validateGuestbookPost($user, $request); $user->profileGuestbook()->create([ 'user_id' => Auth::id(), 'message' => $request->input('message'), ]); return redirect()->back()->with('success', __('Your message has been posted.')); } public function destroy(User $user, WebsiteUserGuestbook $guestbook): RedirectResponse { if ($guestbook->user_id !== Auth::id() && $guestbook->profile_id !== $user->id && Auth::user()->rank < (int) setting('min_staff_rank')) { return redirect()->back()->withErrors([ 'message' => __('Do do not have permission to delete this message'), ]); } $guestbook->delete(); return redirect()->back()->with('success', __('Your message has been deleted.')); } private function validateGuestbookPost(User $user, GuestbookFormRequest $request): ?RedirectResponse { if ($user->id === $request->user()->id) { return $this->redirectWithError(__('You cannot post a message on your own profile.')); } $maxAllowedPostCount = empty(setting('max_guestbook_posts_per_profile')) ? 3 : (int) setting('max_guestbook_posts_per_profile'); if ($user->profileGuestbook()->where('user_id', $request->user()->id)->count() >= $maxAllowedPostCount) { return $this->redirectWithError(__('You have already posted :count messages on this profile.', ['count' => $maxAllowedPostCount])); } return null; } private function redirectWithError(string $message): RedirectResponse { return redirect()->back()->withErrors(['message' => $message]); } }