Showing AI reviews for avriti-backend
Project AI Score ?
59%
Quality Avg ?
64%
Security Avg ?
45%
Reviews ?
57

Review Result ?

jattin01/avriti-backend · 4bc4309b
This commit introduces new APIs and admin controllers for managing Services and Contact submissions, including file upload and structured data. The code covers validation and basic error handling. However, there are some issues in input validation/sanitization, error handling, and missing security measures that could lead to vulnerabilities or bugs.
Quality ?
75%
Security ?
60%
Business Value ?
80%
Maintainability ?
68%
Issues & Suggested Fixes ?
1AI detects the issue
2Shows file, line, or evidence
3Suggests the fix to apply
File Upload: Allow Only Specific Extension...
Where app/Http/Controllers/AdminServiceController.php:47
Issue / Evidence File upload: allow only specific extensions instead of any image
Suggested Fix restrict to preferred file types to reduce risk
Missing Validation
Where app/Http/Controllers/AdminServiceController.php:53
Issue / Evidence Cards input validation: no deep validation of card fields
Suggested Fix add validation rules to ensure data consistency and prevent injection
Missing Validation
Where app/Http/Controllers/Api/ContactController.php:14
Issue / Evidence Email validation: use stricter email validation or sanitization
Suggested Fix prevent invalid data or injection
Lack Of Spam/Bot Protection On Contact Api
Where app/Http/Controllers/Api/ContactController.php:11
Issue / Evidence Lack of spam/bot protection on contact API
Suggested Fix add rate limiting, captcha or validation to reduce spam risk
Incorrect Use Of 'Casts' Method: It Should...
Where app/Models/Service.php:17
Issue / Evidence Incorrect use of 'casts' method: it should be a property $casts, not a method
Suggested Fix fix to properly cast 'cards' attribute
Add '$Casts' Property Definition For 'Card...
Where app/Models/Service.php:17
Issue / Evidence Add '$casts' property definition for 'cards' as array
Suggested Fix enable correct data handling for JSON fields
Missing Validation
Where app/Http/Controllers/Api/ServiceController.php:27
Issue / Evidence Card icon URLs: lack validation on filenames fetched from DB before using them in asset URL
Suggested Fix sanitize or whitelist filenames to prevent path traversal or XSS
Ambiguous And Typo 'Contect' Instead Of 'C...
Where commit message
Issue / Evidence Ambiguous and typo 'CONTECT' instead of 'CONTACT'
Suggested Fix improve clarity and professionalism by fixing spelling and describing the change clearly
Code Change Preview · app/Http/Controllers/AdminServiceController.php ?
Removed / Before Commit

                                                
Added / After Commit
+ <?php
+ 
+ namespace App\Http\Controllers;
+ 
+ use App\Models\Service;
+ use Illuminate\Http\RedirectResponse;
+ use Illuminate\Http\Request;
+ use Illuminate\Support\Facades\File;
+ use Illuminate\View\View;
+ 
+ class AdminServiceController extends Controller
+ {
+     public function index(): View
+     {
+         $service = Service::first() ?? new Service();
+         $svgFiles = $this->getSvgFiles();
+ 
+         return view('admin.service', compact('service', 'svgFiles'));
Removed / Before Commit
- \ No newline at end of file
Added / After Commit
+ <?php
+ 
+ namespace App\Http\Controllers\Api;
+ 
+ use App\Http\Controllers\Controller;
+ use App\Models\Contact;
+ use Illuminate\Http\Request;
+ 
+ class ContactController extends Controller
+ {
+     public function store(Request $request)
+     {
+         $request->validate([
+             'name'    => 'required|string',
+             'email'   => 'required|email',
+             'phone'   => 'nullable|string',
+             'message' => 'required|string',
+         ]);
Removed / Before Commit

                                                
Added / After Commit
+ <?php
+ 
+ namespace App\Http\Controllers\Api;
+ 
+ use App\Http\Controllers\Controller;
+ use App\Models\Service;
+ 
+ class ServiceController extends Controller
+ {
+     public function index()
+     {
+         $service = Service::first();
+ 
+         if (! $service) {
+             return response()->json([
+                 'success' => true,
+                 'message' => 'Services fetched successfully',
+                 'data'    => null,
Removed / Before Commit

                                                
Added / After Commit
+ <?php
+ 
+ namespace App\Models;
+ 
+ use Illuminate\Database\Eloquent\Model;
+ 
+ class Contact extends Model
+ {
+     //
+     protected $fillable = [
+         'name',
+         'email',
+         'phone',
+         'message',
+     ];
+ }
Removed / Before Commit

                                                
Added / After Commit
+ <?php
+ 
+ namespace App\Models;
+ 
+ use Illuminate\Database\Eloquent\Model;
+ 
+ class Service extends Model
+ {
+     protected $fillable = [
+         's_heading',
+         's_sub_heading',
+         's_description',
+         's_image',
+         'cards',
+     ];
+ 
+     protected function casts(): array
+     {
Removed / Before Commit

                                                
Added / After Commit
+ <?php
+ 
+ use Illuminate\Database\Migrations\Migration;
+ use Illuminate\Database\Schema\Blueprint;
+ use Illuminate\Support\Facades\Schema;
+ 
+ return new class extends Migration
+ {
+     /**
+      * Run the migrations.
+      */
+     public function up(): void
+     {
+         Schema::create('services', function (Blueprint $table) {
+             $table->id();
+             $table->string('s_heading');
+             $table->string('s_sub_heading')->nullable();
+             $table->longText('s_description')->nullable();
Removed / Before Commit

