Laravel: Interview Questions and Answers

Laravel is an open source framework for web appliation in PHP. It follows MVC (Model-View-Controller) architectural pattern.

Artisan is a command-line interface(CLI) that comes with Laravel, to help us with development and other task, like- generating files, migrations, managing queue, and much more.

Artisan is powerd by Symfony Console.

Developers can extend its functionality by defining/creating custom commands.

Environment variables are saved in .env file. Variables are saved in the key=value format like below-
APP_NAME=BigBoxCode
DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=bbcode
DB_USERNAME=root
DB_PASSWORD=root*secret

We can retrieve these values directly using env("KEY_NAME_HERE") function.
But it is better not to use the env() function directly in the code, as the configuration caching in production can cause issue. It is better to use the env() in config file and use the value from config in your code using config() function.

Read this article for more details of the issue and best practice ⇛ Laravel: env() getting null value when used with config:cache

Use the following command to cache the configuration(in production):
php artisan config:cache

Clear config cache using:
php artisan config:clear

For production environment we need to make sure that the following 2 values are changed-
APP_ENV=production
APP_DEBUG=false

Check current environment using command-
php artisan env

Check config value using following command-
php artisan config:show app.name

Lastly, the automated testing command( php artisan test ) will automatically use the values from file .env.testing , and if the value is not present in .env.testing then it will fall back to .env file.

The config directory is used to manage configuration setting in an application.
It contains files for the setting values for different parts of the application, such as general app values, datbase, email, caching, file system, queue, etc.

each config file returns an array, where the values can be obtained from .env, or some other setting can be set. Here is an example-
<?php
// config/app.php
return [
    'name' => env('APP_NAME', 'Laravel'),
    'env' => env('APP_ENV', 'production'),
    'debug' => (bool) env('APP_DEBUG', false),
    'url' => env('APP_URL', 'http://localhost'),
    'timezone' => 'UTC',
    'locale' => env('APP_LOCALE', 'en'),
    // Other settings here
];

We can get the values in any part of our code by using the config() function.
Pass the file name and setting name, separated by dot(.), like below-
$appName = config("app.name");
$databaseName = config("database.connections.mysql.database");

We can pass a default value to config(), as fallback/default value-
$appName = config("app.name", "SomeDefaultAppName");
$databaseName = config("database.connections.mysql.database", "default_db");

Here are the key points of the “bootstrap” directory-

⇾ This directory includes “bootstrap/app.php” file, which is used to initialize the app and load essential services before handling requests.
⇾ Contains “bootstrap/providers.php” file to list of service providers that are required for running the application.
⇾ Contains “cache” directory for optimized configuration packages, services and route caching, to improve performance.

Blade templating engine helps to build the “view” layer of MVC in Laravel. Here are the key points of blade-

⇾ Makes it really easy to build the UI layer.
⇾ Organize the view by combining other blade files or components using directives @extends, @section, @yeild, @include, @component, etc.
⇾ Provides directives for conditional and loops, like @if, @else, @for, @foreach, etc.
⇾ Provides a way to print variables passed from controllers, ie. {{ $myVar }}.

app/Providers/AppServiceProvider.php file in Laravel is the default service provider that is loaded when the application starts.
Its primary purpose is to bootstrap the application by registering services, bindings, and performing any setup that is required at the beginning of the application’s lifecycle.

The AppServiceProvider class extends the ServiceProvider class, and contains 2 methods-
⇾ register() : used to register services to service container. This is where we bind classes, interfaces, or services to the container, to make it available for dependency injection.
⇾ boot(): contains tasks that need to happen after all services are registered, for example, event listeners, model bind, view composers.

Create a controller using the following command:
php artisan make:controller YourControllerName

For example, if we want to create controller for Customers, we name our controller CustomerController. So, use the following command:
php artisan make:controller CustomerController

Create a resource controller which contains method for CRUD operations – index, create, store, edit, update, destroy, by using --resource flag:
php artisan make:controller CustomreController --resource

Use the --api flag to create API controllers:
php artisan make:controller CustomerController --api


After creating the controller, we need to create the methods to the route file(routes/web.php or routes/api.php), to specify which method is responsible for handling which URL endpoint.

