Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Codeigniter 3 Unable to access an error message

Tags:

forms

validation

php

codeigniter

I have proble with set_rules function in Codeigniter 3

i check user email:

$this->form_validation->set_rules('email', 'Email', 'required|trim|xss_clean|valid_email');

and when I post get this error:

Unable to access an error message corresponding to your field name Email.

like image 722
user3546854 Avatar asked Feb 17 '15 18:02

user3546854

4 Answers

From the codeigniter github :

A largely unknown rule about XSS cleaning is that it should only be applied to output, as opposed to input data.

We've made that mistake ourselves with our automatic and global XSS cleaning feature (see previous step about XSS above), so now in an effort to discourage that practice, we're also removing 'xss_clean' from the officially supported list of form validation rules.

Because the Form Validation library generally validates input data, the 'xss_clean' rule simply doesn't belong in it.

If you really, really need to apply that rule, you should now also load the Security Helper, which contains xss_clean() as a regular function and therefore can be also used as a validation rule.

Link : https://github.com/bcit-ci/CodeIgniter/blob/develop/user_guide_src/source/installation/upgrade_300.rst#step-13-check-for-usage-of-the-xss_clean-form-validation-rule

And if, despite everything, you really need it, go to application/config/autoload.php :

$autoload['helper'] = array('security');

Or, before your form validation

$this->load->helper('security');
like image 162
AdrienXL Avatar answered Nov 19 '22 02:11

AdrienXL

xss_clean is no longer part of form validation.

The alternative is not to use it, as xss_clean is doing sanitization and not validation. xss_clean is part of security helper. If you need to do it, after validation you do.

 $this->load->helper('security'); `
 $value = $this->input->post('email',TRUE); //where TRUE enables the xss filtering

Also, you can enable global xss filtering in the config.php file

$config['global_xss_filtering'] = TRUE;

like image 44
Gaurav Bhatra Avatar answered Nov 19 '22 02:11

Gaurav Bhatra

Others have alluded to it, but no one has said succinctly, the way to fix this error is to remove xxs_clean from your validation rule. I just came across this issue myself, and thanks to the hints provided here, was able to fix the issue.

This:

 $this->form_validation->set_rules('email', 'Email', 'required|trim|xss_clean|valid_email');

Becomes this:

 $this->form_validation->set_rules('email', 'Email', 'required|trim|valid_email');
like image 6
sean.boyer Avatar answered Nov 19 '22 01:11

sean.boyer

Please load security Helper on autoload.php

$autoload['helper'] = array('security');

No need to do anything more.

like image 6
Kamlesh Avatar answered Nov 19 '22 03:11

Kamlesh
Sign in to Comment

Related questions

Encoding of PDF text string
Select columns of data.table based on regex
How to get future date in Faker
Does checking the Never ask again box when asking for a runtime permission disable future dialogs?
Java - Read line using InputStream [duplicate]
Swift add show action to button programmatically
How to add close icon in Material UI Dialog Header top right corner
How can I remove default button class of a dataTables button?
How to change Angular 5 Material input placeholder? [duplicate]
Laravel how to response only 204 code status with no body message
Interleave 4 lists of same length python [duplicate]
How to execute and get content of a .php file in a variable?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!