Merge pull request #3988 from Laravel-Backpack/make-requests-modifiab…

…le-v2

Make requests modifiable v2

src/app/Http/Controllers/Operations/CreateOperation.php

@@ -76,7 +76,7 @@ public function store()
         $request = $this->crud->validateRequest();
 
         // insert item in the db
-        $item = $this->crud->create($this->crud->getStrippedSaveRequest());
+        $item = $this->crud->create($this->crud->getStrippedSaveRequest($request));
         $this->data['entry'] = $this->crud->entry = $item;
 
         // show a success message

src/app/Http/Controllers/Operations/UpdateOperation.php

@@ -89,10 +89,11 @@ public function update()
 
         // execute the FormRequest authorization and validation, if one is required
         $request = $this->crud->validateRequest();
+
         // update the row in the db
         $item = $this->crud->update(
             $request->get($this->crud->model->getKeyName()),
-            $this->crud->getStrippedSaveRequest()
+            $this->crud->getStrippedSaveRequest($request)
         );
         $this->data['entry'] = $this->crud->entry = $item;
 

src/app/Library/CrudPanel/Traits/Fields.php

@@ -426,16 +426,19 @@ public function getAllFieldNames()
     /**
      * Returns the request without anything that might have been maliciously inserted.
      * Only specific field names that have been introduced with addField() are kept in the request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return array
      */
-    public function getStrippedSaveRequest()
+    public function getStrippedSaveRequest($request)
     {
         $setting = $this->getOperationSetting('strippedRequest');
 
         if (is_callable($setting)) {
-            return $setting($this->getRequest());
+            return $setting($request);
         }
 
-        return $this->getRequest()->only($this->getAllFieldNames());
+        return $request->only($this->getAllFieldNames());
     }
 
     /**