使用PHP preg_匹配验证密码策略
我正在尝试使用preg_match和RegEx验证密码,但它似乎不起作用。我要做的是:确保密码满足以下最低条件: -包含大小写混合的字母 -包含至少一个数字 -其余的可以是任何东西,只要满足上述两个条件 我尝试了以下正则表达式,但似乎无法正常工作:使用PHP preg_匹配验证密码策略,php,regex,Php,Regex,我正在尝试使用preg_match和RegEx验证密码,但它似乎不起作用。我要做的是:确保密码满足以下最低条件: -包含大小写混合的字母 -包含至少一个数字 -其余的可以是任何东西,只要满足上述两个条件 我尝试了以下正则表达式,但似乎无法正常工作: (?=.*?[a-z])(?=.*?[A-Z])(?=.*?[0-9]) 我以前有过其他更简单的正则表达式,比如:[A-Za-z0-9],但没有成功。我正在检查preg\u match($string,$pattern)==0(意味着模式不匹配=>
(?=.*?[a-z])(?=.*?[A-Z])(?=.*?[0-9])
我以前有过其他更简单的正则表达式,比如:
[A-Za-z0-9]preg\u match($string,$pattern)==0^(?=.*?[a-z])(?=.*?[A-Z])(?=.*?[0-9])
$yourstring = 'Ab';
$regex = '~^(?=.*?[a-z])(?=.*?[A-Z])(?=.*?[0-9])~m';
if (preg_match($regex, $yourstring)) {
echo 'Yes! It matches!';
}
else {
echo 'No, it fails';
} // No, it fails
如果可能的话,我总是尽量避免使用正则表达式,所以我采取了不同的方法来解决这个问题。下面的代码将测试至少一个大写、一个小写和一个数字的密码
function isValidPassword($password)
{
$hasUppercase = false;
$hasLowercase = false;
$hasDigit = false;
foreach (str_split($password) as $char)
{
$charAsciiValue = ord($char);
if ($charAsciiValue >= ord('A') && $charAsciiValue <= ord('Z')) {
$hasUppercase = true;
}
if ($charAsciiValue >= ord('a') && $charAsciiValue <= ord('z')) {
$hasLowercase = true;
}
if ($charAsciiValue >= ord('0') && $charAsciiValue <= ord('9')) {
$hasDigit = true;
}
}
return $hasUppercase && $hasLowercase && $hasDigit;
}
var_dump(isValidPassword('Ab9c'));
var_dump(isValidPassword('abc'));
我提供了一个不同的解决方案,主要是因为regexp提供了很少的错误报告,并且您必须在事后手动测试字符串的内聚性。考虑分开这些模式并增加它们自己的错误。迭代每个需求,并测试模式。将错误推送到数组中,然后检查它们是否存在。使用
if(validate\u password($pass)):function validate_password($pass){
$requirements = array();
//uppercase
$requirements['uppercase']['pattern'] = '/[A-Z]/';
$requirements['uppercase']['error'] = 'Your password must contain at least one uppercase letter.';
//lowercase
$requirements['lowercase']['pattern'] = '/[a-z]/';
$requirements['lowercase']['error'] = 'Your password must contain at least one lowercase letter.';
//requires a number
$requirements['number']['pattern'] = '/[0-9]/';
$requirements['number']['error'] = 'Your password must contain at least one number.';
//special characters
$requirements['special_character']['pattern'] = '/[!@#$%^&*()\\-_=+{};\:,<\.>]/';
$requirements['special_character']['error'] = 'Your password must contain at least one special character.';
//length
$requirements['length']['pattern'] = '/^.{8,}/';
$requirements['length']['error'] = 'Your password must be at least 8 characters in length total.';
$is_valid = false; //our flag to return as true once all tests have passed.
