problem with reading from a file to find a matching word

Orla

Hi Folks

I have the following code to ensure that a passwords chosen is not that based on a dictionary word. I have a text file with words included.

The code is opening the file and is travesring the file but not matching a word that's chosen from the word list

the words in the wordlist are one under each other - is there a problem with my delimeter - should they be seperated by tabs, commas?

I have a feeling that the problem lies in these 4 lines of code

 

$word=preg_quote(trim(strtolower(fgets($fp, 1024))),'/');
if(preg_match('/$word/',$pass) )
{
	$found=true;
}

Any advice or help would be most gratefully appreciated,

Thanks
Orla

 

 function pc_passwordcheck($user, $pass)
{

//words based on a dictionary
if(is_readable("words.txt"))
{
//open the file in read mode
if($fp=fopen("words.txt", 'r'))
{
$found=false;
while(!($found || feof($fp)))
{
$word=preg_quote(trim(strtolower(fgets($fp, 1024))),'/');
if(preg_match('/$word/',$pass) )
{
	$found=true;
}
}
fclose($fp);
echo $found;
if($found)
{
	echo'the password is based on a dictionary word.';
}
}
return false;
}
else 
{
echo 'cannot open file';
}

} [CODE]

Installer

Try:

if (preg_match('/' . $word . '/', $pass))
// or
if (preg_match("/$word/", $pass))

Orla

Thanks for that
It worked perfectly,

Thanks again,
Orla

Orla

Hi there again,

sorry to keep this open - but now i have a problem whereby even if a password is entered and the word is not contained in the file, it is still showing up as found

I've tried different things to no avail

i thought it best to include the complete function in case i had something down later which interferes with things.

However the error message is that "the word is based on a dictionary word"

Any ideas as really appreciated
Thanks in advance for your help and perseverence,

Orla

 
function pc_passwordcheck($user, $pass)
{

//words based on a dictionary
if(is_readable("words.txt"))
{
//open the file in read mode
	if($fp=fopen("words.txt", 'r'))
		{

			// 
			$found=false;
			while(!($found ||feof($fp)))
			{
				$word=preg_quote(trim(strtolower(fgets($fp, 1024))),'/');
				if (preg_match("/$word/", $pass))
				{
					$found=true;
				}
			}
			fclose($fp);
			echo $found;
			if($found)
			{
				return ("The password is based on a dictionary word");
			}
		}
	//return false;
}
else 
{
echo 'cannot open file';
}


$lcase_pass=strtolower($pass);
$lcase_user=strtolower($user);

//also check the password with numbers or punctuation substituted for letters
$subst_pass=strtr($lcase_pass, '5301!', 'seoll');
//the password must be at least six characters
if(strlen($pass)<6)
{
	return "the password is too short.";
}

//the password cant be the username or reversed username)
if(($lcase_pass==$lcase_user) || ($lcase_pass==strrev($lcase_user)) || ($subst_pass==$lcase_user) || ($subst_pass==strrev($lcase_user)))
{
	return "the password is based on the username";
}

//count how many lowercase, uppercase and digits are in the password
$ucase=0; $lcase=0; $num=0; $other=0;
for ($i=0, $j=strlen($pass); $i<$j; $i++)
{
	$c=substr($pass, $i,1);
	if(preg_match('/^[[:upper:]]$/',$c))
	{
		$ucase++;
	}
	elseif (preg_match('/^[[:lower:]]$/',$c))
	{
		$lcase++;
	}
	elseif (preg_match('/^[[:digit:]]$/',$c))
	{
		$num++;
	}
	else
	{
		$other++;
	}
}

//the password must have more than 2 characters of at least two different kinds
$max=$j-2;
if($ucase>$max)
{
	return ("The password has too many uppercase charaters");
}
if($lcase>$max)
{
	return ("The password has too many lowercase charaters");
}
if($num>$max)
{
	return ("The password has too many numerical charaters");
}
if($other>$max)
{
	return ("The password has too many special charaters");
}
}