⇾ Inline Validation: Use the “validate” method from the Request object, and pass the validation rules as array-
class CustomerController extends Controller {
public function store(Request $request) {
$validatedData = $request->validate([
'name' => 'required|string|max:255',
'email' => 'required|email|unique:customers,email',
'phone' => 'nullable|digits:10',
]);
Customer::create($validatedData); return redirect()->back()->with('success', 'Customer created successfully.');
}
}

⇾ Form Request Validation: for large request, like form requests we can create a request using following command-
php artisan make:request StoreCustomerRequest

Then in the rules() method we can define our rules-
class StoreCustomerRequest extends FormRequest {
public function authorize() {
return true;
}
public function rules() {
return [
'name' => 'required|string|max:255',
'email' => 'required|email|unique:customers,email',
'phone' => 'nullable|digits:10', ];
}
public function messages() {
return [ ];
}
}

We can define custom error message in the messages() method.

Use the files in routes/ directory to define route. Here is what file to choose for what purpose-
⇾ routes/web.php – for web routes, for browser based requests.
⇾ routes/api.php – for API routes, which by default has prefix /api.
⇾ routes/console.php – for artisan console commands.
⇾ routes/channels.php – for broadcasting channels.

Here is how we can define route simply in the route file-
Route::get('/customers', function () {
$customers = Customer::all();
return response()->json($customers);
});

Here is how to define routes with controllers-
Route::get('/customers', [CustomerController::class, 'index']);
Route::post('/customers', [CustomerController::class, 'store']);

Set the param in route inside curly braces. For example, if we want to pass “id” to the customer route-
Route::get('/customers/{id}', [CustomerController::class, 'show']);

Add a question mark(?) to the parameter name to make it optional-
Route::get('/customers/{id?}', [CustomerController::class, 'show']);

Use the name function to define name for a route definition-
Route::get('/customer/{id}', [CustomerController::class, 'show'])->name('customer.profile');

Then we can use it to redirect to that route-
return redirect()->route('customer.profile', ['id' => 1]);

To get the URL use the route() method-
$url = route('customer.profile', ['id' => 1]);

Or link like this-
<a href="{{ route('customer.profile', ['id' => 1]) }}">Profile</a>

Check if the current route matches this profile route-
if (request()->routeIs('customer.profile')) {
// Do something
}

⇾ Use the prefix() function to set the prefix.
⇾ Use middleware() function to set middlewares.
⇾ Finally use the group function to group the routes.

Here is an example-
Route::prefix('admin')->middleware(['auth'])->group(function () {
Route::get('/dashboard', [AdminController::class, 'dashboard']);
Route::get('/profile', [ProfileController::class, 'profile']);
Route::get('/settings', [SettingController::class, 'settings']);
});

A resource route automatically generates controller methods for CRUD operations-
Route::resource('customers', CustomerController::class);

Here are the routes and controller methods, that a resource route generates-
⇾ GET /customers – index()
⇾ GET /customers/create – create()
⇾ GET /customers/{customer} – show()
⇾ POST /customers – store()
⇾ GET /customers/{customer}/edit – edit()
⇾ PUT/PATCH /customers/{customer} – update()
⇾ DELETE /customers/{id} – destroy()

Route model binding is the process where we can automatically inject model instance through route parameter, into our controller methods.

Define the following in route-
Route::get('/customers/{customer}', [CustomerController::class, 'show']);

Define it in the controller-
class CustomerController extends Controller {
public function show(Customer $customer) {
return view('customer.show', compact('customer'));
}
}

We call the URL-
https://bigboxcode.com/customers/1

Here is how the binding works-

⇾ Automatic Binding: Laravel automatic binds a route param to a model, based on the model name. This will automatically resolve to Customer model instance, identified by the primary key(id).

⇾ Explicit Binding: We can explicitely define which binding should resolve to which model. Add this to any service provider, in your AppServiceProvider, or create a new service provider RouteServiceProvider–

public function boot()
{
parent::boot();

Route::model('customer', \App\Models\CustomCustomer::class);
}

This binds the ‘customer‘ from the route to the model “CustomerCustomer“.

