Regex Issue

[Paradoxz]

Yes, Regex.. everyone's most feared topic. I hope some brave soul can help.

 

Trying for password validation, numbers and letters only allowed and 8-12 characters. I have tried hundreds of combinations, the one below is the closest I have gotten. The issue is anything under 8 doesn't work but everything over 12 still does for some reason.

 

/(\d|[a-z]){8,12}/

 

also tried: (same results)

 

/\d|[a-z]{8,12}/

 

 

Anyone know why the 12 isn't registering?

 

 

// password validator
$passpattern = "/(\d|[a-z]){8,12}/";
if(!preg_match($passpattern, $_POST['pass'])) { 

		header("location:add.php?errorcode=5");
		die('');

}

[efficacious]

<?php

$Pattern = '/^[a-z0-9]{8,12}$/';

?>

[Paradoxz]

<?php

$Pattern = '/^[a-z0-9]{8,12}$/';

?>

 

Ah yes, the ^ begins with and $ ends with. It works now that they are added, how dumb of me to forget them.

 

 

/^(\d|[a-z]){8,12}$/          is what I used.

 

it's the same as you wrote, except \d is identical to 0-9 I guess having to throw | in there makes it the same amount of characters though, and probably the same speed.

 

 

thank you.

[efficacious]

np i am always up for a reg challenge.. the more you do the better you get glad its working for you

[fugix]

Try instead

$pattern = '/^([a-zA-Z0-9]{8,12})$/i';

[Paradoxz]

Try instead

$pattern = '/^([a-zA-Z0-9]{8,12})$/i';

 

Fugix,

 

great advice on the /i

 

Not sure why, but on my email validator and password validator I don't use /i and I only specify a-z not a-zA-Z and it works fine for upper or lower case, so I always omit the /i and A-Z

[bigc1487]

If you add the end of line modifier then it will still match anything above 12.. if my pass word is abcdefghijklmnop it will only match the last 12 characters... efghijklmnop

 

try:

 

if(!preg_match($passpattern, $_POST['pass']) && strlen($_POST['pass'])>=12) {

[Pikachu2000]

You don't really even need a pattern to validate that.

 

if( ctype_alnum($password) && strlen($password) > 7 && strlen($password) < 13 ) {
     // meets criteria
}

[Paradoxz]

If you add the end of line modifier then it will still match anything above 12.. if my pass word is abcdefghijklmnop it will only match the last 12 characters... efghijklmnop

 

try:

 

if(!preg_match($passpattern, $_POST['pass']) && strlen($_POST['pass'])<=12) {

 

 

The end of line modifier is working great and limiting it at 12. See code below, you can also try it here: http://failbet.com/acct/add.php

// password validator
$passpattern = "/^(\d|[a-z]){8,12}$/";
if(!preg_match($passpattern, $_POST['pass'])) { 

		header("location:add.php?errorcode=5");
		die('');

}

 

Thanks again everyone!

[fugix]

Pikachu's method will work as well in this case, less complicated as well, personal preference as to which one you want to use

[Paradoxz]

You don't really even need a pattern to validate that.

 

if( ctype_alnum($password) && strlen($password) > 7 && strlen($password) < 13 ) {
     // meets criteria
}

 

Excellent script as well, I am trying to get better at Regex (hence the more complicated approach I took)  Thanks for your help!

[xyph]

Sort of off topic, but why on earth are you restricting user passwords?

 

Enforce minimum length, enforce at least one upper, lower, digit, symbol, etc... but you should never have a maximum length or disallow characters.

 

I like the RegEx-less solution, but the cleanest RegEx will be

 

/^[a-z\d]{8,12}+$/i