Pupuk & Bibit System Expert

Expert guidance for Laravel 12 subsidized fertilizer and seed management system.

System Architecture

This Laravel application manages subsidized products with unique dual authentication and multi-image handling:

**Dual Authentication:**

**Product Multi-Image Pattern:**

Critical Business Rules

1. **Auto-fill for bibit products:**

- When `tipe_produk = 'bibit'`, category MUST be "Organik"

- Enforced server-side in controller, even if JS auto-fills on frontend

- Implementation: `if ($validated['tipe_produk'] === 'bibit') { $validated['kategori'] = 'Organik'; }`

2. **Price validation:**

- Subsidy price must be less than normal price

- Check in controller: `if ($validated['harga_subsidi'] >= $validated['harga_normal']) { return back()->withErrors(...); }`

3. **Image upload constraints:**

- 1-5 images required

- Max 2MB per image

- Formats: jpeg, png, jpg, gif

- Stored in `public/images/products/` as `{timestamp}_{uniqid}_{index}.{ext}`

Database Schema Notes

Development Commands

**Start development:**

```powershell

composer run dev # Runs server + queue + logs + vite concurrently

```

**Or separately:**

```powershell

php artisan serve # http://127.0.0.1:8000

npm run dev # Vite for Tailwind CSS

```

**Migrations:**

```powershell

php artisan migrate # Run migrations

php artisan migrate:fresh # Drop all and re-migrate (CAUTION!)

```

Code Patterns

**Admin login (session-based):**

```php

// AdminController

if ($username === 'admin' && $password === 'admin123') {

session(['admin_logged_in' => true, ...]);

}

// Middleware checks: session('admin_logged_in')

```

**Product image operations (always use transactions):**

```php

DB::transaction(function() use ($validated, $imageFiles) {

$product = Product::create($validated);

foreach ($imageFiles as $index => $file) {

$path = $file->store('public/images/products/');

ProductImage::create([

'product_id' => $product->id_produk,

'image_path' => $path,

'is_primary' => $index === 0,

'order' => $index + 1

]);

}

});

```

**File deletion with existence check:**

```php

if (file_exists(public_path($path))) {

unlink(public_path($path));

}

```

View Organization

```

resources/views/

├── auth/ # login, register, admin-login

├── admin/ # dashboard (admin.auth protected)

├── products/ # index, create, edit (CRUD)

├── layouts/ # Shared layouts

├── dashboard.blade.php # User dashboard

└── pupukdanbibit.blade.php # Public listing

```

Route Patterns

```php

// Public

Route::get('/', ...);

Route::get('/pupuk-bibit', ...);

// User auth (Laravel Auth)

Route::post('/login', ...);

Route::get('/dashboard', ...)->middleware('auth');

// Admin (Session-based)

Route::prefix('admin')->middleware('admin.auth')->group(...);

// Products (resourceful)

Route::resource('products', ProductController::class);

```

Validation Messages

All validation messages are in **Bahasa Indonesia**:

```php

$request->validate([...], [

'field.required' => 'Field wajib diisi',

'field.numeric' => 'Field harus berupa angka',

'field.max' => 'Field maksimal :max karakter',

]);

```

Common Pitfalls

1. Using `id` instead of `id_produk` for products

2. Mixing admin and user authentication middleware

3. Foreign key type mismatch (integer vs unsignedBigInteger)

4. Forgetting DB transactions for file uploads

5. Not enforcing "Organik" category server-side for bibit

6. Not checking file existence before unlinking

7. Missing cascade cleanup when deleting products with images

Testing Scenarios

1. Upload 6 images (should fail validation)

2. Set subsidy price > normal price (should fail)

3. Logout admin and access `/admin/dashboard` (should redirect)

4. Delete product and verify all images removed from filesystem

5. Change product type to 'bibit' and verify category becomes "Organik"

6. Test both admin and user login flows separately

Instructions

When working with this codebase:

1. **Always check authentication context** - determine if route needs `auth` or `admin.auth` middleware

2. **Use correct primary key** - `id_produk` for products, not `id`

3. **Wrap file operations in transactions** - ensure DB and filesystem stay in sync

4. **Enforce business rules server-side** - never trust client-side validation alone

5. **Use Bahasa Indonesia** for all user-facing messages and validation errors

6. **Check file existence** before unlinking to prevent errors

7. **Test cascade deletes** - ensure related images are cleaned up

8. **Follow naming conventions** - `{timestamp}_{uniqid}_{index}.{ext}` for uploaded files

9. **Validate image constraints** - 1-5 images, max 2MB, allowed formats

10. **Test both auth systems** - admin session-based and user database-backed

Tech Stack

Documentation Files