password validation

<?Wille?> · #1 (**permalink**) 08-17-04, 03:40 PM

im doing a register form where user adds all information.. then im generating a password that is sent to them via email.. i want the password to ALWAYS contain small and BIG letters and numbers.. if not then generate a new password.. the problem is i dont understand the basics of ereg arguments.. this is what i have now:

PHP Code:


			
function GenerateRandomPassword() {

    $chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";

    srand((double)microtime()*1000000);

    $i = 0;

    $pass = '' ;



    while ($i <= 7) {

        $num = rand() % 62;

        $tmp = substr($chars, $num, 1);

        $pass = $pass . $tmp;

        $i++;

    }

    if (ereg('[A-Z][a-z][0-9]', $pass)) {

        return $pass; # password was generated

    } else {

        echo $pass.'<br>'; # outputs a valid password 'N8ZOrY3C'

        return false; # but returns false..

    }

}

anyone can see that the password is valid.. then sometimes it returns the generated password.. once the valid password looked like this POp0x2zk
so the problem is my ereg() function.. anyone have a solution?
thanks
Wille

kvnband · #2 (**permalink**) 08-17-04, 04:24 PM

PHP Code:


			
Viewing the comments and the random password scripts listed i figured i'd show my simple but effective password generator.



function ranpass($len = "8"){

  $pass = NULL;

  for($i=0; $i<$len; $i++) {

   $char = chr(rand(48,122));

   while (!ereg("[a-zA-Z0-9]", $char)){

     if($char == $lchar) continue;

     $char = chr(rand(48,90));

   }

   $pass .= $char;

   $lchar = $char;

  }

  return $pass;

}



usage:

$password = ranpass(); // Will generate a 8 charater password

$password = ranpass(6); // Will generate a 6 character password



The password will not repeat two characters in a row.

For example you wont recieve like kEg64AA

but you might recieve kEg64Aa.



I tested up to 9999 characters and it went fast even with a number that big.

That was a comment on php manual for ereg.

<?Wille?> · #3 (**permalink**) 08-18-04, 07:57 AM

thanks for the reply.. even if that was not the ansver i was looking for.. always nice to get replys

i would like to go with my own function and i need only fix to this line:

PHP Code:


			
if (ereg('[A-Z][a-z][0-9]', $pass)) {

i need it to check that all passwords generated have atleast one number, one small letter and one BIG letter
thanks
Wille

<?Wille?> · #4 (**permalink**) 08-18-04, 04:04 PM

did it the hard way..

PHP Code:


			
if (ereg('[A-Z]', $pass) && ereg('[a-z]', $pass) && ereg('[0-9]', $pass)) {

shorter ways are still welcome