Alex Gemmell wrote:
Hello!
I'm checking user chosen passwords for validity and have created 7
tests. It's not 100% bulletproof but it will do for now. My problem
is with the last check "have 6 unique characters". I'm at a loss at
how to check for this in a neat one-liner.
My brain is starting to go off on some horribly complicated routines
but I'm sure it can be done neatly (like the regular expressions).
Can anyone help me with this? By the way - I've only just learnt
regular expressions this morning so I'm no expert on them...
########
# Code:
########
function check_password($password) {
# It exists
if ( !isset($password) ) return false;
this is pointless, the function will hurl if you don't pass an arg.
# Not empty
if ( empty($password) ) return false;
#At least 8 characters long
if ( strlen($password)<8 ) return false;
#Does not contain special characters e.g. (!@#:?<>,./;'`[=\]{space})
if ( !preg_match ('/[][)(.,!@#:?<>\/\\\\;\'`=\\s]/', $password)
) return false;
why are you not allowing 'special' chars? these can increase pwd complexity -
which is a good thing.
#Contain at least one number
if ( !preg_match ('/\\d/', $password) ) return false;
Im pretty sure the double backslash is a typo.
here are some regexps from a php5 class I use:
class RegExp
{
const UNSIGNED_INT = '^\d*$';
const SIGNED_INT = '^[-+]?\d*$';
const FLOATING_POINT = '^[-+]?([0-9]*\.)?[0-9]+$';
const FLOAT_GTEQ1 = '^[1-9](\.\d+)?$';
// ....
}
#Contain at least one letter
if ( !preg_match ('/[a-zA-Z]/', $password) ) return false;
#Have 6 unique characters
if ( ????????? ) return false;
if (count($chars = preg_split("//", $password, -1, PREG_SPLIT_NO_EMPTY)) &&
(array_unique($chars) !== $chars)) return false;
its a one liner - just a rather long line. the count() is not really ness.
but really is this a good check? consider the following password:
aNalR3teNt1vE$%^.
rather better than:
jack1234.
the second pwd would pass your test, the first one wouldn't
you might want to pass the passwd check to a cmdline utility
which is made for the job.
return true;
}
########
Thanks,
Alex
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php