Strange ereg behavior

Stinger51

I'm using PHP 4.3 and am trying to do a simple password check (only alpha-numerics, with length 5 to 12) with this :

if ( eregi ( '( [^{a-z0-9]{5,12}} )', $pWord ) )
{
return; // success !
}
else
{
// error routine !
}

When I submitt a password as "abc123" ereg skips the return statement and goes to the error routine!

But if I remove the '^' everything works properly, except now ereg lets the special chars pass.

Same results if I negate the return as :

if ( !eregi ( . . .

everything works properly, BUT, now the function allows special chars to pass as well! I've dinked around with this freaking thing all day and can't see where the syntax is wrong, as it follows the PHP manual exactly.

I'm about ready to junk ereg() and roll my own function.

swr

When you say [^a-z0-9] the ^ means to match everything except what follows.

I prefer [man]preg_match[/man] (and the [man]ereg[/man] manual recommends it too)...

if (preg_match('/^[a-z0-9]{5,12}$/i', $pWord)) {
    // Good password
}
else {
    // Bad password
}

In that case, the ^ is at the start of the pattern and NOT inside the [ ], which means to match the start of the string. Likewise for the $ at the end (matches the end of the string). Those are important; without them it would accept "!!!abc123!!!" because the "abc123" part satisfies the [a-z0-9]{5,12} requirement.

Stinger51

Here's the code :

if (preg_match('/^{[a-z0-9]{5,12}$/i',} $pWord))
{
exit(); // Good password
}
else
{
// Bad password
}

The function never returns. Not sure why. BTW, what is the final '/i' used for? I'm guessing case insensitivity?

Stinger51

Of course it hangs, with an exit() instead of a return(); Duh !

Been at this issue tooooooooo long today. :p

swr

Originally posted by Stinger51
BTW, what is the final '/i' used for? I'm guessing case insensitivity?

You guess right.

http://www.php.net/manual/en/pcre.pattern.modifiers.php