                                                
Added / After Commit
+ <?php
+ 
+ use Illuminate\Database\Migrations\Migration;
+ use Illuminate\Database\Schema\Blueprint;
+ use Illuminate\Support\Facades\Schema;
+ 
+ return new class extends Migration
+ {
+     /**
+      * Run the migrations.
+      */
+     public function up(): void
+     {
+         Schema::create('contacts', function (Blueprint $table) {
+             $table->id();
+             $table->string('name');
+             $table->string('email');
+             $table->string('phone')->nullable();
Removed / Before Commit

                                                
Added / After Commit
+ @extends('layouts.app')
+ 
+ @section('title', 'Services Page | Avriti Dashboard')
+ 
+ @push('styles')
+ <link href="https://cdn.quilljs.com/1.3.6/quill.snow.css" rel="stylesheet" />
+ <style>
+   .icon-option-wrap { display: flex; align-items: center; gap: 8px; }
+   .char-count { font-size: 11px; color: #9ca3af; text-align: right; margin-top: 4px; }
+   .char-count.warn { color: #ef4444; }
+ </style>
+ @endpush
+ 
+ @section('content')
+ 
+ <div class="mb-6 flex flex-col gap-4 sm:flex-row sm:items-center sm:justify-between">
+   <div>
+     <h1 class="text-2xl font-semibold text-[#0b3dba]">Services Page</h1>
Removed / Before Commit
- </div>
- 
- {{-- CMS Group --}}
-     @php $cmsOpen = request()->routeIs('home-page.*', 'about-page.*', 'faq.*'); @endphp
- <div>
- <button type="button" id="cmsToggle"
- class="w-full flex items-center justify-between px-3 py-2.5 rounded-xl text-white/70 hover:bg-white/10 hover:text-white transition">
- <i class="fa-solid fa-circle-question"></i>
- FAQs
- </a>
- </div>
- </div>
Added / After Commit
+ </div>
+ 
+ {{-- CMS Group --}}
+     @php $cmsOpen = request()->routeIs('home-page.*', 'about-page.*', 'faq.*', 'service-page.*'); @endphp
+ <div>
+ <button type="button" id="cmsToggle"
+ class="w-full flex items-center justify-between px-3 py-2.5 rounded-xl text-white/70 hover:bg-white/10 hover:text-white transition">
+ <i class="fa-solid fa-circle-question"></i>
+ FAQs
+ </a>
+         <a href="{{ route('service-page.index') }}" class="flex items-center gap-3 px-3 py-2 rounded-xl text-sm {{ request()->routeIs('service-page.*') ? $activeClass : $inactiveClass }}">
+           <i class="fa-solid fa-hand-sparkles"></i>
+           Services Page
+         </a>
+ </div>
+ </div>
Removed / Before Commit
- use App\Http\Controllers\Api\AboutController;
- use App\Http\Controllers\Api\HomeController;
- use App\Http\Controllers\Api\FaqController;
- 
- Route::post('/register', [AuthController::class, 'apiRegister'])->name('api.register');
- Route::post('/login', [AuthController::class, 'apiLogin'])->name('api.login');
- Route::get('/product', [ProductController::class, 'index']);
- Route::get('/about', [AboutController::class, 'index']);
- Route::get('/faqs', [FaqController::class, 'index']);
- Route::get('/home', [HomeController::class, 'index']);
- \ No newline at end of file
- \ No newline at end of file
Added / After Commit
+ use App\Http\Controllers\Api\AboutController;
+ use App\Http\Controllers\Api\HomeController;
+ use App\Http\Controllers\Api\FaqController;
+ USE App\Http\Controllers\Api\ServiceController;
+ USE App\Http\Controllers\API\ContactController;
+ 
+ Route::post('/register', [AuthController::class, 'apiRegister'])->name('api.register');
+ Route::post('/login', [AuthController::class, 'apiLogin'])->name('api.login');
+ Route::get('/product', [ProductController::class, 'index']);
+ Route::get('/about', [AboutController::class, 'index']);
+ Route::get('/faqs', [FaqController::class, 'index']);
+ \ No newline at end of file
+ Route::get('/home', [HomeController::class, 'index']);
+ Route::get('/services', [ServiceController::class, 'index']);
+ Route::post('/contact', [ContactController::class, 'store']);
+ \ No newline at end of file
Removed / Before Commit
- use App\Http\Controllers\AdminAboutController;
- use App\Http\Controllers\AdminHomeController;
- use App\Http\Controllers\AdminFaqController;
- use Illuminate\Support\Facades\Route;
- 
- Route::get('/', function () {
- Route::put('/faq', [AdminFaqController::class, 'update'])->name('faq.update');
- Route::get('/about-page', [AdminAboutController::class, 'index'])->name('about-page.index');
- Route::put('/about-page', [AdminAboutController::class, 'update'])->name('about-page.update');
- Route::post('/logout', [AuthController::class, 'logout'])->name('logout');
- });
Added / After Commit
+ use App\Http\Controllers\AdminAboutController;
+ use App\Http\Controllers\AdminHomeController;
+ use App\Http\Controllers\AdminFaqController;
+ use App\Http\Controllers\AdminServiceController;
+ use Illuminate\Support\Facades\Route;
+ 
+ Route::get('/', function () {
+ Route::put('/faq', [AdminFaqController::class, 'update'])->name('faq.update');
+ Route::get('/about-page', [AdminAboutController::class, 'index'])->name('about-page.index');
+ Route::put('/about-page', [AdminAboutController::class, 'update'])->name('about-page.update');
+     Route::get('/service-page', [AdminServiceController::class, 'index'])->name('service-page.index');
+     Route::put('/service-page', [AdminServiceController::class, 'update'])->name('service-page.update');
+ Route::post('/logout', [AuthController::class, 'logout'])->name('logout');
+ });