Created
March 19, 2024 09:58
-
-
Save joho1968/d6ec46228e900f9f72f913162fb72461 to your computer and use it in GitHub Desktop.
Simple password validator for PHP using mb_ereg_match()
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /* | |
| * Simple password construct validator for PHP | |
| * This code uses mb_ereg_match() | |
| * Joaquim Homrighausen <[email protected]> | |
| * Mar 19, 2024 | |
| * | |
| * Do whatever you want with this snippet :) | |
| * | |
| * This may not necessarily agree with the section "Strength of Memorized | |
| * Secrets" in the document from NIST: | |
| * | |
| * NIST Special Publication 800-63B | |
| * Digital Identity Guidelines | |
| * Authentication and Lifecycle Management | |
| * https://pages.nist.gov/800-63-3/sp800-63b.html | |
| */ | |
| /* | |
| * Requires that password is at least $min_length characters long (default 8). | |
| * Requires that password contains at least one UPPERCASE character. | |
| * Requires that password contains at least one lowercase character. | |
| * Requires that password contains at least one digit. | |
| * Requires that password contains at least one of the following: | |
| * ^ ! @ # $ % & * _ - \ / { } [ ] . | |
| */ | |
| function password_mb_ereg_test( $password_string, $min_length = 8 ) { | |
| if ($min_length < 8) { | |
| // We want at least eight characters, but probably 64 ;-) | |
| $min_length = 8; | |
| } | |
| $match_rules = '^(?=.+[\.\^\!\@\#\$\%\^\&\*\-\_\\\/\[\]\{\}])(?=.+[[:digit:]])(?=.+[[:upper:]])(?=.+[[:lower:]]).{' . (int)$min_length . ',}$'; | |
| return ( mb_ereg_match( $match_rules, $password_string ) ); | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment