Password validation

top1data · May 13, 2024, 2:48pm

Hello.

I’m trying to find a way to validate a password entered on a form which can check if the password is more than a certain amount of characters and contains, numbers, capital letters and a special character.

Does anyone know if this can be done on an event maybe when the form is submitted.

rik · May 13, 2024, 6:21pm

Try this:
Company name is not allowed
username is not allowed
First name and last name are not allowed
Password between 12 and 32 characters
Mandatory special characters

$check_sql = “SELECT login, name”
. " FROM sec_users"
. " WHERE login = ‘" . [usr_login] . "’";
sc_lookup(rs, $check_sql);

if (isset({rs[0][0]})) // Row found
{
{login} = {rs[0][0]};
{name} = {rs[0][1]};
}
else // No row found
{
{login} = ‘’; // User login name
{name} = ‘’; // User First and Last name
}
//*****************************************************************************

$error = “”;
$pwd = {pswd};

$word = “Company”; // Company name not allowed !
$word1 = “company”; // Company name not allowed !
$word2 = “Compani”; // Company name not allowed !
$word3 = “compani”; // Company name not allowed !

$usr_name = {login}; // User login name
{login} = {login};
//*****************************************************************************

//*****************************************************************************
$name = {name}; // User First and Last name

$parts = explode(" “, $name);
if(count($parts) > 1) {
$lastname = array_pop($parts); // User Last name
$firstname = implode(” ", $parts); // User First name
}
else
{
$firstname = $name;
$lastname = " ";
}
//*****************************************************************************
$name_small = strtolower({name});

$parts = explode(" “, $name_small);
if(count($parts) > 1) {
$lastname_small = array_pop($parts); // User Last name small
$firstname_small = implode(” ", $parts); // User First name small
}
else
{
$firstname_small = $name_small;
$lastname_small = " ";
}

{name} = {name};

//*****************************************************************************
if( strlen($pwd) < 12 ) {
$error .= {lang_pass_short}."
"; // Password is too short
}

if( strlen($pwd) > 32 ) {
$error .= {lang_pass_long}."
"; // Password is too long
}

//*****************************************************************************
//* This macro shows a Javascript alert message screen.

$params = array(
‘title’ => {lang_errm_errt},
‘type’ => ‘error’,
‘timer’ => ‘6000’,
‘showConfirmButton’ => true,
‘position’ => ‘center’,
//‘toast’ => true
);
//*****************************************************************************
if(strpos($pwd, $word) !== false){
$error .= {lang_pass_company} ."
" .$word. " " .{lang_pass_result}."

"; // Company name not allowed !
}

if(strpos($pwd, $word1) !== false){
$error .= {lang_pass_company} ."
" .$word1. " " .{lang_pass_result}."

"; // Company name not allowed !
}

if(strpos($pwd, $word2) !== false){
$error .= {lang_pass_company} ."
" .$word2. " " .{lang_pass_result}."

"; // Company name not allowed !
}

if(strpos($pwd, $word3) !== false){
$error .= {lang_pass_company} ."
" .$word3. " " .{lang_pass_result}."

"; // Company name not allowed !
}

if(strpos($pwd, $usr_name) !== false){
$error .= {lang_pass_user} ."
" .$usr_name. " " .{lang_pass_result}."
"; // User name not allowed !
}

if(strpos($pwd, $lastname) !== false){
$error .= {lang_last_name} ."
" .$lastname. " " .{lang_pass_result}."
"; // Last name not allowed !
}

if(strpos($pwd, $firstname) !== false){
$error .= {lang_first_name} ."
" .$firstname. " " .{lang_pass_result}."
"; // First name not allowed !
}

if(strpos($pwd, $lastname_small) !== false){
$error .= {lang_last_name} ."
" .$lastname_small. " " .{lang_pass_result}."
"; // Last name small not allowed !
}

if(strpos($pwd, $firstname_small) !== false){
$error .= {lang_first_name} ."
" .$firstname_small. " " .{lang_pass_result}."
"; // First name small not allowed !
}
//************************************************************************************************************************************

if (preg_match("/\s/", $pwd)) {
$error .= {lang_pass_space}."
"; // Space is not allowed in the password
}

if($error)
{
sc_error_message({lang_pass_weak}."

$error"); // The password is weak!
}
else{
$error2 = “”;

$errorCount = 0;
if( !preg_match("#[0-9]+#", $pwd) ) {
	$error2 .= {lang_pass_rule1}."<br/><br/>" ;   // The password must contain a number
	$errorCount++;
}

if( !preg_match("#[a-z]+#", $pwd) ) {
	$error2 .= {lang_pass_rule1}."<br/><br/>";  // Password must contain lowercase letters
	$errorCount++;
}

if( !preg_match("#[A-Z]+#", $pwd) ) {
	$error2 .= {lang_pass_rule1}."<br/><br/>";    // Password must contain uppercase letters
	$errorCount++;
}

//*****************************************************************************************
//if( !preg_match("#[$%&/=?\°*~!,:-_<|>]+#", $pwd) ) {
//*****************************************************************************************

if( !preg_match("#\W+#", $pwd) ) {	
	$error2 .= {lang_pass_rule1}."<br/><br/>";  // Password must contain special characters
	$errorCount++;
}

if($errorCount > 1){
	sc_error_message({lang_pass_weak}."<br/> <br/> $error2");  
}

}

//**************************************************************************

top1data · May 14, 2024, 10:04am

Hi Rik.

Thank you for the reply but i think i did not explain properly. I want to use this on a form where the user is registering, so i want the validation to happen before anything is sent to the database. So your code for checking the length of the password and the special characters etc would be perfect if i could us this maybe on form Validation property?

rik · May 14, 2024, 11:34am

Create a PHP method with this code and call it in onValidate