The base model has one purpose out of the box; it sets the
$guarded property to an empty array. This means you can avoid those situations where you forgot to update the
$fillable property and were hit with a
You are of course free to modify this base model to encapsulate any funtionality you require in all of your application's models on a per-application basis.
It is important that you never pass
request()->all() into any of your models' methods that allow mass assignment, such as
update. Always use
request()->only() to ensure only desired input is being passed into your models, irrespective of what was in the request.
Explicit safety, right in your controllers - rather than the implicit and somewhat hidden safety of the
The PSR-2 styles that are used with Founder define the order various components should be defined within a class. In the specific case of Eloquent models, the following convention should be used for ordering.
As outlined in the general docs, wherever possible encapsulate any relationship methods for create and update operations behind specific methods. Encapsulating this logic prevents the implementation details from leaking into your controllers.