Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Codeigniter 3 Unable to access an error message

I have proble with set_rules function in Codeigniter 3

i check user email:

$this->form_validation->set_rules('email', 'Email', 'required|trim|xss_clean|valid_email');

and when I post get this error:

Unable to access an error message corresponding to your field name Email.

like image 722
user3546854 Avatar asked Feb 17 '15 18:02

user3546854


4 Answers

From the codeigniter github :

A largely unknown rule about XSS cleaning is that it should only be applied to output, as opposed to input data.

We've made that mistake ourselves with our automatic and global XSS cleaning feature (see previous step about XSS above), so now in an effort to discourage that practice, we're also removing 'xss_clean' from the officially supported list of form validation rules.

Because the Form Validation library generally validates input data, the 'xss_clean' rule simply doesn't belong in it.

If you really, really need to apply that rule, you should now also load the Security Helper, which contains xss_clean() as a regular function and therefore can be also used as a validation rule.

Link : https://github.com/bcit-ci/CodeIgniter/blob/develop/user_guide_src/source/installation/upgrade_300.rst#step-13-check-for-usage-of-the-xss_clean-form-validation-rule

And if, despite everything, you really need it, go to application/config/autoload.php :

$autoload['helper'] = array('security');

Or, before your form validation

$this->load->helper('security');
like image 162
AdrienXL Avatar answered Nov 19 '22 02:11

AdrienXL


xss_clean is no longer part of form validation.

The alternative is not to use it, as xss_clean is doing sanitization and not validation. xss_clean is part of security helper. If you need to do it, after validation you do.

 $this->load->helper('security'); `
 $value = $this->input->post('email',TRUE); //where TRUE enables the xss filtering

Also, you can enable global xss filtering in the config.php file

$config['global_xss_filtering'] = TRUE;

like image 44
Gaurav Bhatra Avatar answered Nov 19 '22 02:11

Gaurav Bhatra


Others have alluded to it, but no one has said succinctly, the way to fix this error is to remove xxs_clean from your validation rule. I just came across this issue myself, and thanks to the hints provided here, was able to fix the issue.

This:

 $this->form_validation->set_rules('email', 'Email', 'required|trim|xss_clean|valid_email');

Becomes this:

 $this->form_validation->set_rules('email', 'Email', 'required|trim|valid_email');
like image 6
sean.boyer Avatar answered Nov 19 '22 01:11

sean.boyer


Please load security Helper on autoload.php

$autoload['helper'] = array('security');

No need to do anything more.

like image 6
Kamlesh Avatar answered Nov 19 '22 03:11

Kamlesh