Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

polarcubs's avatar

What does sometimes validation rule truly mean? Confused.

According to the official documentation for Laravel 4.2

"In some situations, you may wish to run validation checks against a field only if that field is present in the input array. To quickly accomplish this, add the sometimes rule to your rule list"

$v = Validator::make($data, array(
    'email' => 'sometimes|required|email',
));

A few questions here, If I do not want to make the email field required, couldn't I just do?

$v = Validator::make($data, array(
    'email' => 'email',
));

And if it is sometimes, why in the example is sometimes used with required?

$v = Validator::make($data, array(
    'email' => 'sometimes|required|email',
));
0 likes
10 replies
RachidLaasri's avatar

Sometimes rule means when it's present.

This will only check if the email input is not empty and it's a valid email when it's present in the POST array.

$v = Validator::make($data, array(
    'email' => 'sometimes|required|email',
));

But this, will throw an error if you filled the input with a wrong email ( or if it's blank, because blank is not a valid email address, not sure though. )

$v = Validator::make($data, array(
    'email' => 'email',
));

And using sometimes with required will check if the key email is present in the POST array and then start validation For example, you may use the same FormRequest to create a user and update a user, when adding a user, the email is required, but on update you may not want them to change their email, so adding "sometimes" rule will do the job.

$v = Validator::make($data, array(
    'email' => 'sometimes|required|email',
));
1 like
polarcubs's avatar

Thanks @RachidLaasri. Trying to diguest your post now what about the following cases?

$v = Validator::make($data, array(
    'email' => 'sometimes|email',
));

and

$v = Validator::make($data, array(
    'email' => 'sometimes',
));

Also does the order make a difference?

$v = Validator::make($data, array(
    'email' => 'required|sometimes',
));

Thanks!

RachidLaasri's avatar

This will do nothing because there's no rules to validate against,because even if it's present in the POST array, you should specify rules. and the order don't make any difference.

$v = Validator::make($data, array(
    'email' => 'sometimes',
));

But this, will check if the email key present in the post array and then check if it's a valid email.

$v = Validator::make($data, array(
    'email' => 'sometimes|email',
));

For example, if your POST data is something like this

email  => 'somestring',
username => 'myusername',
password => 123456

This will fail because the email is present and it's not a valid email adresse But this will pass

email  => 'example@domain.com',
username => 'myusername',
password => 123456

and this one too because the email is not present and this is what sometimes means, only if it's present this check if it matches the other rules.

username => 'myusername',
password => 123456
1 like
RachidLaasri's avatar
RachidLaasri
11 years ago
Best Answer
Level 41

And please note that this :

$v = Validator::make($data, array(
    'email' => 'required|email',
));

and this are completely different

$v = Validator::make($data, array(
    'email' => 'sometimes|required|email',
));

The first one, will fail in if :

1 - the email input is empty.
2 - the email is not a valid email address.
3 - you don't have an email input in your form.

but the second one will only fail if you have an input with a name of email and it'll ignore the rules if not.

3 likes
polarcubs's avatar

Hi @RachidLaasri, thanks for the great help! Just 1 more question...

What is the difference between

$v = Validator::make($data, array(
    'email' => 'sometimes|email',
));

and

$v = Validator::make($data, array(
    'email' => 'email',
));

My guess is that there are no differences.

RachidLaasri's avatar

@polarcubs there's a difference as i see.

if your form is something like :

<form action="#" method="POST">
    <input type="text" name="email">
    <input type="password" name="password">
    <button name="login">Login</button>
</form>

and you entered a valid email address, both will pass, but if your form is

<form action="#" method="POST">
    <input type="text" name="username">
    <input type="password" name="password">
    <button name="login">Login</button>
</form>

the seconds one will fail. But the first one will pass, because there's no "email" input, and that's what sometimes means, ONLY if it exist in your POST array.

jekinney's avatar

I would like to expand on the email check. It's doesn't check if it is a valid email, it checks if it is a valid email type of string.

Basically (more to it, but for brevity) it checks for an @ and . in the string. so example@example.com will pass the email validation but obviously the email is invalid as a working email.

Sometimes in the examples here would work if you allow EITHER a username or email as a login

You can check the array sent for an email type, if so use that to log in a user, if not check if it is the users username.

cristian9509's avatar

@jekinney @RachidLaasri Isn't sometimes rule a security issue? Let's say I have two forms. User creation and user update. I use the sometimes rule for an input. What happens if the user loads the page, deletes the input (or changes the name of the input) and then submits the page? Wouldn't sometimes just allow for the user to submit the creating form with a missing input and thus bypassing the validation?

chimit's avatar

To clarify one more time:

  • If email field is not presented:
'email' => 'sometimes|required|email', // passes

'email' => 'email', // passes
  • If email field is presented and is empty:
'email' => 'sometimes|required|email', // fails

'email' => 'email', // passes
3 likes

Please or to participate in this conversation.