Home/ Questions/Q 6640417
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-25T23:40:12+00:00

For some reason, I can’t get this validation to work as I’d like it

  • 0

For some reason, I can’t get this validation to work as I’d like it to, specifically with the password minLength field.

Everything else is fine (even the minLength for Username works). For some reason, when I add the same minLength rule into the password field, it just ignores it and when I actually do enter in a password, it tells me that I need to enter a password:

    var $validate = array(
'email' => array(
    'email' => array(
        'rule' => array('email', true),
        'required' => true,
        'allowEmpty' => false,
        'message' => 'Please enter a valid email address'
    ),
    'isUnique' => array(
        'rule' => 'isUnique',
        'message' => 'This email is already in use'
    )
),
'username' => array(
    'notEmpty' => array(
        'rule' => 'notEmpty',
        'required' => true,
        'message' => 'Please enter a valid username'
    ),
    'allowedCharacters' => array(
        'rule' => '/^[a-zA-Z]+[0-9]*$/',
        'message' => 'Please enter a valid username'
    ),
    'minLength' => array(
        'rule' => array('minLength', 3),
        'message' => 'Please enter a longer username'
    ),
    'maxLength' => array(
        'rule' => array('maxLength', 23),
        'message' => 'Please enter a shorter username'
    ),
    'isUnique' => array(
        'rule' => 'isUnique',
        'message' => 'That username is already taken'
    )
),
'password' => array(
    'notEmpty' => array(
        'required' => true,
        'allowEmpty' => false,
        'message' => 'Please enter a password'
    ),
    'minLength' => array(
        'rule' => array('minLength', 4),
        'message' => 'Please enter a longer password'
    ),
     'passwordConfirm' => array(
        'rule' => array('checkPasswords'),
        'message' => 'Passwords must match'

       )
    ),
   );

Am I overlooking something minor? It’s driving me nuts.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    This happens because in Cake, the password field is automatically hashed as soon as you submit it; which will break your validation rules (a 5 character password suddenly becomes a 40+ digit hash). There are various proposed fixes for this problem.

    One that sounds the most promising:

    Create two fields e.g pw and pw_confirm as opposed to password and confirm_password. Use these values for your password validation (so, max length etc)

    Then something like:

    $this->User->set($this->data);
if ($this->User->validates()) {
    // all your data validates, so hash the password submitted,
    // ready for storage as normal.
    $password_hash = $this->Auth->password($this->data['User']['pw'];
    $this->data['User']['password'] = $password_hash;
}

    This way, Cake won’t automatically hash the passed that’s entered – allowing your validation to function as you intended.

    To visualise this, add this to your register/add user method:

    function admin_add() {
    if (!empty($this->data)) {
        debug($this->data); 
        exit;

    You’ll get:

    Array
(
    [User] => Array
        (
            [username] => somename
            [password] => 25ae3c1689d26b20e03abc049982349482faa64e
        )

)

    before validation takes place.

    • 0