By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
459,504 Members | 1,170 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 459,504 IT Pros & Developers. It's quick & easy.

Advanced Regex

P: n/a
Hi there,

i'm trying to make a regex, but it ain't working.
In just one regex expression I want to check a password that must meet
following requirements:
- at least 6 characters long
- at least one letter (doesn't matter where in te string)
- at least one number (doesn't matter where in te string)
(those are no prob)
- excluding 0, o, O, i, I, l, L, 1 (to prevent confusion about
password chars when font is for ex. Arial)

Can anyone help?

Thanks

Christ.
Jul 20 '05 #1
Share this Question
Share on Google+
9 Replies


P: n/a
Christ wrote:
i'm trying to make a regex, but it ain't working.


"It doesn't work" is a useless error *description*.
What have you already tried? What errors have occured
on which line?
PointedEars

Jul 20 '05 #2

P: n/a

"Christ" <ch**************@hotmail.com> skrev i melding
news:36**************************@posting.google.c om...
Hi there,

i'm trying to make a regex, but it ain't working.
In just one regex expression I want to check a password that must meet
following requirements:
- at least 6 characters long
- at least one letter (doesn't matter where in te string)
- at least one number (doesn't matter where in te string)
(those are no prob)
- excluding 0, o, O, i, I, l, L, 1 (to prevent confusion about
password chars when font is for ex. Arial)

Can anyone help?

Thanks

Christ.


Why use regex? Isn't there much more easier to just traverse the string to
see if you can find a number, a letter and an "if password.length > 5 { " to
check the length ? I would do it that way.
Jul 20 '05 #3

P: n/a
ch**************@hotmail.com (Christ) writes:
In just one regex expression I want to check a password that must meet
following requirements:
Why just one regular expression? Sure, anything you can make with more
than one regular expression can be made with just one, but the size of
the one can easily be the product of the sizes of the many (and
shorthands make it worse, since they typically apply to simple
expressions more than complex ones)
- at least 6 characters long
input.length >= 6
- at least one letter (doesn't matter where in te string)
(/[a-hj-kmnp-z]/i).test(input)
- at least one number (doesn't matter where in te string)
(/[2-9]/).test(input)
(those are no prob)
- excluding 0, o, O, i, I, l, L, 1 (to prevent confusion about
password chars when font is for ex. Arial)


Combining these in one expression will give you a *huge* expression,
I can tell you that without trying.
There is one shorthand that can help you, though: look-ahead. It
only exist in recent versions of Javascript, though.

/^(?=.*[2-9])(?=.*[a-hj-kmnp-z]).{6,}/i
^^^^^^^^^^^ look-ahead contains at least one of 2-9
^^^^^^^^^^^^^^^^^^^ look-ahead contains a letter, not i,l,o
^^^^^ at least six characters

It seems to me that IE has a problem with positive lookahead:
/^(?=.+4)123/.test("1234")
This test should give true. In IE it gives false. However,
/^(?=.+4)123/.test("12345")
does give true. Changing + to * just makes it worse.

Some times, using just one regular expression is shooting your own foot.

/L
--
Lasse Reichstein Nielsen - lr*@hotpop.com
Art D'HTML: <URL:http://www.infimum.dk/HTML/randomArtSplit.html>
'Faith without judgement merely degrades the spirit divine.'
Jul 20 '05 #4

P: n/a
Lasse Reichstein Nielsen <lr*@hotpop.com> writes:
/^(?=.*[2-9])(?=.*[a-hj-kmnp-z]).{6,}/i


Doh. That doesn't prevent the remaining characters from being o, i, l,
1, or 0. For that, do:
/^(?=.*[2-9])(?=.*[a-hj-kmnp-z])[^oil01]{6,}/i

However, that also allows characters like |, !, , , , etc. These might
also be confuzed with each other. If you just want digits and characters,
change [^oil01] to [2-9a-hjkmnp-z].

/L
--
Lasse Reichstein Nielsen - lr*@hotpop.com
Art D'HTML: <URL:http://www.infimum.dk/HTML/randomArtSplit.html>
'Faith without judgement merely degrades the spirit divine.'
Jul 20 '05 #5

P: n/a
JRS: In article <ad**********@hotpop.com>, seen in
news:comp.lang.javascript, Lasse Reichstein Nielsen <lr*@hotpop.com>
posted at Thu, 16 Oct 2003 13:46:37 :-
- at least 6 characters long


input.length >= 6
- at least one letter (doesn't matter where in te string)


(/[a-hj-kmnp-z]/i).test(input)
- at least one number (doesn't matter where in te string)


(/[2-9]/).test(input)

I'd do
(/^[a-hj-kmnp-z2-9]{6,}$/i).test(input)
instead of the first; it also checks that all characters are reasonable
- " A 3 " is in accordance with the stated - presumed homework -
requirement but is not a good password.

