Enforcing Password Requirements
I want to check if the user has successfully met the following requirements:
- The passwor开发者_C百科d has at least 8 characters
- Consists of one capital & one lowercase letter
How would I do this?
I am using the PHP script below:
if ( strlen( $password ) < 8 ) {
false
} else {
if ( preg_match( "/[^0,9]/", $password ) ) {
// how to check the upper case and lower case
}
}
You can do that with a regex:
if (!preg_match('/^(?=[a-z])(?=[A-Z])[a-zA-Z]{8,}$/', $password))
{
//error
}
Use preg_match("/[A-Z]/") and preg_match("/[a-z]/")
if( strlen($password) < 8 ) {
return false;
}
if(preg_match("/[^0,9]/", $password)) {
how to check the upper case and lower case
}
if($password == strtoupper($password) || $password == strtolower($password)){
//pass fails because its either all upcase, or lowercase
}
You may use a password ranking technique:
$x = "a12ASD!@#$";
$rank = Array();
$rank['length'] = strlen($x);
$matches = Array();
preg_match_all("/([a-z]+)/", $x, $matches);
$rank['lowercase'] = strlen(implode('', $matches[0]))/count($matches[0]);
$matches = Array();
preg_match_all("/([A-Z]+)/", $x, $matches);
$rank['uppercase'] = strlen(implode('', $matches[0]))/count($matches[0]);
$matches = Array();
preg_match_all("/([0-9]+)/", $x, $matches);
$rank['numbers'] = strlen(implode('', $matches[0]))/count($matches[0]);
$matches = Array();
preg_match_all("/([^a-zA-Z0-9]+)/", $x, $matches);
$rank['symbols'] = strlen(implode('', $matches[0]))/count($matches[0]);
echo "<pre>";
var_dump($rank);
echo "</pre>";
if (
strlen($password) >= 8) &&
preg_match('/[A-Z]/', $password) > 0 &&
preg_match('/[a-z]/', $password) > 0 )
{
/* Password validation passes, do stuff. */
}
else {
/* Password validation fails, show error. */
}
You can use trim, which is actually much faster than regexp
if ( trim( $password, 'a..z') != '' && trim( $password, 'A..Z') != '' && strlen($password) >= 8 )
{
/* Password validation passes, do stuff. */
}
else {
/* Password validation fails, show error. */
}
preg_match('/[a-z]/', $password) && preg_match('/[A-A]/', $password)
To verify that a user has met the password requirements on the php side, it would be as follows.
// Given password
$password = 'user-input-pass';
// Validate password strength
$uppercase = preg_match('@[A-Z]@', $password);
$lowercase = preg_match('@[a-z]@', $password);
$number = preg_match('@[0-9]@', $password);
$specialChars = preg_match('@[^\w]@', $password);
if(!$uppercase || !$lowercase || !$number || !$specialChars || mb_strlen($password) < 8) {
echo 'Password should be at least 8 characters in length and should include at least one upper case letter, one number, and one special character.';
}else{
echo 'Strong password.';
}
the script that I give you; check length, complexity (contain numbers, uppercase, lowercase and if you want special characters)
This function lets you set the minimum requirements by counting occurrences using the count parameter in preg_replace:
function password_validate($password, $min_length=8, $min_lowercases=1, $min_uppercases=1, $min_numbers=1, $min_specials=0) {
preg_replace('#[a-z]#', '', $password, -1, $lowercases);
preg_replace('#[A-Z]#', '', $password, -1, $uppercases);
preg_replace('#[0-9]#', '', $password, -1, $numbers);
preg_replace('#[^\w]#', '', $password, -1, $specials);
return (mb_strlen($password) >= $min_length && $lowercases >= $min_lowercases && $uppercases >= $min_uppercases && $numbers >= $min_numbers && $specials >= $min_specials);
}
It can be used like this:
if (!password_validate($new_password)) {
echo 'Password did not meet requirements';
}
Or passing the requirements:
if (!password_validate($new_password, 6, 1, 0, 0, 0)) {
echo 'Password did not meet requirements';
}
I think John Code's answer must use this pattern instead:
if (!preg_match('/^(?=.*[a-z])(?=.*[A-Z])[a-zA-Z]{8,}$/', $password))
{
//error
}
See Regex for password must contain at least eight characters, at least one number and both lower and uppercase letters and special characters
加载中,请稍侯......
精彩评论