Hi Debbie,
Here is an expression that matches your password requirement. I have unrolled it in "comment mode" so you can see what each line does. That way you can understand how the lookahead works.
(?x) # comment mode
^ # beg of string anchor
(?=[\d\D]{8,20}$) # lookahead: between 8 and 20 digits or non-digits, then the end of the string
(?=.*[A-Z]) # lookahead: an upper-case character
(?=.*[a-z]) # lookahead: a lower-case character
(?=.*[0-9]) # lookahead: a number
(?=.*[*?!&_-]) # lookahead: a special character
.* # match anything
$ # end of string anchor
You can actually paste that directly into your PHP, or you can bring it back to one line and remove the comments. I would recommend leaving the comments.
I wasn't sure what you wanted to include in the special characters, so have a look on that line and add whatever you like between the brackets (you would have to escape a backslash).
Here is an example of use in a PHP program (tested):
<?php
$passes=array('2_Short','Need_A_Number','Valid_Pass99','This_1_is_going_to_be_too_long');
foreach ($passes as $pass)
if (preg_match('/(?x) # comment mode
^ # beg of string anchor
(?=[\d\D]{8,20}$) # lookahead: between 8 and 20 digits or non-digits, then the end of the string
(?=.*[A-Z]) # lookahead: an upper-case character
(?=.*[a-z]) # lookahead: a lower-case character
(?=.*[0-9]) # lookahead: a number
(?=.*[*?!&_-]) # lookahead: a special character
.* # match anything
$ # end of string anchor
/m', $pass))
echo 'Valid: '.$pass.'<br />';
else echo 'Invalid: '.$pass.'<br />';
?>
Don't forget the closing ?> as it is not showing inside the code box.
Please let me know if this works for you!
Wishing you a beautiful day