php PHP密码验证
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/22544250/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
PHP password validation
提问by GeekByDesign
I made a registration validation in PHP and I'm troubleshooting each field to see if the code works to par. When I press the submit button the only part not working is the password / confirm password code block. I've been troubleshooting for hours and can't seem to find the issue.
我在 PHP 中进行了注册验证,我正在对每个字段进行故障排除,以查看代码是否符合标准。当我按下提交按钮时,唯一不起作用的部分是密码/确认密码代码块。我已经进行了数小时的故障排除,但似乎无法找到问题所在。
Is possible someone can point out the issue? Thanks.
有人可以指出这个问题吗?谢谢。
<?php
// define variables and set to empty values
$emailErr = $userErr = $passwordErr = $cpasswordErr = $firstErr = $lastErr = $teamErr = "";
$email = $username = $password = $cpassword = $firstname = $lastname = $teamname = "";
// The preg_match() function searches a string for pattern, returning true if the pattern exists, and false otherwise.
if ($_SERVER["REQUEST_METHOD"] == "POST") {
//Validates email
if (empty($_POST["email"])) {
$emailErr = "You Forgot to Enter Your Email!";
} else {
$email = test_input($_POST["email"]);
// check if e-mail address syntax is valid
if (!preg_match("/([\w\-]+\@[\w\-]+\.[\w\-]+)/",$email)) {
$emailErr = "You Entered An Invalid Email Format";
}
}
//Validates Username
if (empty($_POST["username"])) {
$userErr = "You Forgot to Enter Your Username!";
} else {
$username = test_input($_POST["username"]);
}
//Validates password & confirm passwords.
if(!empty($_POST["password"]) && ($_POST["password"] == $_POST["cpassword"])) {
$password = test_input($_POST["password"]);
$cpassword = test_input($_POST["cpassword"]);
if (strlen($_POST["password"]) <= '8') {
$passwordErr = "Your Password Must Contain At Least 8 Characters!";
}
elseif(!preg_match("#[0-9]+#",$password)) {
$passwordErr = "Your Password Must Contain At Least 1 Number!";
}
elseif(!preg_match("#[A-Z]+#",$password)) {
$passwordErr = "Your Password Must Contain At Least 1 Capital Letter!";
}
elseif(!preg_match("#[a-z]+#",$password)) {
$passwordErr = "Your Password Must Contain At Least 1 Lowercase Letter!";
} else {
$cpasswordErr = "Please Check You've Entered Or Confirmed Your Password!";
}
}
//Validates firstname
if (empty($_POST["firstname"])) {
$firstErr = "You Forgot to Enter Your First Name!";
} else {
$firstname = test_input($_POST["firstname"]);
//Checks if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$firstname)) {
$firstErr = "Only letters and white space allowed";
}
}
if (empty($_POST["lastname"])) {
$lastErr = "You Forgot to Enter Your Last Name!";
} else {
$lastname = test_input($_POST["lastname"]);
//Checks if name only contains letters and whitespace
if (!preg_match("/^[a-zA-Z ]*$/",$lastname)) {
$lastErr = "Only letters and white space allowed";
}
}
if (empty($_POST["teamname"])) {
$teamErr = "You Forgot to Enter Your Team Name!";
} else {
$teamname = test_input($_POST["teamname"]);
}
}
/*Each $_POST variable with be checked by the function*/
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
回答by M Miller
if(!empty($_POST["password"]) && ($_POST["password"] == $_POST["cpassword"])) {
$password = test_input($_POST["password"]);
$cpassword = test_input($_POST["cpassword"]);
if (strlen($_POST["password"]) <= 8) {
$passwordErr = "Your Password Must Contain At Least 8 Characters!";
}
elseif(!preg_match("#[0-9]+#",$password)) {
$passwordErr = "Your Password Must Contain At Least 1 Number!";
}
elseif(!preg_match("#[A-Z]+#",$password)) {
$passwordErr = "Your Password Must Contain At Least 1 Capital Letter!";
}
elseif(!preg_match("#[a-z]+#",$password)) {
$passwordErr = "Your Password Must Contain At Least 1 Lowercase Letter!";
} else {
$cpasswordErr = "Please Check You've Entered Or Confirmed Your Password!";
}
}
Should be:
应该:
if(!empty($_POST["password"]) && ($_POST["password"] == $_POST["cpassword"])) {
$password = test_input($_POST["password"]);
$cpassword = test_input($_POST["cpassword"]);
if (strlen($_POST["password"]) <= '8') {
$passwordErr = "Your Password Must Contain At Least 8 Characters!";
}
elseif(!preg_match("#[0-9]+#",$password)) {
$passwordErr = "Your Password Must Contain At Least 1 Number!";
}
elseif(!preg_match("#[A-Z]+#",$password)) {
$passwordErr = "Your Password Must Contain At Least 1 Capital Letter!";
}
elseif(!preg_match("#[a-z]+#",$password)) {
$passwordErr = "Your Password Must Contain At Least 1 Lowercase Letter!";
}
}
elseif(!empty($_POST["password"])) {
$cpasswordErr = "Please Check You've Entered Or Confirmed Your Password!";
} else {
$passwordErr = "Please enter password ";
}
Your check for the non-matching passwords was within an ifthat checked to see if they matched.