The later tests can use [a-z] and \d then.

However, passwords should not appear on the screen when typing, so
screen font does not matter; and if they have to be communicated in
writing that can be done in a sensible font.

Since L can, he says, be confused, presumably case does not matter; in
that case, the restriction to 31 of 36 alphanumerics reduces security by
about 60%.

The minus between j & k seems unnecessary.

--
John Stockton, Surrey, UK. ?@merlyn.demon.co.uk Turnpike v4.00 IE 4
<URL:http://jibbering.com/faq/> Jim Ley's FAQ for news:comp.lang.javascript
<URL:http://www.merlyn.demon.co.uk/js-index.htm> JS maths, dates, sources.
<URL:http://www.merlyn.demon.co.uk/> TP/BP/Delphi/JS/&c., FAQ topics, links.
Jul 20 '05 #6

P: n/a
rh
Lasse Reichstein Nielsen <lr*@hotpop.com> wrote in message news:<65**********@hotpop.com>...
Lasse Reichstein Nielsen <lr*@hotpop.com> writes:
/^(?=.*[2-9])(?=.*[a-hj-kmnp-z]).{6,}/i


Doh. That doesn't prevent the remaining characters from being o, i, l,
1, or 0. For that, do:
/^(?=.*[2-9])(?=.*[a-hj-kmnp-z])[^oil01]{6,}/i

However, that also allows characters like |, !, , , , etc. These might
also be confuzed with each other. If you just want digits and characters,
change [^oil01] to [2-9a-hjkmnp-z].

/L


Seems you intended to add a $ anchor to really ensure no extraneous
characters at the end of the string:

/^(?=.*[2-9])(?=.*[a-hj-kmnp-z])[2-9a-hj-kmnp-z]{6,}$/i
However, while Opera 7.11 appears to handle this correctly, Netscape
7.1 (as well as IE) has problems with lookahead. So for something that
should be equivalent and stand a chance of working generally:

/[a-z]\d|\d[a-z]/i.test(pwStr)
&& /^[2-9a-hj-kmnp-z]{6,}$/i.test(pwStr)
Jul 20 '05 #7

P: n/a
rh
Dr John Stockton <sp**@merlyn.demon.co.uk> wrote in message news:<5S**************@merlyn.demon.co.uk>...
JRS: In article <ad**********@hotpop.com>, seen in
news:comp.lang.javascript, Lasse Reichstein Nielsen <lr*@hotpop.com>
posted at Thu, 16 Oct 2003 13:46:37 :- The minus between j & k seems unnecessary.


Right, it is. Probably a typo in placing the dash -- [a-h-jkmnp-z] was
the sequence intended, I believe, to eliminate i/I as per the OP.
Jul 20 '05 #8

P: n/a
rh
co********@yahoo.ca (rh) wrote in message news:<29**************************@posting.google. com>...
Dr John Stockton <sp**@merlyn.demon.co.uk> wrote in message news:<5S**************@merlyn.demon.co.uk>...
JRS: In article <ad**********@hotpop.com>, seen in
news:comp.lang.javascript, Lasse Reichstein Nielsen <lr*@hotpop.com>
posted at Thu, 16 Oct 2003 13:46:37 :-

The minus between j & k seems unnecessary.


Right, it is. Probably a typo in placing the dash -- [a-h-jkmnp-z] was
the sequence intended, I believe, to eliminate i/I as per the OP.


And then again on this one perhaps it would have been better to say
"Right it is.", or better yet nothing at all :-).
Jul 20 '05 #9

P: n/a
rh
Lasse Reichstein Nielsen <lr*@hotpop.com> wrote in message news:<ad**********@hotpop.com>...
ch**************@hotmail.com (Christ) writes:
In just one regex expression I want to check a password that must meet
following requirements:

/^(?=.*[2-9])(?=.*[a-hj-kmnp-z]).{6,}/i
^^^^^^^^^^^ look-ahead contains at least one of 2-9
^^^^^^^^^^^^^^^^^^^ look-ahead contains a letter, not i,l,o
^^^^^ at least six characters

It seems to me that IE has a problem with positive lookahead:
/^(?=.+4)123/.test("1234")
This test should give true. In IE it gives false. However,
/^(?=.+4)123/.test("12345")
does give true. Changing + to * just makes it worse.


Lookahead in a RegExp is supposed to be a zero-width assertion. In
addition to the above problems, IE 6 "eats characters" in the
lookahead. Netscape 6.1 and Mozilla 5/1.2b, by some coincidence, do
the same.

Opera 7.11 gets it right (and appears to match Perl behaviour) in a
limited number of tests performed.

So it seems that lookahead in a js RegExp is something that should be
strictly avoided, unless one is authoring for a very specific js
environment that can properly support it.

..\rh
Jul 20 '05 #10

This discussion thread is closed

Replies have been disabled for this discussion.