Cakephp’s Auth Component – validation

The registration form for new users follows validation rules. All the inputs are required. The username should be unique and the username length should be between 3 and 15 characters.

If user or admin choose username that has already been taken, the user account will not be created and the following error will be displayed:

If user or admin type username that is shorter than 3 or longer than 15 characters, the user account will not be created and the following error will be displayed:

The password field and confirmed password field should matched. The rule ‘matchPassword’ is not cakePHP rule, since cakePHP does not have rule to compare fields.
The public function ‘matchPassword’ takes one argument – data. The function compares if password field value matches the confirmed password field value. If fields are equal than function returns true. If fields are not equal than the password confirmation field is invalidate, the error message is displayed and the function returns false.


If user or admin type password and confirmed password that do not match, the user account will not be created and the following errors will be displayed:

Check the previous screens – password and password confirmation fields are hashed. The public function beforeSave() hashed passwords before stored in database:

Retention of Old Password if Both Password Fields are Empty – Problem Unsolved

When users edit their details both field – password and password confirmation are mandatory.

It is a good idea to change it that if the user doesn’t type the password and password confirmation, the user details can be saved without having to re-enter the passwords.

To fix this issue I created the following emptyPassword() function in the User.php file:

function emptyPassword(){
if($this->data[‘User’][‘password_confirmation’] == “”){

And the rule:
’emptyPassword’ => array(
‘rule’ => array(’emptyPassword’, ‘password’),
‘on’ => ‘update’,  //Only in the edit user form

But emptyPassword() function did not run since errors returning from matchPassword() function occurred first. I added ‘on’ => ‘create’ and ‘required’=>false conditions to the  password array, that it runs only when creating new user, but in also did not work.


Instead matchPasswords() function I tried to use emptyPassword() function:

Again, errors that both password fields should be filled-in appears.
I decided to move forward and back to that problem in the future.