Username And Email Login Form Validation Question

I have one input field called type where the user can enter his/her email or username

Code:

<div class="form-group">
<label>Username Or Email</label>
<?php echo form_input('type', $type, array('class' => 'form-control'));?>
</div>

On my form validation rules check I have this 

Code:

$this->form_validation->set_rules('type', 'Username Or Email', 'trim|required'); 

But because the type input can be username or email can not use valid_email I have this 

Code:

$this->form_validation->set_rules('type', 'Username Or Email', 'trim|required|valid_email'); 

QUESTION: How can I check if the user enters email that it can check is valid_email but if the user enters username will not need to check valid_email do I need to do a separate callback? 

Code:

public function validateForm() {
$input_type = $this->input->post('type',  true);
$input_password = $this->input->post('password', true);

$stored_hash = $this->user_model->get_password($input_type);

$this->form_validation->set_rules('type', 'Username Or Email', 'trim|required');
$this->form_validation->set_rules('password', 'password', 'trim|required');

if (!$this->form_validation->run()) {

if (form_error('type')) {
$this->error['type'] = form_error('type');
}

if (form_error('password')) {
$this->error['password'] = form_error('password');
}

}

if (!empty($input_password) && !password_verify($input_password, $stored_hash)) {
$this->error['warning'] = 'Opp\'s username and or password incorrect!';
}

return !$this->error;
}

Attached Files

  Login.php (Size: 2.4 KB / Downloads: 110)

There's only one rule - please don't tell anyone to go and read the manual.  Sometimes the manual just SUCKS!

I think u need custom validation method:


1. in application/libraries create file MY_Form_validation.php

and define your custom method there

PHP Code:

<?php

class MY_Form_validation extends CI_Form_validation {

    function __construct($config = array()) {
        parent::__construct($config);
        $this->set_error_delimiters( '<div class="has-error">', '</div>' );
    }
public function is_valid_email_or_username($user_input){
//validation codes here
//if valid 
return true;
//else 
return false;

}
} 


2. library validation is in the exactly same way:  $this->load->library('form_validation'); it will load your form_validation extension automaticly


3. and $this->form_validation->set_rules('type', 'Username Or Email', 'trim|required|is_valid_email_or_username'); 
4. for validation error message u can set custom error message for your custom validation rule. in application/language/your_lang/form_validation_lang.php
add $lang['is_valid_email_or_username'] = "Error messafe {field}";

5. I am not sure but as u inherited system form_validation library you should be able to use $this->valid_email($user_input) in your custom validatio method

Why validate it? If it's a login form, you don't need to validate that the email is valid. Just check it against your DB for a match in username or email column.

Why validate it? If it's a login form, you don't need to validate that the email is valid. Just check it against your DB for a match in username or email column.

Thank you for advice will go that way I think

There's only one rule - please don't tell anyone to go and read the manual.  Sometimes the manual just SUCKS!

Why? Because of performance.

I believe it's best practice to make as simple sql queries as possible. I you can get rid of a OR statement in your query with a few lines of php I believe it's woth it anytime.

Compare using

Code:

SELECT id,username,email,salt FROM users WHERE email='PostData' LIMIT 1

(Or if you determine 'PostData' is not a valid emailaddress)

Code:

SELECT id,username,email,salt FROM users WHERE username='PostData' LIMIT 1

To:

Code:

SELECT id,username,email,salt FROM users WHERE email='PostData' OR username='PostData' LIMIT 1

Why? Because of performance.

I believe it's best practice to make as simple sql queries as possible. I you can get rid of a OR statement in your query with a few lines of php I believe it's woth it anytime.

Compare using

Code:

SELECT id,username,email,salt FROM users WHERE email='PostData' LIMIT 1

(Or if you determine 'PostData' is not a valid emailaddress)

Code:

SELECT id,username,email,salt FROM users WHERE username='PostData' LIMIT 1

To:

Code:

SELECT id,username,email,salt FROM users WHERE email='PostData' OR username='PostData' LIMIT 1

Anytime I find myself worrying about performance, I compare my app to WordPress, and then I know that then I know little things don't matter so much. Unless something changed, WordPress is like 30 queries just to load a basic page 

Brian's Web Design - Temecula, CA
Community Auth For CodeIgniter 3
Community Auth

Yeah, dont get me starting about Wordpress, sigh... The last few year a couple of customers 'demanded' their new website should be in Wordpress (probably only because their management/CEO can then brag about it to their golf buddies). I like to broaden my horizon so went along with it. But the more I work with it the more I hate the product. I find it insane that one would need some expensive VPS or varnish hosting solution in order to get some speed back into a website. A regular business website with a few k visitors a month should run smooth on any shared hosting account for $50 a year.

But let's not turn this thread into a Wordpress bashing topic.

Even though the performance effect in this example with (probably) only a handful users is unnoticeable (and perhaps even unmeasurable), I can't help myself pointing it out