php mass assignment是什么？中文怎么翻译呢

12年的时候，就有这个概念的了，最早是在Ror上面提出来的。之后Laravel也提出了这个概念。

意思是：在数据库里面创建一个条新的数据的时候，有一些不必要（不能）更新的数据在没有特别的代码过虑(filter)的情况下可能会被恶意更新（创建）。

我觉得可以翻译成：批量赋值

参考：
Ror上面的提问;
Laravel上面的回答;
StackOverFlow上面的回答;
专门的解释;

举例：

Mass assignment is when you send an array to the model creation, basically setting >a bunch of fields on the model in a single go, rather than one by one, something >like:

$user = new User(Input::all());
(This is instead of explicitly setting each value on the model separately.)

You can use fillable to protect which fields you want this to actually allow for >updating.

Let's say in your user table you have a field that is user_type and that can have >values of user / admin

Obviously, you don't want users to be able to update this value. In theory, if you >used the above code, someone could inject into a form a new field for user_type and >send 'admin' along with the other form data, and easily switch their account to an >admin account... bad news.

By adding:

$fillable = array('name', 'password', 'email');
You are ensuring that only those values can be updated using mass assignment

To be able to update the user_type value, you need to explicitly set it on the model and save it, like this:

$user->user_type = 'admin';
$user->save();