Laravel - htmlspecialchars() expects parameter 1 to be string, array given in Form Array

Question

Currently, I am using Laravel-5.8 to develop a web application. In the project, I tried to dynamically add input fields using select option change based on condition.

Controller

    public $rating_points = [
    "1" => "Three-Star-Rating",
    "2" => "Four-Star-Rating",
    "3" => "Five-Star-Rating",
    "4" => "Six-Star-Rating",
    "5" => "Seven-Star-Rating",
];

public function create()
{
    abort_unless(\Gate::allows('rating_create'), 403);
    return view('appraisal.ratings.create')->with('rating_points', $this->rating_points);
}

public function store(StoreRatingRequest $request)
{
    abort_unless(\Gate::allows('rating_create'), 403);

    $rating = AppraisalRating::create([
        'rating_point'               => $request->rating_point,
        'rating_type'               => $request->rating_type,
        'rating_value'              => $request->rating_value,
        'rating_description'        => $request->rating_description,
        'company_id'                => Auth::user()->company_id,
        'created_by'                => Auth::user()->id,
        'created_at'                => date("Y-m-d H:i:s"),
        'is_active'                 => 1,
    ]);
    Session::flash('success', 'Appraisal Rating is created successfully');
    return redirect()->route('appraisal.ratings.index');
}

public function edit($id)
{
    abort_unless(\Gate::allows('rating_edit'), 403);
    $rating = AppraisalRating::where('id', $id)->first();       
    return view('appraisal.ratings.edit')->with('rating', $rating)->with('rating_types', $this->rating_types);
}

public function update(UpdateRatingRequest $request, $id)
{

    abort_unless(\Gate::allows('rating_edit'), 403);

    $rating = AppraisalRating::find($id);                            
    $rating->rating_point                 = $request->rating_point;
    $rating->rating_type                 = $request->rating_type;
    $rating->rating_value                = $request->rating_value;
    $rating->rating_description          = $request->rating_description;
    $rating->company_id                  = Auth::user()->company_id;
    $rating->updated_by                  = Auth::user()->id;
    $rating->updated_at                  = date("Y-m-d H:i:s");
    $rating->is_active                   = 1;
    $rating->save();
    Session::flash('success', 'Appraisal Rating is updated successfully');
    return redirect()->route('appraisal.ratings.index');
}

view

    <div class="card-body">
       <form  action="{{route('appraisal.ratings.store')}}" method="post" class="form-horizontal" enctype="multipart/form-data">
           {{csrf_field()}}
                        <div class="form-body">
                            <div class="row">
                                <div class="col-md-12">
                                    <div class="form-group row">
                                        <label for="rating-point" class="col-4 col-form-label"> Rating Point<span style="color:red;">*</span></label>
                                        <div class="col-md-6 controls">
                                            <select id='rating-point' class="form-control select2" data-placeholder="Choose Rating Value" tabindex="1" name="rating_point[]">
                                                <option value="">Select Rating Point</option>
                                                @foreach($rating_points as $k => $rating_point)
                                                    <option value="{{$k}}" @if(old("rating_point") == "$k") selected @endif>{{$rating_point}}</option>
                                                @endforeach
                                            </select>
                                        </div>
                                    </div>
                                </div>  
                            </div>

                        <div class="row" id="rating-data"></div>
                    </div>
          
            <div id="rating-button" style="display: none;">
                &nbsp;&nbsp;&nbsp;<button type="submit" class="btn btn-primary">{{ trans('global.save') }}</button>
                <button type="button" onclick="window.location.href='{{route('appraisal.ratings.index')}}'" class="btn btn-default">Cancel</button>
            </div>
        </form>
    </div> 
    @endsection

    @section('javascript')
    <!-- jQuery -->
    <script src="{{ asset('theme/adminlte3/plugins/jquery/jquery.min.js') }}"></script>
    <!-- jQuery UI 1.11.4 -->
    <script src="{{ asset('theme/adminlte3/plugins/jquery-ui/jquery-ui.min.js') }}"></script>


    <script>
    $(document).ready(function($){
    $('#rating-point').on('change', function() {
     $('#rating-data').html('');

