Does anyone have a good regular expression snippet to validate usernames
and passwords?
--
Geoff Berrow (put thecat out to email)
It's only Usenet, no one dies.
My opinions, not the committee's, mine.
Simple RFDs http://www.ckdog.co.uk/rfdmaker/ 9 11272
Geoff Berrow <bl******@ckdog.co.ukwrote:
Does anyone have a good regular expression snippet to validate usernames
and passwords?
Euhm, validating usernames & passwords with a regex? It all depends on
your requirements offcourse.
The way I usually handle it:
- I'll have a very retrictive character set for the username (usually
something like [a-zA-Z0-9_\s]+).
- Passwords are totally free, you can have a 1MB password string with
chinese characters for all I care. I'll only use the md5'ed version of
this. This means user cannot retrieve passwords, they can only ask for a
link in their email, which would generate a new password for them if they
click on it.
--
Rik Wasmus
Message-ID: <op***************@misant.kabel.utwente.nlfrom Rik
contained the following:
>The way I usually handle it: - I'll have a very retrictive character set for the username (usually something like [a-zA-Z0-9_\s]+).
That's the thing I was looking for. And how would I use that with
preg_match? Just can't get my head round regex syntax, sorry.
>- Passwords are totally free, you can have a 1MB password string with chinese characters for all I care. I'll only use the md5'ed version of this.
Good point.
--
Geoff Berrow (put thecat out to email)
It's only Usenet, no one dies.
My opinions, not the committee's, mine.
Simple RFDs http://www.ckdog.co.uk/rfdmaker/
Geoff Berrow <bl******@ckdog.co.ukwrote:
Message-ID: <op***************@misant.kabel.utwente.nlfrom Rik
contained the following:
>The way I usually handle it: - I'll have a very retrictive character set for the username (usually something like [a-zA-Z0-9_\s]+).
That's the thing I was looking for. And how would I use that with
preg_match? Just can't get my head round regex syntax, sorry.
Hmmz, correction, I seem to use [a-zA-Z0-9_-]
//checking on valid username, for instance when signing up.
$valid = !preg_match('/[^a-z0-9_-]/i',trim($_POST['username']));
//making the username valid when checking for inlog
$username = trim(preg_replace('/[^a-z0-9_-]/i',$_POST['username']));
Keep in mind you can get some lip from people wanting to use andré, garçon
etc... If they've got weird characters in their name they usually want it
in their username as well. It would be possible offcourse, but would
require a lot more checking and watching out for broken multibyte
strings. I'm lazy, so I just say that would be a security risk :-).
--
Rik Wasmus
On Jan 27, 5:56 am, Rik <luiheidsgoe...@hotmail.comwrote:
Geoff Berrow <blthe...@ckdog.co.ukwrote:
Message-ID: <op.tmtehzlvqnv...@misant.kabel.utwente.nlfrom Rik
contained the following:
The way I usually handle it:
- I'll have a very retrictive character set for the username (usually
something like [a-zA-Z0-9_\s]+).
That's the thing I was looking for. And how would I use that with
preg_match? Just can't get my head round regex syntax, sorry.
Hmmz, correction, I seem to use [a-zA-Z0-9_-]
This is also fairly restrictive, but allows spaces (as opposed to
allowing tabs or newlines): [\w -]
Note: \w is the same as [a-zA-Z0-9_]
//checking on valid username, for instance when signing up.
$valid = !preg_match('/[^a-z0-9_-]/i',trim($_POST['username']));
//making the username valid when checking for inlog
$username = trim(preg_replace('/[^a-z0-9_-]/i',$_POST['username']));
Keep in mind you can get some lip from people wanting to use andré, garçon
etc... If they've got weird characters in their name they usually want it
in their username as well. It would be possible offcourse, but would
require a lot more checking and watching out for broken multibyte
strings. I'm lazy, so I just say that would be a security risk :-).
--
Rik Wasmus
Lol, that's pretty funny.
--
Curtis
Curtis <dy****@gmail.comwrote:
On Jan 27, 5:56 am, Rik <luiheidsgoe...@hotmail.comwrote:
>Geoff Berrow <blthe...@ckdog.co.ukwrote:
Message-ID: <op.tmtehzlvqnv...@misant.kabel.utwente.nlfrom Rik
contained the following:
>The way I usually handle it: - I'll have a very retrictive character set for the username (usually something like [a-zA-Z0-9_\s]+).
