laravel url / delete / id will delete a comment, need it be disabled


I can delete comments when i type this in the url.. /delete/{id} from the comment. I need that to be private/disabled.


Route::get('/delete/{id}', 'commentController@delete');


function delete($id)
    return back();


<a href="/delete/{{ $comment->id}}">
    <button type="submit" class="btn btn-danger pull-right">Delete</button>

I think you want to show delete comment links only for comment owner

so in your view you should have if condition

for example:

@if (Auth::user() && (Auth::user()->id == $comment->user_id))
    <a href="/delete/{{ $comment->id}}">   <button type="submit" class="btn btn-danger pull-right">Delete</button></a>

in this condition comment delete link only display for comment owner $comment->user_id is comment owner id that i dont know how you store it in your database

of course you should check it in you controller too like this:

if (Auth::user() && (Auth::user()->id == $comment->user_id)) {
    return back();
return 'you dont have permission';

and if you want to limit it only for admin , in condition you should check user is admin like this:

Auth::user()->id == [admin_id]

OR define a admin role and check

Auth::user()->role == 'admin'

Don't remember to study form-method-spoofing to choose best way to delete data in your database