      if ( this.value == '1')
      {
        var numInputs = '3';
         for(var i=0; i < numInputs; i++)
         {
             var j = i*1+1;
             var $section =  $('<div class="col-md-4"><div class="form-group row"><label class="control-label text-right col-md-3">Type<span style="color:red;">*</span></label><div class="col-md-9 controls"><input  type="text" name="rating_type[]" value="'+j+'" class="form-control" value="{{old('rating_type')}}" readonly></div></div></div><div class="col-md-4"><div class="form-group row"><label class="control-label text-right col-md-3">Value<span style="color:red;">*</span></label><div class="col-md-9 controls"><input  type="number" name="rating_value[]" placeholder="Rating Value" class="form-control" value="{{old('rating_value')}}"></div></div></div><div class="col-md-4"><div class="form-group row"><label class="control-label text-right col-md-3">Description<span style="color:red;">*</span></label><div class="col-md-9 controls"><input  type="text" name="rating_description[]" placeholder="Enter rating description here" class="form-control" value="{{old('rating_description')}}"></div></div></div>');
             $('#rating-data').append($section);
         }           
        $("#rating-button").show();
      }
      else if ( this.value == '2')
      {
        var numInputs = '4';
         for(var i=0; i < numInputs; i++)
         {
             var j = i*1+1;
             var $section =  $('<div class="col-md-4"><div class="form-group row"><label class="control-label text-right col-md-3">Type<span style="color:red;">*</span></label><div class="col-md-9 controls"><input  type="text" name="rating_type[]" value="'+j+'" class="form-control" value="{{old('rating_type')}}" readonly></div></div></div><div class="col-md-4"><div class="form-group row"><label class="control-label text-right col-md-3">Value<span style="color:red;">*</span></label><div class="col-md-9 controls"><input  type="number" name="rating_value[]" placeholder="Rating Value" class="form-control" value="{{old('rating_value')}}"></div></div></div><div class="col-md-4"><div class="form-group row"><label class="control-label text-right col-md-3">Description<span style="color:red;">*</span></label><div class="col-md-9 controls"><input  type="text" name="rating_description[]" placeholder="Enter rating description here" class="form-control" value="{{old('rating_description')}}"></div></div></div>');
             $('#rating-data').append($section);
         } 
        $("#rating-button").show();
      }
      else if ( this.value == '3')
      {
        var numInputs = '5';
         for(var i=0; i < numInputs; i++)
         {
             var j = i*1+1;
             var $section =  $('<div class="col-md-4"><div class="form-group row"><label class="control-label text-right col-md-3">Type<span style="color:red;">*</span></label><div class="col-md-9 controls"><input  type="text" name="rating_type[]" value="'+j+'" class="form-control" value="{{old('rating_type')}}" readonly></div></div></div><div class="col-md-4"><div class="form-group row"><label class="control-label text-right col-md-3">Value<span style="color:red;">*</span></label><div class="col-md-9 controls"><input  type="number" name="rating_value[]" placeholder="Rating Value" class="form-control" value="{{old('rating_value')}}"></div></div></div><div class="col-md-4"><div class="form-group row"><label class="control-label text-right col-md-3">Description<span style="color:red;">*</span></label><div class="col-md-9 controls"><input  type="text" name="rating_description[]" placeholder="Enter rating description here" class="form-control" value="{{old('rating_description')}}"></div></div></div>');
             $('#rating-data').append($section);
         } 
        $("#rating-button").show();
      }
      else if ( this.value == '4')
      {
        var numInputs = '6';
         for(var i=0; i < numInputs; i++)
         {
             var j = i*1+1;
             var $section =  $('<div class="col-md-4"><div class="form-group row"><label class="control-label text-right col-md-3">Type<span style="color:red;">*</span></label><div class="col-md-9 controls"><input  type="text" name="rating_type[]" value="'+j+'" class="form-control" value="{{old('rating_type')}}" readonly></div></div></div><div class="col-md-4"><div class="form-group row"><label class="control-label text-right col-md-3">Value<span style="color:red;">*</span></label><div class="col-md-9 controls"><input  type="number" name="rating_value[]" placeholder="Rating Value" class="form-control" value="{{old('rating_value')}}"></div></div></div><div class="col-md-4"><div class="form-group row"><label class="control-label text-right col-md-3">Description<span style="color:red;">*</span></label><div class="col-md-9 controls"><input  type="text" name="rating_description[]" placeholder="Enter rating description here" class="form-control" value="{{old('rating_description')}}"></div></div></div>');
             $('#rating-data').append($section);
         } 
        $("#rating-button").show();
      }
      else if ( this.value == '5')
      {
        var numInputs = '7';
         for(var i=0; i < numInputs; i++)
         {
             var j = i*1+1;
             var $section =  $('<div class="col-md-4"><div class="form-group row"><label class="control-label text-right col-md-3">Type<span style="color:red;">*</span></label><div class="col-md-9 controls"><input  type="text" name="rating_type[]" value="'+j+'" class="form-control" value="{{old('rating_type')}}" readonly></div></div></div><div class="col-md-4"><div class="form-group row"><label class="control-label text-right col-md-3">Value<span style="color:red;">*</span></label><div class="col-md-9 controls"><input  type="number" name="rating_value[]" placeholder="Rating Value" class="form-control" value="{{old('rating_value')}}"></div></div></div><div class="col-md-4"><div class="form-group row"><label class="control-label text-right col-md-3">Description<span style="color:red;">*</span></label><div class="col-md-9 controls"><input  type="text" name="rating_description[]" placeholder="Enter rating description here" class="form-control" value="{{old('rating_description')}}"></div></div></div>');
             $('#rating-data').append($section);
         } 
        $("#rating-button").show();
      }
      else
      {
        $("#rating-button").hide();
      }
     });
    });
   </script>

   @stop

The problem is that when I clicked on submit button I expected it to save in the database, but I got this error:

htmlspecialchars() expects parameter 1 to be string, array given (View: C:\xampp\htdocs\hris\resources\views\appraisal\ratings\create.blade.php)

How do I resolve this issue?

Secondly, I don't know if I have written the controller actions for save and update appropriately.

Thank you.

Answer 1

You probably have this because you use

name="rating_point[]"

In your select HTML

This means that your controller does receive an ARRAY and expects a scalar value, like a string.

Secondly, I don't know if I have written the controller actions for save and update appropriately.

I've could imagine many improvements, but it don't think this is the place to do code reviews.