• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Username And Email Login Form Validation Question

#1
I have one input field called type where the user can enter his/her email or username

Code:
<div class="form-group">
<label>Username Or Email</label>
<?php echo form_input('type', $type, array('class' => 'form-control'));?>
</div>

On my form validation rules check I have this 


Code:
$this->form_validation->set_rules('type', 'Username Or Email', 'trim|required'); 


But because the type input can be username or email can not use valid_email I have this 


Code:
$this->form_validation->set_rules('type', 'Username Or Email', 'trim|required|valid_email'); 


QUESTION: How can I check if the user enters email that it can check is valid_email but if the user enters username will not need to check valid_email do I need to do a separate callback? 


Code:
public function validateForm() {
$input_type = $this->input->post('type',  true);
$input_password = $this->input->post('password', true);

$stored_hash = $this->user_model->get_password($input_type);

$this->form_validation->set_rules('type', 'Username Or Email', 'trim|required');
$this->form_validation->set_rules('password', 'password', 'trim|required');

if (!$this->form_validation->run()) {

if (form_error('type')) {
$this->error['type'] = form_error('type');
}

if (form_error('password')) {
$this->error['password'] = form_error('password');
}

}

if (!empty($input_password) && !password_verify($input_password, $stored_hash)) {
$this->error['warning'] = 'Opp\'s username and or password incorrect!';
}

return !$this->error;
}


Attached Files
.php   Login.php (Size: 2.4 KB / Downloads: 109)
There's only one rule - please don't tell anyone to go and read the manual.  Sometimes the manual just SUCKS!
Reply

#2
I think u need custom validation method:


1. in application/libraries create file MY_Form_validation.php

and define your custom method there
PHP Code:
<?php

class MY_Form_validation extends CI_Form_validation {

 
   function __construct($config = array()) {
 
       parent::__construct($config);
 
       $this->set_error_delimiters'<div class="has-error">''</div>' );
 
   }
public function 
is_valid_email_or_username($user_input){
//validation codes here
//if valid 
return true;
//else 
return false;

}


2. library validation is in the exactly same way:  $this->load->library('form_validation'); it will load your form_validation extension automaticly


3. and $this->form_validation->set_rules('type', 'Username Or Email', 'trim|required|is_valid_email_or_username'); 
4. for validation error message u can set custom error message for your custom validation rule. in application/language/your_lang/form_validation_lang.php
add $lang['is_valid_email_or_username'] = "Error messafe {field}";

5. I am not sure but as u inherited system form_validation library you should be able to use $this->valid_email($user_input) in your custom validatio method
Reply

#3
Why validate it? If it's a login form, you don't need to validate that the email is valid. Just check it against your DB for a match in username or email column.
Reply

#4
(04-12-2017, 11:41 PM)JayAdra Wrote: Why validate it? If it's a login form, you don't need to validate that the email is valid. Just check it against your DB for a match in username or email column.

Thank you for advice will go that way I think
There's only one rule - please don't tell anyone to go and read the manual.  Sometimes the manual just SUCKS!
Reply

#5
Why? Because of performance.

I believe it's best practice to make as simple sql queries as possible. I you can get rid of a OR statement in your query with a few lines of php I believe it's woth it anytime.

Compare using
Code:
SELECT id,username,email,salt FROM users WHERE email='PostData' LIMIT 1
(Or if you determine 'PostData' is not a valid emailaddress)
Code:
SELECT id,username,email,salt FROM users WHERE username='PostData' LIMIT 1

To:
Code:
SELECT id,username,email,salt FROM users WHERE email='PostData' OR username='PostData' LIMIT 1
Reply

#6
(04-13-2017, 12:28 AM)Diederik Wrote: Why? Because of performance.

I believe it's best practice to make as simple sql queries as possible. I you can get rid of a OR statement in your query with a few lines of php I believe it's woth it anytime.

Compare using
Code:
SELECT id,username,email,salt FROM users WHERE email='PostData' LIMIT 1
(Or if you determine 'PostData' is not a valid emailaddress)
Code:
SELECT id,username,email,salt FROM users WHERE username='PostData' LIMIT 1

To:
Code:
SELECT id,username,email,salt FROM users WHERE email='PostData' OR username='PostData' LIMIT 1

Anytime I find myself worrying about performance, I compare my app to WordPress, and then I know that then I know little things don't matter so much. Unless something changed, WordPress is like 30 queries just to load a basic page  Big Grin
Reply

#7
Yeah, dont get me starting about Wordpress, sigh... The last few year a couple of customers 'demanded' their new website should be in Wordpress (probably only because their management/CEO can then brag about it to their golf buddies). I like to broaden my horizon so went along with it. But the more I work with it the more I hate the product. I find it insane that one would need some expensive VPS or varnish hosting solution in order to get some speed back into a website. A regular business website with a few k visitors a month should run smooth on any shared hosting account for $50 a year.

But let's not turn this thread into a Wordpress bashing topic.

Even though the performance effect in this example with (probably) only a handful users is unnoticeable (and perhaps even unmeasurable), I can't help myself pointing it out Wink
Reply


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.