middleware('allowed'); } public function index(): View { $settings = SettingGroup::with([ 'settings', ])->orderBy('order', 'ASC')->get(); return view('settings.list')->with([ 'groups' => $settings, ]); } /** * * @return RedirectResponse|View */ public function edit(int $id) { $setting = Setting::find($id); //die("s: ".$setting->label); if ((bool) $setting->system === true) { return abort(404); } if (! is_null($setting)) { return view('settings.edit')->with([ 'setting' => $setting, 'value' => $setting->value, ]); } else { $route = route('settings.list', []); return redirect($route) ->with([ 'errors' => collect([__('app.alert.error.not_exist')]), ]); } } public function update(Request $request, int $id): RedirectResponse { $setting = Setting::find($id); $user = $this->user(); $route = route('settings.index', []); try { if (is_null($setting)) { throw new Exception('not_exists'); } if ($setting->type === 'image') { $validatedData = $request->validate([ 'value' => 'image', ]); if (!$request->hasFile('value')) { throw new \Exception('file_too_big'); } $image = $request->file('value'); $extension = $image->getClientOriginalExtension(); if ($extension === 'svg') { $sanitizer = new Sanitizer(); $sanitizedSvg = $sanitizer->sanitize(file_get_contents($image->getRealPath())); // Verify that the sanitization removed malicious content if (strpos($sanitizedSvg, '