⇾ Custom Binding: We can define custom binding, say we want to fetch “Post” by “slug“, then we have to define the route as below-
Route::get('/post/{slug}', [PostController::class, 'show']);

Then defien the custom binding in your AppServiceProvider, or your custom RouteServiceProvider–
public function boot() {
parent::boot();

Route::bind('post', function ($slug) {
return Post::where('slug', $slug)->firstOrFail();
});
}

Middleware stays between an incoming request and application response.
It is used to filter and/or modify and/or restrict access to a certain route before the request reaches the controller.

Here are common usage of Laravel middleware-
⇾ Authentication – check if user is loggedin or not.
⇾ Authorization – check if the user(or role) has permission to access the resource.
⇾ CSRF Protection – validate a Cross-Site Request Forgery attempt.
⇾ Logging – tract the user or request activity.
⇾ CORS Handling – managing Cross-Origin Resource Sharing.
⇾ Request Modification – modify incoming request before it reaches to the controller.
⇾ Response Modification – modify outgoing request after the controller finished processing, and response being sent to the user.

Generate a middleware using artisan command-
php artisan make:middleware CheckUserRole

This will create a middleware file, and we can write our middleware logic inside the CheckUserRole.php –
class CheckUserRole
{
public function handle(Request $request, Closure $next): Response
{
if (!$request->user() || $request->user()->role !== 'admin') {
return redirect('/home');
}
return $next($request);
}

If it is a global middleware then register it in bootstra/app.php file, inside withMiddleware() –
->withMiddleware(function (Middleware $middleware) {
    $middleware->append(CheckUserRole::class);
})

For applying a middleware to a route use the middleware() function-
Route::get('/', function () {
// ...
})->middleware([CheckUserRole::class]);

⇾ Global Middleware: global middlewares are applicable to all request, and automatically run on every request to any route of the application.
⇾ Route Middleware: a route middleware only applies to the specific route.

We can pass the parameter while applying the middleware to route-
Route::get(‘/premium-content’, [ContentController::class, ‘premiumContent’])->middleware(‘subscription:premium,18’);

Then we can accept the values in the handle() method like below-
public function handle(Request $request, Closure $next, $subscriptionType, $ageRequirement) {
$user = $request->user();

if (!$user || $user->subscription_type !== $subscriptionType || $user->age < $ageRequirement) {
return redirect('/home');
}

return $next($request);
}

⇾ Before Middleware: before middlewares are executed before the request reaches to the controller.
class CheckIfAuthenticated {
public function handle($request, Closure $next) {
if (!auth()->check()) {
return redirect('/login');
}

return $next($request);
}
}

⇾ After Middleware: after middlewares are executed after the controller finish processing the request, and return the response.
class AddCustomHeader {
public function handle($request, Closure $next) {
$response = $next($request);
$response->headers->set('X-Custom-Header', 'Big Box Head');

return $response;
}
}

Throttle middleware is a builtin middleware in Laravel, that is used to limit the number of request by a client, in a certain time period.
Route::get('/customers', [CustomerController::class, 'index'])->middleware('throttle:60,1');

This allows 60 requests to the /customers endpoint in 1 minute.

If the limit exceeds then user gets-
Response Status: 429
Message: { “message”: “Too many requests.” }

⏵ Every time a request comes, Laravel saves the request count in cache(whatever cache driver you have set).
⏵ We can define our custom throttle middlewire.

Set priority of middleware in the withMiddleware method in bootstrap/app.php –
->withMiddleware(function (Middleware $middleware) {
$middleware->priority([
\App\Http\Middleware\CheckAuth::class,
\Illuminate\Auth\Middleware\CustomHeader::class,
]);
})

In this case the CheckAuth middleware will be executed first, then CustomHeader.

If we have multiple roles like, admin, manager, etc. and we want to give access to certain route to certain role-
Route::get('/admin', [AdminController::class, 'index'])->middleware('role:admin');
Route::get('/shop', [ShopController::class, 'index'])->middleware('role:manager');
Route::get('/dashboard', [DashboardController::class, 'index'])->middleware('role:admin,manager');

Here is the definition of the of the handle method of the middleware-
public function handle(Request $request, Closure $next, …$roles) {
if (!Auth::check() || !in_array(Auth::user()->role, $roles)) {
abort(403, 'Unauthorized');
}

return $next($request);
}

A terminable middleware that has a terminate() method in it, and this terminate method is executed after the request is sent to user.

