From 60fcf08cbc937a33e77c7c6b5aeea417710f354a Mon Sep 17 00:00:00 2001
From: Frank John Begornia <frank.begornia@yahoo.com>
Date: Thu, 26 Feb 2026 23:12:00 +0800
Subject: [PATCH] Enhance TestEmailController and view to include CSRF token
 and improve form security

---
 app/Http/Controllers/TestEmailController.php | 2 +-
 resources/views/test-email.blade.php         | 3 ++-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/app/Http/Controllers/TestEmailController.php b/app/Http/Controllers/TestEmailController.php
index 49729d9..562e412 100644
--- a/app/Http/Controllers/TestEmailController.php
+++ b/app/Http/Controllers/TestEmailController.php
@@ -10,7 +10,7 @@ class TestEmailController extends Controller
 
     public function show()
     {
-        return view('test-email');
+        return view('test-email', ['token' => csrf_token()]);
     }
 
     public function send(Request $request)
diff --git a/resources/views/test-email.blade.php b/resources/views/test-email.blade.php
index 7feefec..bf6786a 100644
--- a/resources/views/test-email.blade.php
+++ b/resources/views/test-email.blade.php
@@ -29,7 +29,8 @@
                 </div>
 
                 <form method="POST" action="{{ url('test-email/send') }}">
-                    {!! csrf_field() !!}
+                    <input type="hidden" name="_token" value="{{ csrf_token() }}">
+                    <input type="hidden" name="token" value="{{ $token }}">
                     <div class="form-group{{ $errors->has('recipient') ? ' has-error' : '' }}">
                         <label for="recipient">Recipient Email</label>
                         <input type="email"