• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
a form validation issue

#1
Hi,
I have a form validation issue.

here's the code
Code:
  $this->form_validation->set_rules('pass','password','required|min_length[8]|callback_access');

When I used CI 3.0.6 , it could run "required", "min_length[8]" and "callback_access" function together.
But it won't work together when I update to CI 3.1.0.

If I remove "callback_access" function (as bellow), then "required" and "min_length[8]" can be work correctly.
Code:
  $this->form_validation->set_rules('pass','password','required|min_length[8]');
the callback function:

Code:
public function access(){

   $acc  = $this->input->post('acc', TRUE);
   $pass = md5($this->input->post('pass', TRUE));

   $user = $this->login->select_user($acc);    //model

   if(!empty($user)){

       if($user->db_password == $pass){
           //save sessions
           return TRUE;
       }else{
           $this->form_validation->set_message('access',"account or password was incorrect");
           return FALSE;
       }
   }else{
       $this->form_validation->set_message('access',"account or password was incorrect");
       return FALSE;
   }
}
How do I fix this?
Thanks!!
Reply

#2
It sounds like there is something wrong with your callback. Can you post your callback function?
Reply

#3
I checked the system/libraries/Form_validation.php file(CI 3.1.0), I was wondering is it because of the _prepare_rules function? So, the callback function and rule's order was change.
It says ""Callbacks" are given the highest priority (always called), followed by 'required' (called if callbacks didn't fail), and then every next rule depends on the previous one passing.
So, the "callback" function will be run first, then "required" rule and others?

Sorry, I'm not a native English speaker, maybe I misunderstand the meaning.Sad
Reply

#4
You posted this on Stack Overflow as well, and there they said the same thing I did - Can you post the callback function so we can have a look at it. There is nothing wrong with CI, it sounds like you have a problem with your callback function.
Reply

#5
What version of PHP are you running?

Officially dropped any kind of support for PHP 5.2.x and anything under 5.3.7.
What did you Try? What did you Get? What did you Expect?

Joined the CodeIgniter Community in 2009.          ( Skype: insitfx )
Reply

#6
(08-09-2016, 11:04 AM)InsiteFX Wrote: What version of PHP are you running?

Officially dropped any kind of support for PHP 5.2.x and anything under 5.3.7.

I use PHP 5.4.16
Reply

#7
(08-09-2016, 05:06 AM)PaulD Wrote: You posted this on Stack Overflow as well, and there they said the same thing I did - Can you post the callback function so we can have a look at it. There is nothing wrong with CI, it sounds like you have a problem with your callback function.

Yes, I posted this on Stack Overflow too, because I'm not sure I posted here successfully. It didn't show the post immediately.
So, I asked the same question there.
Then I read the help documents, so I understand that I needed permission to post a new thread.

And I posted callback function in #1.
Reply

#8
So I created a test view for you:
PHP Code:
<p>Message: <?php echo $message?></p>

<?php echo form_open(); ?>
    <input type="text" name="pass" id="pass" value="" />
    <?php echo form_error('pass'); ?>
    <input type="submit" value="send" />
</form> 

And a test controller with the following:
PHP Code:
$this->form_validation->set_error_delimiters('''');
$this->form_validation->set_rules('pass','password','required|min_length[8]|callback_access');
if (
$this->form_validation->run()) 

 
   $message 'passed';
}
$page_data['message'] = $message

With this function to mimic your callback (although simplified, and I create values manually)
PHP Code:
public function access(){
 
       $this->form_validation->set_message('access',"account or password was incorrect");
 
       // made up some values to test
 
       $acc  '1234';
 
       $pass $this->input->post('pass'TRUE);
 
       $user = array('db_password' => 'yellowstone'); 

 
       if( (!empty($user)) AND ($user['db_password'] == $pass) )
 
       {
 
           return TRUE;
 
       }

 
       return FALSE;


And it behaved and worked prefectly in latest CI3.

Input blank: failed required test with correct error message
Input short: failed min_length test with correct error message
Input wrong: failed callback password test with correct error message
Input correct: passed validation with correct error message

There is no issue with callbacks per se.

Quote:But it won't work together when I update to CI 3.1.0.
What errors are you getting, or what is happening that 'doesn't work'.
Try replacing your callback function values with hardcoded ones like I did. If it works then, the problem is in your login library

Hope that helps,

Paul.

PS You definitely should NOT be using md5 to store passwords.
https://hashkiller.co.uk/md5-decrypter.aspx

Why not use native php password hashing.
For example:
PHP Code:
// encrypting
$encrypted_password password_hash($passwordPASSWORD_DEFAULT);

// comparison
if (password_verify($password$user['encrypted_password']))
{
 
   // Passwords match

Although there are other option for usage of these funtions - worth reading in the docs.
http://php.net/manual/en/function.password-hash.php
Reply

#9
Code:
$this->form_validation->set_message('required', "%s required");
$this->form_validation->set_rules('pass','password','required|min_length[8]|callback_access');

Thanks, Paul.
It doesn't work together means:
I thought the required rule would run first, then min_length rule, then callback function.

First, if password input text is empty(didn't type anything), then I press the submit button, I thought it would show 'password required'. But it didn't , it show the callback message "account or password was incorrect".
Second, if I type something in the password input text, but the length was under 8, then it would show "The password field must be at least 8 characters in length.". But it show the callback message "account or password was incorrect". Huh


In CI 3.0.6 (Error messages worked well.)
Input blank: shows the message 'password required'.
Input short: shows the message 'The password field must be at least 8 characters in length.'
Input wrong: shows the message 'account or password was incorrect'.
Input correct: passed.

In CI 3.1.0
Input blank: shows the message 'account or password was incorrect'. (ignore required rule)
Input short: shows the message 'account or password was incorrect'. (ignore min_length rule)
Input wrong: shows the message 'account or password was incorrect'. (correct)
Input correct: passed.(correct)

Why were they directly jump to the callback function , but ignore required and min_length rules. These are my issue.
Should I separate rules and callback function into a different text rule, such as the code bellow?
I mean, Couldn't they set together?

Code:
$this->form_validation->set_message('required', "%s required");
$this->form_validation->set_rules('acc','account','callback_login_access');
$this->form_validation->set_rules('pass','password','required|min_length[8]');


By the way, I'll use password_hash(). Thank you so much. Smile
Reply

#10
My apologies, you are absolutely right.

I was wondering about your problem when I discovered my test site was running 3.06 or something like that. I upgraded to 3.1 and ran the same test I posted before, and the callback is being called first.

Looking into this now.

Best wishes,

Paul.
Reply


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


Users browsing this thread:
1 Guest(s)


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2017 MyBB Group.