Jump to content

Password Validation

DoQtor N0

By DoQtor N0
in PHP Coding Help

 Share

Recommended Posts

DoQtor N0 Newbie

DoQtor N0

Posted
Posted

I am a newbie to php. Ran away from it from years but now I see the light!

 

I am in the process of developing a web site application w/ MySql backend and I would like to do the following:

 

1.  Client registers for my site.

2.  How do I create code that validates password format to meet my password criteria (i.e. (2) capital letters, (2) special characters etc etc.

Link to comment
Share on other sites
drisate Advanced Member

drisate

Posted
Posted 

<?
function Check_Password($password)
         {
         //Makes it easy to implement grammar rules.
         $password_flaws = array();

         $strlen = strlen($password);

         if($strlen <= 5)
            $password_flaws[sizeof($password_flaws)] = "too short";

         $count_chars = count_chars($password, 3);

         if(strlen($count_chars) < $strlen / 2)
            $password_flaws[sizeof($password_flaws)] = "too simple";

         //The function returns an empty string if the password is "good".
         $return_string = "";
         $sizeof = sizeof($password_flaws);

         for($index = 0; $index < $sizeof; $index++)
            {
            if($index == 0)
               $return_string .= "the password is ";

            if($index == $sizeof - 1 && $sizeof != 1)
               $return_string .= " and ";

            //this is in case i have more than 3 sources of error.
            if($index != 0 && $index != $sizeof - 1)
               $return_string .= ", ";

            $return_string .= $password_flaws[$index];
            }

         return($return_string);
         }
?>

 

You can validate your password this way. Add in there any extra rules you may need. (don't over do it thought)

Link to comment
Share on other sites
fortnox007 Regular Member

fortnox007

Posted
Posted

maybe try this out i used regular expresions for it.

 

<body>
        <?php
        if (isset($_POST['submit'])&& !empty($_POST['password'])){ // simple check if pressed submit and value of password is not empty
            $password = $_POST['password']; //assign value of form value to php variable

            if(preg_match('~[A-Z]{2,}[a-z]{2,}[^a-zA-Z]{2,}~',$password)){ //atleast 2 uppercase 2 lowercase 2 special character or number
                echo 'nice password';
            }else{
                echo 'password must contain bla bla bla';
            }
        }else{
            echo 'enter a password'; //default message
        }

        ?>
        <form action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']); ?>" method="post">
            <input type="text" name="password" value="" />
            <input type="submit" name="submit" value="submit" />
        </form>

    </body>

the nice thing about regular expression is is that you can also use them exactly the same in javascript to give some extra cool realtime validation (but that's just as an extra, never rely on client side validation)

Link to comment
Share on other sites
fortnox007 Regular Member

fortnox007

Posted
Posted

maybe try this out i used regular expresions for it.

 

<body>
        <?php
        if (isset($_POST['submit'])&& !empty($_POST['password'])){ // simple check if pressed submit and value of password is not empty
            $password = $_POST['password']; //assign value of form value to php variable

            if(preg_match('~[A-Z]{2,}[a-z]{2,}[^a-zA-Z]{2,}~',$password)){ //atleast 2 uppercase 2 lowercase 2 special character or number
                echo 'nice password';
            }else{
                echo 'password must contain bla bla bla';
            }
        }else{
            echo 'enter a password'; //default message
        }

        ?>
        <form action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']); ?>" method="post">
            <input type="text" name="password" value="" />
            <input type="submit" name="submit" value="submit" />
        </form>

    </body>

the nice thing about regular expression is is that you can also use them exactly the same in javascript to give some extra cool realtime validation (but that's just as an extra, never rely on client side validation)

there is a slight error in my regex because it reuires that exact order :) but i hope you get the idea.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.