Question about callback function


I am VERY new to codeigniter but I have been playing around with the validation class, specifically with regards to logging a user in.

The problem I have is when I run my check_login function it does not md5 the passwd as set in the rules, I have to manually md5 it for it to work properly.

The below example DOES work but I am wondering why I cannot simply use $this->validation->passwd.

With using this example I am not sure if the passwd field is going through the xss_clean (which I set to go through all post data in the config)

Any advice on how to do this better or something I am missing?


function check() {
    $fields['username'] = 'User Name';
    $fields['passwd'] = 'Password';
    $this->validation->set_error_delimiters('<div class="error">', '</div>');
    $rules['username'] = 'trim|required|callback_check_login';
    $rules['passwd'] = 'trim|required|md5';
    if ($this->validation->run() == FALSE) {
        // Send user back
        $data['title'] = 'Temp Title';
        $this->load->view('loginview', $data);
           } else {
        // Process Login
        echo "You are logged in!";
function check_login($username)
   $this->validation->set_message('check_login', 'Your login information is invalid. Please try again.');
   // This function does not work without reapplying md5 to the passwd field
   $mdpassword = md5($this->validation->passwd);
   // Check to see if a user exists
   $this->db->where('userid', $username);
   $this->db->where('password', $mdpassword);
   $query = $this->db->get('users');
   if ($query->num_rows() > 0) { return TRUE; } else { return FALSE; }

I think check_login is called before the md5 of the password field is called.

So maybe simply changing this
$rules['username'] = 'trim|required|callback_check_login';
    $rules['passwd'] = 'trim|required|md5';
in to this
$rules['passwd'] = 'trim|required|md5';
    $rules['username'] = 'trim|required|callback_check_login';
should do the trick.

The Problem is when you do "md5" on field rules it saves the md5 hashed string into the post variable of the field. Later you md5-hash the already hashed string again:
$mdpassword = md5($this->validation->passwd);
Just remove the md5() function.

Thanks for the responses.

I tried that clooner recommended and the password is still not md5'd even if I do an echo directly after the rule.

I tried after the set_rules function as well with no success.


I am md5ing the password because it is not correctly applying md5 through the rules.

Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  

  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.