473,378 Members | 1,407 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,378 software developers and data experts.

Username regular expression

Does anyone have a good regular expression snippet to validate usernames
and passwords?
--
Geoff Berrow (put thecat out to email)
It's only Usenet, no one dies.
My opinions, not the committee's, mine.
Simple RFDs http://www.ckdog.co.uk/rfdmaker/
Jan 27 '07 #1
9 11262
Rik
Geoff Berrow <bl******@ckdog.co.ukwrote:
Does anyone have a good regular expression snippet to validate usernames
and passwords?
Euhm, validating usernames & passwords with a regex? It all depends on
your requirements offcourse.

The way I usually handle it:
- I'll have a very retrictive character set for the username (usually
something like [a-zA-Z0-9_\s]+).
- Passwords are totally free, you can have a 1MB password string with
chinese characters for all I care. I'll only use the md5'ed version of
this. This means user cannot retrieve passwords, they can only ask for a
link in their email, which would generate a new password for them if they
click on it.
--
Rik Wasmus
Jan 27 '07 #2
Message-ID: <op***************@misant.kabel.utwente.nlfrom Rik
contained the following:
>The way I usually handle it:
- I'll have a very retrictive character set for the username (usually
something like [a-zA-Z0-9_\s]+).
That's the thing I was looking for. And how would I use that with
preg_match? Just can't get my head round regex syntax, sorry.
>- Passwords are totally free, you can have a 1MB password string with
chinese characters for all I care. I'll only use the md5'ed version of
this.
Good point.

--
Geoff Berrow (put thecat out to email)
It's only Usenet, no one dies.
My opinions, not the committee's, mine.
Simple RFDs http://www.ckdog.co.uk/rfdmaker/
Jan 27 '07 #3
Rik
Geoff Berrow <bl******@ckdog.co.ukwrote:
Message-ID: <op***************@misant.kabel.utwente.nlfrom Rik
contained the following:
>The way I usually handle it:
- I'll have a very retrictive character set for the username (usually
something like [a-zA-Z0-9_\s]+).

That's the thing I was looking for. And how would I use that with
preg_match? Just can't get my head round regex syntax, sorry.
Hmmz, correction, I seem to use [a-zA-Z0-9_-]

//checking on valid username, for instance when signing up.
$valid = !preg_match('/[^a-z0-9_-]/i',trim($_POST['username']));

//making the username valid when checking for inlog
$username = trim(preg_replace('/[^a-z0-9_-]/i',$_POST['username']));

Keep in mind you can get some lip from people wanting to use andré, garçon
etc... If they've got weird characters in their name they usually want it
in their username as well. It would be possible offcourse, but would
require a lot more checking and watching out for broken multibyte
strings. I'm lazy, so I just say that would be a security risk :-).
--
Rik Wasmus
Jan 27 '07 #4
Geoff Berrow wrote:
Does anyone have a good regular expression snippet to validate
usernames and passwords?
Take a look at:

http://regexlib.com/Search.aspx?k=username
Jan 27 '07 #5
On Jan 27, 5:56 am, Rik <luiheidsgoe...@hotmail.comwrote:
Geoff Berrow <blthe...@ckdog.co.ukwrote:
Message-ID: <op.tmtehzlvqnv...@misant.kabel.utwente.nlfrom Rik
contained the following:
The way I usually handle it:
- I'll have a very retrictive character set for the username (usually
something like [a-zA-Z0-9_\s]+).
That's the thing I was looking for. And how would I use that with
preg_match? Just can't get my head round regex syntax, sorry.

Hmmz, correction, I seem to use [a-zA-Z0-9_-]
This is also fairly restrictive, but allows spaces (as opposed to
allowing tabs or newlines): [\w -]
Note: \w is the same as [a-zA-Z0-9_]
//checking on valid username, for instance when signing up.
$valid = !preg_match('/[^a-z0-9_-]/i',trim($_POST['username']));

//making the username valid when checking for inlog
$username = trim(preg_replace('/[^a-z0-9_-]/i',$_POST['username']));

Keep in mind you can get some lip from people wanting to use andré, garçon
etc... If they've got weird characters in their name they usually want it
in their username as well. It would be possible offcourse, but would
require a lot more checking and watching out for broken multibyte
strings. I'm lazy, so I just say that would be a security risk :-).
--
Rik Wasmus
Lol, that's pretty funny.

