How to safely use .env Variables in a Laravel Application

Working on Laravel Applications often requires accessing important variables from the configuration file, namely called the .env file. These are the .env variables, holding important data for the application. We can use the Laravel env() helper to access these variables. However, there is a more safer way to access these variables and also create new .env variables to add in .env files using the config() helper. 

You can read variables from the .env file using the config() helper function. For example, to read the app name, you can use config(''). We can read these variables using the env() helper function also. But, it is not recommended to use it to get data as it returns empty variables if the configuration is cached with the command shown below.

php artisan config:cache 

This command generates a file in bootstrap/cache/config.php that contains all the config values in an optimized format for better speed. 

php artisan config:clear

The command above will clear the cache again by removing even the bootstrap/cache/config.php file. 

To access configuration variables we can use the config helper or even the config facade, as shown below. 

// The most common and recommended way

$appName = config('');

// An equivalent way:

use Illuminate\Support\Facades\Config;

$appName = Config::get('');

// Avoid using env file:

$appName = env('APP_NAME');

Add Custom Config Variables to the .env file

Let’s go through the steps to add your own custom variables to an .env file. This variable can be accessed throughout your Laravel application. 

Step 1: Define your Custom Variables in .env file


Next, create a new file inside the config folder as custom.php, and define an array inside it that returns the value of your environment variable. 

return [

    'sample_variable' => env('sample_variable'),


Now, you can access this variable using the config() helper function. 

$value = config(sample.your_variable');

This value can be accessed anywhere in your application.

<a href="{{ config(sample.your_variable') }}">Link</a>

Laravel default config files

The config folder in Laravel holds many files responsible for the application’s operations. A newly installed Laravel project will provide the following config files. 

app.php/config/app.phpApplication level settings
auth.php/config/auth.phpAuthentication settings
broadcast.php/config/broadcast.phpReal-time event broadcasting data
cache.php/config/cache.phpCache configuration
cors.php/config/cors.phpCross origin resource sharing data
database.php/config/database.phpDatabase settings and data
filesystems.php/config/filesystems.phpFilesystems configuration
hashing.php/config/hashing.phpHashing data for password hashing
logging.php/config/logging.phpLogging configuration
mail.php/config/mail.phpEmail configuration
queue.php/config/queue.phpQueue configuration
sanctum.php/config/sanctum.phpLaravel Sanctum configuration
services.php/config/services.phpExternal services configuration
session.php/config/session.phpSession configuration
view.php/config/view.phpView configuration

Config files are better to use as compared to .env files for a number of reasons. 

  • Organized Data: they provide a structured approach to manage data, group related settings together. So, they are easier to locate and update. 
  • Better Version Control: config files can be easily tracked and managed using version control systems like Git. 
  • Flexible: Complex configuration structures, arrays, and nested loops can be defined in config files. Thereby, making them more flexible than .env files.
  • Caching: Laravel caches configuration files, and significantly improves application performance. However, caching is not possible with .env files, and accessing each environment variable requires file parsing, which leads to application overhead. 
  • Readable Code: config() helper function allows better code readability as compared to directly accessing the .env file. 

Reading data from configuration files is the recommended approach to access .env variables. It ensures we get data as per the predictable app behavior and avoid issues with empty values and configurations. Moreover they provide numerous benefits like organized data structure, flexible application structure, better application caching, flexible, and readable code.