CodeIgniter Form Validation – Setting Rules, Setting Error Messages and Repopulating Form

Hello Readers,

I would like to write a blog on CodeIgniter form validation. Form validation on server side is very important in order to avoid entering some random values and also client side validation such as javascript validation is easily breakable.

We can even validate our form using HTML5. For example,

<input type="text" name="fullname" value="" placeholder="Full Name" required />

The word required at the end automatically validates the form and if the form is submitted with empty value, a tooltip occurs with required message. This is easy to implement. But user can easily bye pass it by right clicking on the webpage, opening console and can edit HTML contents, user can remove the required from code and can submit the form with empty value. So it is necessary to validate form in server side, which cannot be bye passed.

Consider you are about to validate a user Login form. You

<html>
<head>
<title>Login</title>
</head>
<body>
<form action="<?php base_url().'login' ?>" method="post">
<input type="text" name="email" value="" placeholder="Enter your Email" /><br>
<input type="password" name="password" value="" placeholder="Enter your Password" /><br>
<input type="submit" name="submit" value="Submit" />
</form>
</body>
</html>

First, let me explain the CodeIgniter form validation library

class Login extends CI_Controller {
   public function index(){
      $this->load->library('form_validation');
      $this->form_validation->set_rules('email', 'Email', 'required|trim|xss_clean|valid_email');
      $this->form_validation->set_rules('password', 'Password', 'required|trim|min_length[6]|max_length[8]');
      if($this->form_validation->run() == TRUE){
           // Perform Actions after getting valid form inputs
      }
      $this->load->view('login');	
   }
} 

This will check for valid conditions like
‘required’ = which needs the form input to be set. It need not be empty.
‘trim’ = it trims the form input. Extra spaces are removed.
‘xss_clean’ = removes the html tags or such.
‘valid_email’ = checks for valid email id.
‘min_length[6]’ = checks for the length to be minimum 6. anything less than 6 is invalid
‘max_length[10]’ = checks for the length to be maximum 10. anything more than 10 is invalid
‘is_unique[users.email]’ = used to check if the input already exists in database. it matches with ‘users’ table and email field
‘matches[confirm_password_field]’ = used to match with the other field. Useful when you have password confirmation field

We can also use our own validation functions. In case you have to check if email and password exists in the database. To do so we can create our own callback function. To do so add callback_check_login_details in the validation rules, and define a function with the name check_login_details().

$this->form_validation->set_rules('email', 'Email', 'required|trim|xss_clean|valid_email|callback_check_login_details');

and function looks like

function check_login_details(){
     $email = $this->input->post('email');
     $pass = $this->input->post('password');
     if($this->login_model->check_login($email,$pass)){
         // If the login credentials are correct 
         return true;
     }
     else{
         // If the login credentials are incorrrect
         $this->form_validation->set_message('check_login_details', 'Invalid Login Details');
         return false;
     } 
}

In order to re-populate the form, that is, after submitting the form, when the form data is invalid, control gets redirected to the form page. We have to display the error message and also we have to put in the form value they entered earlier. The form with error message and earlier values looks like the following.

<html>
<head>
<title>Login</title>
</head>
<body>
<form action="<?php base_url().'login' ?>" method="post">
<?php echo validation_errors('<p class="form_error">','</p>'); ?>
<input type="text" name="email" value="<?php echo set_value('email') ?>" placeholder="Enter your Email" /><br>
<input type="password" name="password" value="<?php echo set_value('password') ?>" placeholder="Enter your Password" /><br>
<input type="submit" name="submit" value="Submit" />
</form>
</body>
</html>

We can also display form errors individually for each form inputs. We can do that by

<?php echo form_error('email'); ?>

or we can use the html tags to style it like

<?php echo form_error('email', '<p class="form_error">', '</p>'); ?>

Or we can also add the error delimiters earlier in the controller to append the html tags to the error message.

$this->form_validation->set_error_delimiters('<p class="form_error">', '</p>');

Hope this is helpful.

Thanks for reading.

Feedback are welcome. Please feel free to ask questions.

Don’t forget to subscribe to Geeks.Gallery, to get free emails to your inbox.

Subscribe to Geeks.Gallery

Nagarajan
Follow me

Nagarajan

Web Developer at Energy Alternatives India
I'm interested in developing Web applications andkeen on learning new technologies.

View Nagarajan's Profile
Nagarajan
Follow me

Latest posts by Nagarajan (see all)

Leave a Reply

Your email address will not be published. Required fields are marked *