Skip to main content
Quick Tip

Avoid data leakage when using orWhere on a relationship 

$user->posts()
    ->where('active', 1)
    ->orWhere('votes', '>=', 100)
    ->get();

Returns: ALL posts where votes are greater than or equal to 100 are returned

select * from posts where user_id = ? and active = 1 or votes >= 100
use Illuminate\Database\Eloquent\Builder;
 
$users->posts()
    ->where(function (Builder $query) {
        return $query->where('active', 1)
                    ->orWhere('votes', '>=', 100);
    })
    ->get();

Returns: Users posts where votes are greater than or equal to 100 are returned

select * from posts where user_id = ? and (active = 1 or votes >= 100)

Tip given by @BonnickJosh

Enjoyed This Tip?

Get access to all premium tutorials, video and text courses, and exclusive Laravel resources. Join our community of 10,000+ developers.

Join Premium - $29/month View All Plans

Recent Courses

Laravel Modules and DDD

16 lessons
1 h 59 min

How to Build Laravel 12 API From Scratch

28 lessons
1 h 21 min

Claude Code for Laravel Projects: Crash Course

8 lessons
48 min

We'd Love Your Feedback

Tell us what you like or what we can improve

Feel free to share anything you like or dislike about this page or the platform in general.