Jump to content

Archived

This topic is now archived and is closed to further replies.

oracle259

Regex to ban password containing userid

Recommended Posts

I needed to know how to create a regex to ban passwords that contain a user's given userid or email. I considered using similar_text but i'm not so familiar with that function and i think regex may be more efficient.

Thanks :D

Share this post


Link to post
Share on other sites
you can just use a preg_match!!!!!
<?php
$username = $_POST['regusername'];
$password = "/".$_POST['regpassword']."/";
if (preg_match($username,$password))
{
//deny completeion of registration...
}
else
{
// carry on...
}
?>

Share this post


Link to post
Share on other sites
ok but would preg_match work for lets say the password is p.oracle259-ender and userid is oracle259?

Share this post


Link to post
Share on other sites
ok i read up on preg_match but the php manual recommends using strpos as it is faster. So let me know if this code would surffice:

<?php
$password = 'p.oracle259-ender';
$userid  = 'oracle259';
$inpass = strpos($password, $userid);

if ($incheck === true) {
  echo "Error: Sorry password cannot contain your set userid'";
} else {
  encrypt password
  make password DB safe
  insert password into DB
}

Share this post


Link to post
Share on other sites
Oracle259, I think it should be:
if($inpass!=FALSE)

Because it will return false if not found, so I don't think it will return BOOLEAN true.

Share this post


Link to post
Share on other sites
Couldn't you also just use stristr? If you are only looking for one string within another why not? You are not really matching a pattern but just s imple string. Just a suggestion.

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.