This type of middleware would have 2 methods-
⇾ handle() – which is executed before request is sent to the user.
⇾ terminate() – which is executed after the request is sent to the user.

These terminate() method is used to tasks like logging, background processing and/or cleanup, etc.

Here is an example-
class SomeCustomMiddleware {
public function handle(Request $request, Closure $next) {
return $next($request);
}

public function terminate($request, $response) {
Log::info('Response sent to user- ', [ 'url' => $request->fullUrl(), 'status' => $response->status(), ]);
}
}

Database migration in Laravel work as version control for changes in database schema. We can save the database schema changes in PHP code.

We can also apply the changes in a migrations and revert the changes with simple artisan commands.

Use artisan command make:migration to create a migration-
php artisan make:migration create_customer_table

This will create a file in the database/migrations/ directory.

If needed, use -m flag to create migration, while creating the model.
php artisan make:model Customer -m

The migration file has a class with 2 methods-
⇾ up() – for applying the changes in database, when we run the migration.
⇾ down() – for reverting the changes when we want to rollback(the changes done in the up method).

Here is a sample migration file-
return new class extends Migration {
public function up(): void {
Schema::create('customers', function (Blueprint $table) {
$table->id();
$table->string('name');
$table->string('email')->unique();
$table->timestamps();
});
}
public function down(): void {
Schema::dropIfExists('customers');
}
};

Use the artisan command migrate to run the migration-
php artisan migrate

This will execute the up() method of the migration(s). This will run all the pending migrations.

Laravel saves the information of which migrations are already executed in the migrations table in database.

To revert the changes done by a migration, use the artisan command migrate:rollback –
php artisan migrate:rollback

This will run the down() method of the migration(s).

To rollback specific number of migrations use the –step flag-
php artisan migrate:rollback --step=3

Use the migrate:refresh command to rerun all the migrations-
php artisan migrate:refresh

This will drop all tables and re-run all the migrations.

To run seeder along with database migration refresh use the –seed flag-
php artisan migrate:refresh --seed

The foreignId() function is used establish the foreign key relationship in databases. This foreignId() is a shortcut to set id as foreign key-
Schema::create('orders', function (Blueprint $table) {
$table->id();
$table->foreignId('customer_id')->constrained();
$table->timestamps();
});

This use of foreignId() is equivalent to –
$table->foreign('customer_id')->references('id')->on('customers');

If there are lots of migration files, then we can split those in separate directories, like, user, customer, product, or any other logical groups.
the migrate command will run all migration from database/migrations and all it’s subdirectories.

If needed check the status of migration using migrate:status command-
php artisan migrate:status

If you want to check what queries will run in the next migration, without running the migration, us the –pretend flag –
php artisan migrate --pretend

Use the following command to create a schema file-
php artisan schema:dump

This will create a schema file in database/schema directory. And, next time you run the migration, it will take the schema from that schema file(the migration files will be ignored in that case). Using this schema will reduce the migrations time, in case of large migration.

Seeder is a class in Laravel, that is used to insert initial data or some dummy/test data into the database.

Use cases-
⇾ Initial data – add initial data set, like a user, admin user, customer, etc..
⇾ Dummy data – add dummy data for the development environment.
⇾ Config data – data set for configuration, like, country, city, customer type, order status, user role, permission, etc.
⇾ Test data – add date while running tests, to verify different operations.

Use artisan command make:seeder to create seeder-
php artisan make:seeder CustomerSeeder

This creates a file database/seeders/CustomerSeeder.php. This file extends Seeder and implements a run() function-
class CustomerSeeder extends Seeder {
public function run() {
// Creates a single record
Customer::create([
'name' => 'First User',
'email' => 'user1@bigboxcode.com',
]);

// Creates 10 random records
Customer::factory(10)->create();
}
}

This seeder is not executed by default, when we run the seeder command.

We need to register the seeder in the file database/seeders/DatabaseSeeder.php, in the run() method –
public function run() {
$this->call([
CustomerSeeder::class,
ProductSeeder::class,
OrderSeeder::class,
]);
}

All these registered seeders will be executed, when we run the artisan command db:seed.

