[Resolved] Forcing input to use letters & numbers

Calahan

I'm using this:

if (!preg_match('/^[A-Za-z0-9]{6,15}$/',$value)
			{
			$bad_array[$key] = "bad";
			}

to check that the user has submitted a password that only contains letters or numbers and is between 6 to 15 characters long. What I would like to do is force the user to use a combination of characters and at least 1 number in their password.
Can anyone tell me how I'd do it?

swr

I would just use another regular expression to check the additional requirements.

if (!preg_match('/^[A-Za-z0-9]{6,15}$/',$value)) {
    $bad_array[$key] = "bad (not alphanumeric or wrong length)";
}
else if (!preg_match('/[0-9]/', $value)) {
    $bad_array[$key] = "bad (doesn't contain any digits)";
}

There may be a way to do it all in one regular expression, but if so it would probably be more complicated.

Moonglobe

or, include them both, and use strlen to check the length (required if you use this method as you can't specify length):

if (!preg_match('/^[a-z0-9]*[0-9][a-z0-9]*$/i', $value) || !in_array(strlen($value), range(6,15)))
{ //...

Weedpacket

Originally posted by Moonglobe
or, include them both, and use strlen to check the length (required if you use this method as you can't specify length):
if (!preg_match('/^[a-z0-9]*[0-9][a-z0-9]*$/i', $value) || !in_array(strlen($value), range(6,15)))
{ //...
[/B]

For speed's sake you could swap those two clauses over and avoid having to have preg_match build a pattern matcher for a string that will fail on length anyway. Suspect, too, that just using a couple of <= tests would be quicker than the array (but that's just a suspicion).