Laravel 5.3 Blog System - Admin Dashboard - Edit, Delete

Edit & Delete

resources/views/admin/posts/edit.blade.php

@extends('layouts.dashbord')

@section('content')
    <h2>Update Post</h2>
    <script type="text/javascript" src="//cdn.tinymce.com/4/tinymce.min.js"></script>
    <script type="text/javascript">
    tinymce.init({
        selector : "textarea",
        plugins : ["advlist autolink lists link image charmap print preview anchor", "searchreplace visualblocks code fullscreen", "insertdatetime media table contextmenu paste"],
        toolbar : "insertfile undo redo | styleselect | bold italic | alignleft aligncenter alignright alignjustify | bullist numlist outdent indent | link image"
    });
    </script>

    <form action="{{ url('/admin/posts/updatepost') }}" method="post" enctype="multipart/form-data">
        <input type="hidden" name="_token" value="{{ csrf_token() }}">
        <input type="hidden" name="post_id" value="{{ $post->id }}{{ old('post_id') }}">
        <input type="hidden" name="post_descriptions" value="{{ $post->id }}{{ old('post_id') }}">
        <div class="form-group">
            <p>Title</p>
            <input type="text" name="title" value="@if(!old('title')){{$post->title}}@endif{{ old('title') }}" required="required" placeholder="Enter title here" class="form-control">
            <br>
            <p>Description</p>
            <input type="text" name="description" value="@if(!old('description')){{$post->description}}@endif{{ old('description') }}" required="required" placeholder="Enter description here" class="form-control">
            <br>
            <!-- thumbnail upload -->
            <p>Thumbnail</p>
            <img src="{{ url('img/'.$post->images) }}" id ="showimages" style="max-width:200px;max-height:200px;float:left;"/>
            <div class="row">
                <div class="col-md-12">
                    <input type="file" id="inputimages" name="images">
                </div>
            </div>
        </div>

        <div class="form-group">
            <textarea name='body'class="form-control" rows="20">
                @if(!old('body'))
                    {!! $post->body !!}
                @endif
                {!! old('body') !!}
            </textarea>
        </div>
        @if($post->active == '1')
            <input type="submit" name='publish' class="btn btn-success" value = "Update"/>
        @else
            <input type="submit" name='publish' class="btn btn-success" value = "Publish"/>
        @endif
        <input type="submit" name='save' class="btn btn-default" value = "Save As Draft" />
        <a href="{{ url('admin/posts/deletepost/'.$post->id.'?_token='.csrf_token()) }}" onclick="return confirm('Are you sure to delete this data');" class="btn btn-danger">Delete</a>
    </form>
@endsection

App/Http/Controllers/Auth/PostController

public function edit(Request $request, $slug)
{
    public function edit(Request $request, $slug)
    {
        $post = Post::where('slug', $slug)->first();
        if ($post && ($request->user()->id == $post->author_id || $request->user()->is_admin()))
            return view('admin/posts/edit')->with('post', $post);
        return redirect('/')->withErrors('you have not sufficient permissions');
    }
}

public function update(Request $request)
{
    $post_id = $request->input('post_id');
    $post = Post::find($post_id);
    if ($post && ($post->author_id == $request->user()->id || $request->user()->is_admin())) {
        $title = $request->input('title');
        $slug = str_slug($title);
        $duplicate = Post::where('slug', $slug)->first();
        if ($duplicate) {
            if($duplicate->id != $post_id) {
                return redirect('admin/posts/editpost/'.$post->slug)->withErrors('Title already exists.')->withInput();
            }
            else {
                $post->slug = $slug;
            }
        }
        $post->title = $title;
        // thumbnail upload
        if ($request->file('images')) {
            $fileName = str_random(30);
            $request->file('images')->move("img/",$fileName);
        } else {
            $fileName = $post->images;
        }
        $post->images = $fileName;
        $post->body = $request->input('body');

        if ($request->has('save')) {
            $post->active = 0;
            $message = 'Post saved successfully';
            $goto = 'admin/posts/editpost/'.$post->slug;
        }
        else {
            $post->active = 1;
            $message = 'Post updated successfully';
            $goto = 'admin/posts/allposts';
        }
        $post->save();
        return redirect($goto)->withMessage($message);
    }
    else {
        return redirect('/')->withErrors('you have not sufficient permissions');
    }
}

public function destroy(Request $request, $id)
{
    $post = Post::find($id);
    if ($post && ($post->author_id == $request->user()->id || $request->user()->is_admin())) {
        $post->delete();
        $data['message'] = 'Post deleted Successfully';
    }
    else {
      $data['errors'] = 'Invalid Operation. You have not sufficient permissions';
    }
    return redirect('admin/posts/allposts')->with($data);
}

routes/web.php

Route::group(['middleware' => ['auth']], function() {
    ...
    // edit form
    Route::get('admin/posts/editpost/{slug}','Auth\PostController@edit');
    // update data
    Route::post('admin/posts/updatepost','Auth\PostController@update');
    // delete post
    Route::get('admin/posts/deletepost/{id}','Auth\PostController@destroy');

    Route::resource('admin/posts', 'Auth\PostController');
});