Run the seeders by using the artisan command db:seed:
php artisan db:seed

We can run the seeders while running the migrations, use the –seed flag:
php artisan migrate --seed

These commands will run all the seeders registered in database/seeders/DatabaseSeeder.php.

If we want to run a specific seeder then use –class flag like below-
php artisan db:seed --class=CustomerSeeder

We can add condition like below-

⇾ Check count and add rows if there is no entry-
public function run() {
if (Customer::count() == 0) {
Customer::factory(10)->create();
}
}

⇾ Use the firstOrCreate to add record with condition-
public function run() {
Customer::firstOrCreate(
['email' => 'user1@bigboxcode.com'],
['name' => 'First User']
);
}

⇾ Check environment if environment is ‘local‘ or ‘testing‘ –
public function run() {
if (App::environment('local', 'testing')) {
Customer::factory(10)->create();
}
}

⇾ Check if admin exist, and add new admin if there is none-
public function run() {
if (!User::where('role', 'admin')->exists()) {
User::create([
'name' => 'Admin User',
'email' => 'admin@bigboxcode.com',
'role' => 'admin',
'password' => bcrypt('password'),
]);
}
}

Certain seeders need to run in production-
⇾ For adding configurations, like, user roles, country, city list, etc.
⇾ For adding default users, or some other values like this.

For everything else we like dummy data, we should add a checking for the environment, and add dummy data only for development environment.

Factory is feature in Laravel that allows us to generated dummy/fake data for database tables.
Factory uses Faker library to generate random data, and these dummy data are useful for development, and/or testing.

Faker is used to insert dummy/fake/random data to database.

But, seeder is used to insert specific data to database. Sometimes we use factory inside seeder, with the intention to insert fake data.

Use artisan command make:factory to create a factory, also set the model for that factory by using –model flag-
php artisan make:factory CustomerFactory --model=Customer

This will create a factory file database/factories/CustomerFactory.php, and we can define how the factory data will be generate-
class CustomerFactory extends Factory {
protected $model = Customer::class;
public function definition(): array {
return [
'name' => $this->faker->name,
'email' => $this->faker->unique()->safeEmail,
'phone' => $this->faker->phoneNumber,
'address' => $this->faker->address,
];
}
}

To enable the factory support for the Customer model, make sure that it uses the HasFactory trait-
class Customer extends Model {
use HasFactory;
}

Then we can use the factory anywhere we want-
Customer::factory()->count(10)->create();

Like in a seeder we can use-
class CustomerSeeder extends Seeder {
public function run() {
Customer::factory(50)->create();
}
}

Say we have 2 models, Order and Customer. Make sure the relation is defined in the model.
Then define the factories like below-
class CustomerFactory extends Factory {
protected $model = Customer::class;
public function definition(): array {
return [
'name' => $this->faker->name,
'email' => $this->faker->unique()->safeEmail,
];
}
}

Then in the order factory create customer along with the order-
class OrderFactory extends Factory {
protected $model = Order::class;
public function definition(): array {
return [
'customer_id' => Customer::factory(),
'order_number' => $this->faker->uuid,
'total' => $this->faker->randomFloat(2, 10, 500),
];
}
}

Faker is a PHP library for generating fake data for testing and development. This package is used to generate random data, like, names, emails, address, phone number, etc.

Yes, we can use factory to just generate data and return it, without inserting it to database.

Define a factory-
class CustomerFactory extends Factory {
protected $model = Customer::class;
public function definition(): array {
return [
'name' => $this->faker->name,
'email' => $this->faker->unique()->safeEmail,
];
}
}

Now use the make method to create data and return it-
$customer = Customer::factory()->make();
dd($customer);

or-
$customers = Customer::factory()->count(10)->make();
dd($customers);

Eloquent is the ORM(Object-Relation Mapper) shipped with Laravel. It provides an easy way to interact with the database.
Here are the key features of eloquent-
⇾ Active Record Pattern- each model represents a table from the database.
⇾ Expressive API– it has very easy and expressive for querying and other database operations.
⇾ Relationships – supports many relationships like one-to-one, one-to-many, many-to-many, hasManyThrough, etc.

