As per Official Blog of Laravel, there is a possibility of SQL injection when user controlled input is passed as the “exclude ID” parameter of Laravel’s unique rule, such as: Rule::unique(‘users’)->ignore($request->input(‘id’)) The unique rule’s “exclude ID” feature is intended to only accept system-generated IDs, such as auto-incrementing IDs or UUIDs […]

Continue Reading