CodeIgniter Validation Rules for Email and Password
Include Email Helper:
$this->load->helper('email');
For Email:
$this->form_validation->set_rules('email', 'Email', 'trim|required|valid_email|xss_clean');
Or you can also use PHP Filter for email validation as
filter_var($email, FILTER_VALIDATE_EMAIL);
For Password Expression
public function chk_password_expression($str)
{
if (1 !== preg_match("/^.*(?=.{6,})(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z]).*$/", $str))
{
$this->form_validation->set_message('chk_password_expression', '%s must be at least 6 characters and must contain at least one lower case letter, one upper case letter and one digit');
return FALSE;
}
else
{
return TRUE;
}
}
To call the function you should use:
$this->form_validation->set_rules( 'password', 'Password', 'trim|required|min_length[6]|max_length[15]|callback_chk_password_expression');
Note: chk_password_expression should be in same class controller or in parent class. Email helper should be included as $this->load->helper('email');
Related videos on Youtube
Mohamed Ebrahim
Updated on June 09, 2020Comments
-
Mohamed Ebrahim almost 4 years
I was used to coding application with CodeIgniter and I'm a total newbie. I just started to learn CodeIgniter 3.0, and and reached to validation rules.
I notice that
xss_clean
is now gone from the validation class, so what rules should I use in the validation of email and password? Using justtrim
,valid_email
, and required is enough for security?Sorry if that question has been asked, but I searched around and I see old topics where people is using
xss_clean
.-
Mayank Tailor almost 9 yearsxss_clean is deprecated in Codeigniter 3.0. its no more in form_validation library. old one also not as much useful to completely prevent XSS. You should have custom function to clean userdata. Better clean userdata while printing on html.
-
-
Mohamed Ebrahim almost 9 yearsIsn't xss_clean depreciated in CodeIgniter 3? Also, what does the password expression do?
-
Mohamed Ebrahim almost 9 yearsIn addition to that, in the email helper class, it says "The Email helper is DEPRECATED and is currently only kept for backwards compatibility."
-
Deep Kakkar almost 9 yearscodeigniter.com/userguide3/helpers/… check here how to use this. you can also use filter_var($email, FILTER_VALIDATE_EMAIL);