--
Curtis

Jan 28 '07 #6
Rik
Curtis <dy****@gmail.comwrote:
On Jan 27, 5:56 am, Rik <luiheidsgoe...@hotmail.comwrote:
>Geoff Berrow <blthe...@ckdog.co.ukwrote:
Message-ID: <op.tmtehzlvqnv...@misant.kabel.utwente.nlfrom Rik
contained the following:
>The way I usually handle it:
- I'll have a very retrictive character set for the username (usually
something like [a-zA-Z0-9_\s]+).
That's the thing I was looking for. And how would I use that with
preg_match? Just can't get my head round regex syntax, sorry.

Hmmz, correction, I seem to use [a-zA-Z0-9_-]

This is also fairly restrictive, but allows spaces (as opposed to
allowing tabs or newlines): [\w -]
Note: \w is the same as [a-zA-Z0-9_]
I'd allow underscores also, so [\w _-].

I usually don't use the \w so I can recognize valid characters somewhat
easier, but it works OK offcourse.
--
Rik Wasmus
Jan 28 '07 #7
..oO(Curtis)
>Note: \w is the same as [a-zA-Z0-9_]
Not necessarily. \w depends on the current locale and might match more
characters than just the ones mentioned above.

Micha
Jan 28 '07 #8
Message-ID: <op***************@misant.kabel.utwente.nlfrom Rik
contained the following:
>Note: \w is the same as [a-zA-Z0-9_]

I'd allow underscores also, so [\w _-].

I usually don't use the \w so I can recognize valid characters somewhat
easier, but it works OK offcourse.
And it has the advantage of allowing accented characters. Thanks guys.

--
Geoff Berrow (put thecat out to email)
It's only Usenet, no one dies.
My opinions, not the committee's, mine.
Simple RFDs http://www.ckdog.co.uk/rfdmaker/
Jan 30 '07 #9
On Jan 28, 3:34 pm, Rik <luiheidsgoe...@hotmail.comwrote:
Curtis <dye...@gmail.comwrote:
On Jan 27, 5:56 am, Rik <luiheidsgoe...@hotmail.comwrote:
Geoff Berrow <blthe...@ckdog.co.ukwrote:
Message-ID: <op.tmtehzlvqnv...@misant.kabel.utwente.nlfrom Rik
contained the following:
The way I usually handle it:
- I'll have a very retrictive character set for the username (usually
something like [a-zA-Z0-9_\s]+).
That's the thing I was looking for. And how would I use that with
preg_match? Just can't get my head round regex syntax, sorry.
Hmmz, correction, I seem to use [a-zA-Z0-9_-]
This is also fairly restrictive, but allows spaces (as opposed to
allowing tabs or newlines): [\w -]
Note: \w is the same as [a-zA-Z0-9_]

I'd allow underscores also, so [\w _-].

I usually don't use the \w so I can recognize valid characters somewhat
easier, but it works OK offcourse.
--
Rik Wasmus
Actually \w includes underscores in the character set.

I was not aware that it was dependent upon the current locale, thanks
for the heads up, Micha.

--
Curtis

Jan 30 '07 #10

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

6
by: Matt | last post by:
I want to check if the user enters alphabet or numbers only in the text box. If the user enters non-alphabet or non-numbers, I should pop up a message and doesn't allow the user to do that. I am...
4
by: Buddy | last post by:
Can someone please show me how to create a regular expression to do the following My text is set to MyColumn{1, 100} Test I want a regular expression that sets the text to the following...
4
by: Neri | last post by:
Some document processing program I write has to deal with documents that have headers and footers that are unnecessary for the main processing part. Therefore, I'm using a regular expression to go...
2
by: S.Kartikeyan | last post by:
I have the following problem. I am using the follwing Regular Expression validator(REV) with validator expressions ^{1,2}$ ^{3,20}$ The idea of the first exp is 1 or 2 digits the idea of second...
1
by: Andy G | last post by:
I am trying to validate a username text box. This text box comes off of a registration form where the user types in a username, I want to validate that they used between 6 and 15 alphanumeric...
7
by: Steve | last post by:
Hi I have a regular expression validator for my username field which just allows 3 to 30 characters without spaces to be inputted by the user. ^\S{3,30}$ How can I add to this expression not...
7
by: Billa | last post by:
Hi, I am replaceing a big string using different regular expressions (see some example at the end of the message). The problem is whenever I apply a "replace" it makes a new copy of string and I...
25
by: Mike | last post by:
I have a regular expression (^(.+)(?=\s*).*\1 ) that results in matches. I would like to get what the actual regular expression is. In other words, when I apply ^(.+)(?=\s*).*\1 to " HEART...
4
by: jdluk87 | last post by:
Hi, i should check if a username ($username) is like unix, so this username must start with a char, contains max 16 chars, all tiny and in general can contains just chars, numbers, and dot. all...
1
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...
0
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
0
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
0
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
1
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
1
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
0
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.