fix: required_without rule logic in Validation class.

system/Validation/Rules.php

@@ -279,29 +279,48 @@ public function required_with($str = null, ?string $fields = null, array $data =
      *     required_without[id,email]
      *
      * @param string|null $str
+     * @param string|null $otherFields The param fields of required_without[].
+     * @param string|null $field       This rule param fields aren't present, this field is required.
      */
-    public function required_without($str = null, ?string $fields = null, array $data = []): bool
+    public function required_without($str = null, ?string $otherFields = null, array $data = [], ?string $error = null, ?string $field = null): bool
     {
-        if ($fields === null || empty($data)) {
-            throw new InvalidArgumentException('You must supply the parameters: fields, data.');
+        if ($otherFields === null || empty($data)) {
+            throw new InvalidArgumentException('You must supply the parameters: otherFields, data.');
         }
 
         // If the field is present we can safely assume that
         // the field is here, no matter whether the corresponding
         // search field is present or not.
-        $fields  = explode(',', $fields);
-        $present = $this->required($str ?? '');
+        $otherFields = explode(',', $otherFields);
+        $present     = $this->required($str ?? '');
 
         if ($present) {
             return true;
         }
 
         // Still here? Then we fail this test if
         // any of the fields are not present in $data
-        foreach ($fields as $field) {
-            if ((strpos($field, '.') === false && (! array_key_exists($field, $data) || empty($data[$field]))) || (strpos($field, '.') !== false && empty(dot_array_search($field, $data)))) {
+        foreach ($otherFields as $otherField) {
+            if ((strpos($otherField, '.') === false) && (! array_key_exists($otherField, $data) || empty($data[$otherField]))) {
                 return false;
             }
+            if (strpos($otherField, '.') !== false) {
+                if ($field === null) {
+                    throw new InvalidArgumentException('You must supply the parameters: field.');
+                }
+
+                $fieldData       = dot_array_search($otherField, $data);
+                $fieldSplitArray = explode('.', $field);
+                $fieldKey        = $fieldSplitArray[1];
+
+                if (is_array($fieldData)) {
+                    return ! empty(dot_array_search($otherField, $data)[$fieldKey]);
+                }
+                $nowField      = str_replace('*', $fieldKey, $otherField);
+                $nowFieldVaule = dot_array_search($nowField, $data);
+
+                return null !== $nowFieldVaule;
+            }
         }
 
         return true;

system/Validation/StrictRules/Rules.php

@@ -302,10 +302,12 @@ public function required_with($str = null, ?string $fields = null, array $data =
      *
      *     required_without[id,email]
      *
-     * @param mixed $str
+     * @param string|null $str
+     * @param string|null $otherFields The param fields of required_without[].
+     * @param string|null $field       This rule param fields aren't present, this field is required.
      */
-    public function required_without($str = null, ?string $fields = null, array $data = []): bool
+    public function required_without($str = null, ?string $otherFields = null, array $data = [], ?string $error = null, ?string $field = null): bool
     {
-        return $this->nonStrictRules->required_without($str, $fields, $data);
+        return $this->nonStrictRules->required_without($str, $otherFields, $data, $error, $field);
     }
 }

system/Validation/Validation.php

@@ -312,7 +312,7 @@ protected function processRules(
                     $found  = true;
                     $passed = $param === false
                         ? $set->{$rule}($value, $error)
-                        : $set->{$rule}($value, $param, $data, $error);
+                        : $set->{$rule}($value, $param, $data, $error, $field);
 
                     break;
                 }

tests/system/Validation/ValidationTest.php

@@ -1414,13 +1414,20 @@ public function testNestedArrayThrowsException(): void
                     'credit_amount'  => null,
                     'purpose'        => 'A',
                 ],
+                'account_3' => [
+                    'account_number' => '',
+                    'credit_amount'  => 2000,
+                    'purpose'        => '',
+                ],
             ],
         ];
         $this->validation->run($data);
 
         $this->assertSame([
-            'beneficiaries_accounts.account_2.credit_amount' => 'The CREDIT AMOUNT field is required.',
-            'beneficiaries_accounts.account_2.purpose'       => 'The PURPOSE field must be at least 3 characters in length.',
+            'beneficiaries_accounts.account_3.account_number' => 'The BENEFICIARY ACCOUNT NUMBER field must be exactly 5 characters in length.',
+            'beneficiaries_accounts.account_2.credit_amount'  => 'The CREDIT AMOUNT field is required.',
+            'beneficiaries_accounts.account_2.purpose'        => 'The PURPOSE field must be at least 3 characters in length.',
+            'beneficiaries_accounts.account_3.purpose'        => 'The PURPOSE field is required when BENEFICIARY ACCOUNT NUMBER is not present.',
         ], $this->validation->getErrors());
     }
 
@@ -1436,4 +1443,26 @@ public function testRuleWithLeadingAsterisk(): void
         $this->assertFalse($this->validation->run($data));
         $this->assertSame('Required *.foo', $this->validation->getError('*.foo'));
     }
+
+    /**
+     * @see https://github.com/codeigniter4/CodeIgniter4/issues/5942
+     */
+    public function testRequireWithoutWithWildCard()
+    {
+        $data = [
+            'a' => [
+                ['b' => 1, 'c' => 2],
+                ['c' => ''],
+            ],
+        ];
+
+        $this->validation->setRules([
+            'a.*.c' => 'required_without[a.*.b]',
+        ])->run($data);
+
+        $this->assertSame(
+            'The a.*.c field is required when a.*.b is not present.',
+            $this->validation->getError('a.1.c')
+        );
+    }
 }

user_guide_src/source/changelogs/v4.2.7.rst

@@ -14,6 +14,7 @@ BREAKING
 
 - The default values of the parameters in :php:func:`set_cookie()` and :php:meth:`CodeIgniter\\HTTP\\Response::setCookie()` has been fixed. Now the default values of ``$secure`` and ``$httponly`` are ``null``, and these values will be replaced with the ``Config\Cookie`` values.
 -  ``Time::__toString()`` is now locale-independent. It returns database-compatible strings like '2022-09-07 12:00:00' in any locale.
+- The Rule of :php:func:`Validation\\Rule::required_without()` parameters are changed and this rule logic is fixed.
 
 Enhancements
 ************

user_guide_src/source/installation/upgrade_427.rst

@@ -53,6 +53,7 @@ Others
 ======
 
 -  ``Time::__toString()`` is now locale-independent. It returns database-compatible strings like '2022-09-07 12:00:00' in any locale. Most locales are not affected by this change. But in a few locales like `ar`, `fa`, ``Time::__toString()`` (or ``(string) $time`` or implicit casting to a string) no longer returns a localized datetime string. if you want to get a localized datetime string, use :ref:`Time::toDateTimeString() <time-todatetimestring>` instead.
+- The rule of ``required_without`` logic is changed to validate each array separately, and the name of parameters are also changed.
 
 Project Files
 *************