"password Must Be Repeated Exactly" Message Even If The Passwords Match

Even if I type the same passwords in password field and repeat password field, it says that the passwords don’t match and I don’t know what’s wrong.

In my user model, I have defined this in the class (none of these attributes are stored in db, because in the actionRegister I’m hashing the password and storing it hashed):

    public $password;

    public $repeatPassword;


Validation rules for passwords:

array('password', 'required', 'on'=>'insert'),

array('repeatPassword', 'required', 'on'=>'insert'),

array('password, repeatPassword', 'length', 'min'=>6, 'max'=>40),

array('password', 'compare', 'compareAttribute'=>'repeatPassword'),

array('repeatPassword', 'safe'),

My action for registration:

 public function actionRegister()


        $user=new User;



In view:

 <div class="row">

        <?php echo $form->labelEx($user,'password'); ?>

        <?php echo $form->passwordField($user,'password')?>

        <?php echo $form->error($user,'password'); ?>


    <div class="row">

        <?php echo $form->labelEx($user,'repeatPassword'); ?>

        <?php echo $form->passwordField($user,'repeatPassword')?>

        <?php echo $form->error($user,'repeatPassword'); ?>


Could you help me please?

First of all, make sure you are not hashing your password before validation.

Do not forget that validation happens also on save().

PS. IMHO the best place to hash password is in beforeSave() hook, so it’ll be hashed right before actual saving.

Thank you for your response. I’m hashing my password in the action, like this:

public function actionRegister()



        $user=new User;





            $valid = $user->validate();


            $user->hash = crypt($user->password, Randomness::blowfishSalt());


So it should be ok, because it doesn’t get to the crypt function when it’s just an ajax validation.

It looks like that there’s only problem with ajax validation - when I click the submit button, it’s ok.

I see.

Try this:

array(‘password’, ‘compare’, ‘compareAttribute’=>‘repeatPassword’, ‘skipOnError’=>true),

There was an old bug(?) in Yii, I wonder if something’s changed.

No difference, anyway thanks.

I think I’ve found why there’s problem, when I do this:

  1. write the password in the “password” field => shows that the “passwords doesn’t match” message under this field

  2. write the password in the “repeat password” field => this field gets green, but there’s still the message about matching under the “password” field - it seems that the “password” value is not send with ajax for the second time, so it’s not checked if they match already.

So the problem is, that if I finally write the "repeat password" same as the "password", the error still shows.

But this works:

  1. write the password in the "repeat password" field => it gets green

  2. write the password in the "password" field => it gets green

How could I always send the "password" along with the "repeat password" via ajax?

Ok, so add another rule to require repeatPassword.

password - required

repeatPassword - required

repeatPassword - compare, skip on error.

I don’t think it’s ajax, more likely it’s client-side validation.