} }); /* |-------------------------------------------------------------------------- | CSRF Protection Filter |-------------------------------------------------------------------------- | | The CSRF filter is responsible for protecting your application against | cross-site request forgery attacks. If this special token in a user | session does not match the one given in this request, we'll bail. | */ Route::filter('csrf', function () { if (Session::token() !== Input::get('_token')) { throw new Illuminate\Session\TokenMismatchException(); } }); /** * Custom Filters */ // Only allow owner to see this record Route::filter('ownerMARecord', function ($route) { $ma_id = $route->getParameter('mentor_activities'); // Check if owner $record = MentorActivity::getMA($ma_id); $isOwner = $record->user_id === Session::get('user_id'); if (!$isOwner) { Session::flash('alert_danger', 'Access denied. You do not have access to the requested page.'); return Redirect::to(secure_url('/dashboard')); } });
/** * Remove the specified mentoractivity from storage. * * @param int $id * @return Response */ public function destroy($id) { MentorActivity::destroy($id); // return Redirect::route('mentor_activities.index'); return Redirect::to(secure_url('/dashboard')); }