您对不匹配密码的if检查是在检查它们是否匹配的范围内。
回答by Pawan Rathore
Use As provided :
按规定使用:
if(!empty($_POST["password"]) && $_POST["password"] != "" ){
if (strlen($_POST["password"]) <= '8') {
$err .= "Your Password Must Contain At Least 8 Digits !"."<br>";
}
elseif(!preg_match("#[0-9]+#",$_POST["password"])) {
$err .= "Your Password Must Contain At Least 1 Number !"."<br>";
}
elseif(!preg_match("#[A-Z]+#",$_POST["password"])) {
$err .= "Your Password Must Contain At Least 1 Capital Letter !"."<br>";
}
elseif(!preg_match("#[a-z]+#",$_POST["password"])) {
$err .= "Your Password Must Contain At Least 1 Lowercase Letter !"."<br>";
}
elseif(!preg_match('/[\'^£$%&*()}{@#~?><>,|=_+?-]/', $_POST["password"])) {
$err .= "Your Password Must Contain At Least 1 Special Character !"."<br>";
}
}else{
$err .= "Please Enter your password"."<br>";
}
回答by Dmitry
Use code below:
使用下面的代码:
if(!empty($_POST["password"]) && isset( $_POST['password'] )) {
$password = $_POST["password"];
$cpassword = $_POST["cpassword"];
if (mb_strlen($_POST["password"]) <= 8) {
$passwordErr = "Your Password Must Contain At Least 8 Characters!";
}
elseif(!preg_match("#[0-9]+#",$password)) {
$passwordErr = "Your Password Must Contain At Least 1 Number!";
}
elseif(!preg_match("#[A-Z]+#",$password)) {
$passwordErr = "Your Password Must Contain At Least 1 Capital Letter!";
}
elseif(!preg_match("#[a-z]+#",$password)) {
$passwordErr = "Your Password Must Contain At Least 1 Lowercase Letter!";
}
elseif(!preg_match("#[\W]+#",$password)) {
$passwordErr = "Your Password Must Contain At Least 1 Special Character!";
}
elseif (strcmp($password, $cpassword) !== 0) {
$passwordErr = "Passwords must match!";
}
} else {
$passwordErr = "Please enter password ";
}
回答by David Crowe
I don't think regular expressions are the best solution here. I would just have a loop with boolean variables set to false before the loop (e.g. $OneLCLetter=$OneUCLetter=$OneDigit=false;), and then set to true if a certain type of character is encountered in the loop (no problem setting a variable to true multiple times). After the loop it would be simple to go through the booleans one by one to see if any are still false.
我不认为正则表达式是最好的解决方案。我只会有一个布尔变量在循环之前设置为 false 的循环(例如 $OneLCLetter=$OneUCLetter=$OneDigit=false;),然后如果在循环中遇到某种类型的字符则设置为 true(设置没有问题)一个变量为真多次)。在循环之后,可以简单地逐个检查布尔值以查看是否仍有错误。
You probably also need to check for invalid characters, such as space, tab, vertical tab, NUL etc.
您可能还需要检查无效字符,例如空格、制表符、垂直制表符、NUL 等。
