feeling a little stupid

[fortnox007]

Hi all, i just helped someone in the php part with a form to check if a password contains some stuff (2 Uppercase 2 lowercase 2 special character or number). so i reccomended to use regex and came up with the following, but it seems it requires that exact same order so not perfect.

preg_match('~[A-Z]{2,}[a-z]{2,}[^a-zA-Z]{2,}~',$password)

I thought when leaving out the ^ at the start and $ at the end the order wouldn't matter, but it seems it does.

any ideas?

[.josh]

I really frakking hate it when forms require stuff like this. Put a warning up and let ME decide how "strong" my password should be.

 

Anyways... another thing you forgot to consider is that someone can have for instance "1AaBb2" and that should be fine....(notice how 2xwhatever is NOT together) but your regex requires them to be together.

 

function validatePassword($password) {
  preg_match_all('~([a-z])|([A-Z])|([^a-zA-Z])~',$password,$matches);
  if (
    (count(array_filter($matches[1]))>1) &&
    (count(array_filter($matches[2]))>1) &&
    (count(array_filter($matches[3]))>1)
  ) return true;
  return false;
} // end validatePassword

 

 

 

[fortnox007]

thanks alot Crayon Violent,

 

hehe i made this for someone else, wasn't my idea to be that user unfriendly

 

oh I didn't forget that someone could have ie. Aa!aAb1 that's why i got here, because i wasn't able to figure out how to match also that.

 

but the function you madecould you maybe review my comment? because i hoped it was easy to do with a single pattern.

function validatePassword($password) {
  preg_match_all('~([a-z])|([A-Z])|([^a-zA-Z])~',$password,$matches);
  if (
    (count(array_filter($matches[1]))>1) && //if part 1 has more than 1 occurences: part is the stuff between ()
    (count(array_filter($matches[2]))>1) && //if part 2 has more than 1 occurences
    (count(array_filter($matches[3]))>1) //if part 3 has more than 1 occurences
  ) return true; 
  return false;
} // end validatePassword

 

 

-edit: oh i just looked in a regex library and i saw someone using this (?=.*[a-z]) where i am particularry interested in ?=.* i have a feeling this could help with the above in some way. look this is wwhat someone made

^(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{4,8}$

[fortnox007]

hehe i just did the following with using the weird stuff in the bracktes and it seems to work.

'~^(?=.*[^a-zA-Z])(?=.*[a-z])(?=.*[A-Z]).{5,20}$~'

 

anyone know how i may interpret ?=.*  kinda hard to google for it

[.josh]

umm, my code is being done with a single regex....it's just followed by a condition based on what is matched....

 

Anyways... I guess positive lookaheads is a clever way to do it without a followup condition.  That pattern will look for at least 1 of each.  If you want to do at least 2 of each:

 

return preg_match('~^(?=.*[^a-zA-Z](?=.*[^a-zA-Z]))(?=.*[a-z](?=.*[a-z]))(?=.*[A-Z](?=.*[A-Z])).{5,20}$~',$password);

 

This also will check to make sure the password is between 5 and 20 chars long (which looks like you figured that bit out)

[.josh]

anyone know how i may interpret ?=.*  kinda hard to google for it

 

it's called a positive lookahead

[fortnox007]

hehe your awesome! I already thought that would be the name of it (because you mentioned it sneaky in the post above this one), just landed on this page:http://www.regular-expressions.info/lookaround.html

 

Never heard of it, but it sure look nice.

 

Thanks a lot for the help Crayon, and thanks for showing the array filter way. never seen that either. Bookkmarked it

 

Cheers!

[.josh]

good luck on your reading on lookarounds...they are one of the hardest parts of regex to grasp In theory they seem easy enough but in practice...lol you will most likely bang your head on the wall many times

[fortnox007]

hehe i am glad i have soft walls