In my ‘Members’ model, I am comparing whether password matches password_confirm through this custom validation key/function pair.

...'password_confirm' => array(
        'compare'    => array(
            'rule'      => array('validate_passwords'),
            'message'   => 'The passwords you entered do not match.',
            'required'  => true
        ),

        'length' => array(
            'rule'      => array('between', 6, 20),
            'message'   => 'Your password must be between 6 and 20 characters.',
        ),

        'empty' => array(
            'rule'      => 'notEmpty',
            'message'   => 'The password field must not be left blank.',
        ),
    )...

function validate_passwords…

function validate_passwords($data, $password_field = 'password', $hashed = true) {
    $password         = $this->data['Member']['password'];
    $password_confirm = $hashed ?
          Security::hash($data['password_confirm'], null, true) :
          $data['password_confirm'];
    return $password === $password_confirm;
}

I have many different sections of my site that allow the editing of members. Some sections allow for passwords to be changed, and others just let members edit their bio.

However, because there’s no password_confirm field in the form where users edit their bio (for example) the validation always returns false on any form, other than forms which have password_confirm present.

Is there an efficient way to validate like this…

“Compare password with password_confirm only if the password_confirm key exists in the $data array”

I couldn’t find this anywhere on SO, I hope I am not repeating an existing question.

Thanks!

NB. I want to make sure that the field hasn’t been left blank if it does exist in the form.