$errors = false;
//validate all requirements
foreach($requirements as $idx => $req):
if(preg_match($req['pattern'], $pass, $matches)):
$is_valid = true;
else:
$errors[] = $req['error'];
$is_valid = false;
endif;
endforeach;
//if we had errors above
if($errors):
$is_valid = false;
foreach($errors as $error):
echo '<p>', $error, '</p>';
endforeach;
endif;
return $is_valid;
}
$pass = 'j!Adz6'; //change this to test
echo validate_password($pass);
函数验证密码($pass){
$requirements=array();
//大写字母
$requirements['uppercase']['pattern']='/[A-Z]/';
$requirements['uppercase']['error']='您的密码必须至少包含一个大写字母';
//小写的
$requirements['lowercase']['pattern']='/[a-z]/';
$requirements['lowercase']['error']='您的密码必须至少包含一个小写字母';
//需要一个数字
$requirements['number']['pattern']='/[0-9]/';
$requirements['number']['error']='您的密码必须至少包含一个数字';
//特殊字符
$requirements['special_character']['pattern']='/[!@$%^&*()\\-\\\=+{};\:,]/';
$requirements['special_character']['error']='您的密码必须至少包含一个特殊字符';
//长度
$requirements['length']['pattern']='/^.{8,}/';
$requirements['length']['error']='您的密码总长度必须至少为8个字符';
$is_valid=false;//一旦所有测试都通过,我们的标志将返回true。
$errors=false;
//验证所有需求
foreach($idx=>$req的需求):
如果(preg_match($req['pattern'],$pass,$matches)):
$is_valid=true;
其他:
$errors[]=$req['error'];
$is_valid=false;
endif;
endforeach;
//如果我们有上面的错误
如果($错误):
$is_valid=false;
foreach($errors as$error):
回显“”,$error“”;
endforeach;
endif;
return$是有效的;
}
$pass='j!Adz6′//将此更改为“测试”
echo验证密码($pass);
这是一个让你高兴的例子。你是否拥有键盘公司的股份,或者是否有其他理由避免使用非常适合这项任务的东西?@Rjown我的观点是,一般来说,解析、检查和修改正则表达式需要更多的脑力劳动。“所以基本上这是一个可维护性的问题。”科德肯同意。仅仅因为Regexp可以,并不意味着它应该。我怀疑如果你不再回避它们,你会有一个完全相反的观点@哦,天哪,这是胡说八道,你总是用最好的工具来完成这项工作。这20多行代码太荒谬了。@rjdown对不起,但我不同意。冗长的代码并不意味着代码不好。请告诉我如何使用一行RegExp处理错误报告,我会让步的。
bool(true)
bool(false)
function validate_password($pass){
$requirements = array();
//uppercase
$requirements['uppercase']['pattern'] = '/[A-Z]/';
$requirements['uppercase']['error'] = 'Your password must contain at least one uppercase letter.';
//lowercase
$requirements['lowercase']['pattern'] = '/[a-z]/';
$requirements['lowercase']['error'] = 'Your password must contain at least one lowercase letter.';
//requires a number
$requirements['number']['pattern'] = '/[0-9]/';
$requirements['number']['error'] = 'Your password must contain at least one number.';
//special characters
$requirements['special_character']['pattern'] = '/[!@#$%^&*()\\-_=+{};\:,<\.>]/';
$requirements['special_character']['error'] = 'Your password must contain at least one special character.';
//length
$requirements['length']['pattern'] = '/^.{8,}/';
$requirements['length']['error'] = 'Your password must be at least 8 characters in length total.';
$is_valid = false; //our flag to return as true once all tests have passed.
$errors = false;
//validate all requirements
foreach($requirements as $idx => $req):
if(preg_match($req['pattern'], $pass, $matches)):
$is_valid = true;
else:
$errors[] = $req['error'];
$is_valid = false;
endif;
endforeach;
//if we had errors above
if($errors):
$is_valid = false;
foreach($errors as $error):
echo '<p>', $error, '</p>';
endforeach;
endif;
return $is_valid;
}
$pass = 'j!Adz6'; //change this to test
echo validate_password($pass);