\n\n
      • Sanitizing Input:<\/strong> Combine validation with data cleaning (like trimming whitespace, escaping HTML).<\/li>\n\n\n\n
      • Cross-Field Validation:<\/strong> Write rules that compare multiple fields (e.g., start_date must be before end_date).<\/li>\n\n\n\n
      • API Validation:<\/strong> Apply validation rules in API controllers and return JSON error responses.<\/li>\n\n\n\n
      • Localization:<\/strong> Provide validation error messages in multiple languages for international apps.<\/li>\n<\/ul>\n\n\n\n
        These next steps will help you build more robust, secure, and user-friendly applications where data is always validated properly before saving.<\/p>\n\n\n\n
        <\/p>\n","protected":false},"excerpt":{"rendered":"
        Validation is one of the most important parts of any Laravel application. It ensures that the data coming from forms, APIs, or user input is safe, correct, and ready to be stored in the database. Without validation, users could submit broken data, leave required fields empty, or even try to exploit your app with malicious […]<\/p>\n","protected":false},"author":1,"featured_media":131,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7],"tags":[19],"class_list":["post-129","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-laravel","tag-validation"],"_links":{"self":[{"href":"https:\/\/1v0.net\/blog\/wp-json\/wp\/v2\/posts\/129","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/1v0.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/1v0.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/1v0.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/1v0.net\/blog\/wp-json\/wp\/v2\/comments?post=129"}],"version-history":[{"count":2,"href":"https:\/\/1v0.net\/blog\/wp-json\/wp\/v2\/posts\/129\/revisions"}],"predecessor-version":[{"id":132,"href":"https:\/\/1v0.net\/blog\/wp-json\/wp\/v2\/posts\/129\/revisions\/132"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/1v0.net\/blog\/wp-json\/wp\/v2\/media\/131"}],"wp:attachment":[{"href":"https:\/\/1v0.net\/blog\/wp-json\/wp\/v2\/media?parent=129"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/1v0.net\/blog\/wp-json\/wp\/v2\/categories?post=129"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/1v0.net\/blog\/wp-json\/wp\/v2\/tags?post=129"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}