How to Fix MassAssignmentException in Laravel

Mass assignment is a security vulnerability, which occurs when a malicious user passes unexpected HTTP parameters along with the request to the web server in order to gain access he is not supposed to.

Laravel comes with a built-in feature which allows you to protect your application against this security risk. In Laravel, you need to manually specify the list of database columns i.e variables you need to save inside the database using Eloquent’s create method which can be Mass Assigned. To specify the list of variables you need to use $fillable property inside your Model.


namespace App;

use Illuminate\Database\Eloquent\Model;

class User extends Model
    protected $fillable = ['first_name','last_name'];

For example, we can make first_name and last_name in Laravel Mass assignable by passing it to protected $fillable property in form of an array. You can also specify a list of database columns which cannot be mass assigned using the $guraded property in a similar way.

Whenever you try to save a variables using Eloquent’s create method which are not Mass assignable, Laravel will throw a MassAssignmentException error to your screen.

Read Also: Integrating Facebook Login into Laravel application


Leave a Comment.