That's the thing I was looking for. And how would I use that with
preg_match? Just can't get my head round regex syntax, sorry.
Hmmz, correction, I seem to use [a-zA-Z0-9_-]
This is also fairly restrictive, but allows spaces (as opposed to
allowing tabs or newlines): [\w -]
Note: \w is the same as [a-zA-Z0-9_]
I'd allow underscores also, so [\w _-].
I usually don't use the \w so I can recognize valid characters somewhat
easier, but it works OK offcourse.
--
Rik Wasmus
..oO(Curtis)
>Note: \w is the same as [a-zA-Z0-9_]
Not necessarily. \w depends on the current locale and might match more
characters than just the ones mentioned above.
Micha
Message-ID: <op***************@misant.kabel.utwente.nlfrom Rik
contained the following:
>Note: \w is the same as [a-zA-Z0-9_]
I'd allow underscores also, so [\w _-].
I usually don't use the \w so I can recognize valid characters somewhat easier, but it works OK offcourse.
And it has the advantage of allowing accented characters. Thanks guys.
--
Geoff Berrow (put thecat out to email)
It's only Usenet, no one dies.
My opinions, not the committee's, mine.
Simple RFDs http://www.ckdog.co.uk/rfdmaker/
On Jan 28, 3:34 pm, Rik <luiheidsgoe...@hotmail.comwrote:
Curtis <dye...@gmail.comwrote:
On Jan 27, 5:56 am, Rik <luiheidsgoe...@hotmail.comwrote:
Geoff Berrow <blthe...@ckdog.co.ukwrote:
Message-ID: <op.tmtehzlvqnv...@misant.kabel.utwente.nlfrom Rik
contained the following:
The way I usually handle it:
- I'll have a very retrictive character set for the username (usually
something like [a-zA-Z0-9_\s]+).
That's the thing I was looking for. And how would I use that with
preg_match? Just can't get my head round regex syntax, sorry.
Hmmz, correction, I seem to use [a-zA-Z0-9_-]
This is also fairly restrictive, but allows spaces (as opposed to
allowing tabs or newlines): [\w -]
Note: \w is the same as [a-zA-Z0-9_]
I'd allow underscores also, so [\w _-].
I usually don't use the \w so I can recognize valid characters somewhat
easier, but it works OK offcourse.
--
Rik Wasmus
Actually \w includes underscores in the character set.
I was not aware that it was dependent upon the current locale, thanks
for the heads up, Micha.
--
Curtis This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: Matt |
last post by:
I want to check if the user enters alphabet or numbers only in the
text box. If the user enters non-alphabet or non-numbers, I should pop
up a message and doesn't allow the user to do that. I am...
|
by: Buddy |
last post by:
Can someone please show me how to create a regular expression to do the
following
My text is set to
MyColumn{1, 100} Test
I want a regular expression that sets the text to the following...
|
by: Neri |
last post by:
Some document processing program I write has to deal with documents
that have headers and footers that are unnecessary for the main
processing part. Therefore, I'm using a regular expression to go...
|
by: S.Kartikeyan |
last post by:
I have the following problem.
I am using the follwing Regular Expression validator(REV) with validator expressions
^{1,2}$
^{3,20}$
The idea of the first exp is 1 or 2 digits
the idea of second...
|
by: Andy G |
last post by:
I am trying to validate a username text box. This text box comes off of a
registration form where the user types in a username, I want to validate
that they used between 6 and 15 alphanumeric...
| |
by: Steve |
last post by:
Hi I have a regular expression validator for my username field which
just allows 3 to 30 characters without spaces to be inputted by the
user.
^\S{3,30}$
How can I add to this expression not...
|
by: Billa |
last post by:
Hi,
I am replaceing a big string using different regular expressions (see
some example at the end of the message). The problem is whenever I
apply a "replace" it makes a new copy of string and I...
|
by: Mike |
last post by:
I have a regular expression (^(.+)(?=\s*).*\1 ) that results in
matches. I would like to get what the actual regular expression is.
In other words, when I apply ^(.+)(?=\s*).*\1 to " HEART...
|
by: jdluk87 |
last post by:
Hi,
i should check if a username ($username) is like unix, so this username must start with a char, contains max 16 chars, all tiny and in general can contains just chars, numbers, and dot.
all...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
| |
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated ...
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence...
| |