Using Model's rules() for MD5 and password lenght check in the same time?

Hi there,

Password for my User model must be MD5 hashed therefore I used CRegularExpressionValidator along with length checking set to 32 chars, as MD5 hashes always has 32 chars in length:

array('LOGN, PASS', 'required'),

array('PASS', 'length', 'min'=>32, 'max'=>32),

array('PASS', 'match', 'pattern'=>'/^[a-f0-9]{32}$/', 'message'=>'Not MD5 hashed!'),

I introduced JavaScript function and button to edit form, which allows user to enter normal-typed password and hash it directly before sending form.

Today it turned out that passwords also need to have specific minimum length and to be honest I got lost. How to check if the password had correct length before it was hashed? AFAIK there is no way to check the length of string having only its MD5 hash, as this is one-way algorithm.

I don’t how if this is possible to achieve using only [i]rules/i or do I have to throw all above mentioned and write my own checking in beforeSave()? Or maybe leave it as it is and introduce length checking directly to form with using JavaScript?

Why would you set rules for a hashed password… and what if javascript is disabled the password would not be hased…

It’s better to set rules for the plain password and then in beforeSave (for example) hash the password… no need to check if it’s properly hashed

I guess, we have 5000 topics about how to hash a password (at least, that’s what it feels like for me ;) ). Please do some research on the forum, you’ll find a topic soon.

Damn! :\ Hasn’t thought about that! :(

That is quite an interesting idea. Thanks!

Sorry! I’ve searched forum for ‘md5’ word and read briefly first 10-20 posts and found nothing that would lead me to a good idea, that is why I posted. But, you’re right - I should look deeper.

maybe this help you