There are many more features that Eloquent supports.

A model is Laravel represents a table in Laravel. And each object of the model, represents a record/row from the table.

Use the command make:model to create a model-
php artisan make:model Customer

This will create file app/models/Customer.php. This is how the model definition looks like-
class Customer extends Model {
use HasFactory;

protected $table = 'customers';
protected $fillable = ['name', 'email', 'phone'];
public $timestamps = true;
}

Use the all() function of the model-
$customers = Customer::all();

get() is for getting all records-
$customers = Customer::where('status', 'active')->get();

first() is for getting the first record record that matches the condition-
$customer = Customer::where('status', 'active')->first();

find() is for getting single record based on primary key-
$customer = Customer::find(10);

Use the create() method of the model-
$customer = Customer::create([
'name' => 'John Doe',
'email' => 'john@example.com',
'status' => 'active',
]);

$customer = Customer::find(1);
$customer->update([
'name' => 'Updated Name',
'status' => 'active',
]);

Find the record and delete-
$customer = Customer::find(1);
if ($customer) {
$customer->delete();
}

Use destroy() to delete by id-
Customer::destroy(1);

or pass array of ids-
Customer::destroy([2, 3, 4]);

Delete with where clause-
Customer::where('status', 'inactive')->delete();

Without auto-cascade-
$customer = Customer::find(1);
if ($customer) {
$customer->orders()->delete();
$customer->delete();
}

With auto-cascade, use the deleting event of database model, to auto delete related records-
class Customer extends Model {
protected static function boot() {
parent::boot();
static::deleting(function ($customer) {
$customer->orders()->delete(); });
}

public function orders() {
return $this->hasMany(Order::class);
}
}

Use the timestamps() method to add the timestamp related column to a table-
public function up(){
Schema::create('customers', function (Blueprint $table) {
$table->id();
$table->string('name');
$table->string('email')->unique();
$table->timestamps();
});
}

Using the $table->timestamps() will add columns “created_at” and “updated_at”. These columns are managed and updated by Laravel by default.

To disalbe timestamp for a model, use $timestamps = false, in the model-

class Customer extends Model {
public $timestamps = false;
}

Soft delete allows you to delete a record without permanently removing it from the database. In this case, Laravel sets the “deleted_at” timestamp, which is used to determine if the record is deleted or not.

Add the soft delete option to the migration to add the deleted at column-
public function up(){
Schema::table('customers', function (Blueprint $table) {
$table->softDeletes(); // Adds deleted_at column
});
}

Use the SoftDeletes trait on a model to enable soft delete.
use Illuminate\Database\Eloquent\SoftDeletes;
class Customer extends Model {
use SoftDeletes;
}

In any case if you want to get the deleted record, then use withTrashed() like below-
Customer::withTrashed()->find(1);

Use the restore() method to restore a soft deleted record-
$model->restore();

To force delete from database, use forceDelete()-
$model->forceDelete();

$fillable property is an allowlist (whitelist) that defines which attributes can be mass assigned.

class Customer extends Model {
protected $fillable = ['name', 'email', 'address'];
}

$guarded property is a blocklist (blacklist) that defines which attributes cannot be mass assigned-
class Customer extends Model {
protected $guarded = ['role'];
}

The “role” property will be ignored if provided in the model create.

Laravel query builder is an API provided by the Laravel framework, that we can use to interact with the database, in a fluent and expressive way.
⇾ We can use the query builder and query the database, without writing raw SQL queries.
⇾ Provides an easy-to-use, chainable interface for writing queries.
⇾ Automatically escapes parameters, to prevent SQL injection.

Eloquent ORM:
⇾ Uses Active Record pattern.
⇾ Imphesise on models(object to represent data), and relation between models(for database table relations).

Query Builder:
⇾ Uses Fluent Interface pattern.
⇾ Use it when we want to build complex queries without a model, when performance and flexibility are the priority.

$users = DB::table('users')
->where('age', '>', 18)
->where('name', 'BigBoxCode')
->join('posts', 'users.id', '=', 'posts.user_id')
->select('users.name', 'users.email', 'posts.title')
->orderBy('users.name')
->limit(10)
->get();