password validations

Hey Ray

How would I adjust/add a server validation for a password so that you have to have 1 digit, 1 special char etc?

$WAFV_Errors .= WAValidateLE(((isset($_POST["Confirm"]))?$_POST["Confirm"]:"") . "",((isset($_POST["Password"]))?$_POST["Password"]:"") . "",false,7);
  $WAFV_Errors .= WAValidateEL(((isset($_POST["Confirm"]))?$_POST["Confirm"]:"") . "",6,0,true,8);

You wouldn't edit this. You would add additional validations. This is the Like Entry validation.

You would add Regular Expression validation the the password field for the additional validation requirement:

Some regex values you might use are:

Minimum 8 characters at least 1 Alphabet and 1 Number:
/^(?=.*[A-Za-z])(?=.*\d)[A-Za-z\d]{8,}$/

Minimum 8 characters at least 1 Alphabet, 1 Number and 1 Special Character:
/^(?=.*[A-Za-z])(?=.*\d)(?=.*[$@$!%*#?&])[A-Za-z\d$@$!%*#?&]{8,}$/

Minimum 8 characters at least 1 Uppercase Alphabet, 1 Lowercase Alphabet and 1 Number:
/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)[a-zA-Z\d]{8,}$/
or
/^(?=.*?[A-Z])(?=.*?[a-z])(?=.*?[0-9])(?=.*?[#?!@$%^&*-]).{8,}$/

Minimum 8 characters at least 1 Uppercase Alphabet, 1 Lowercase Alphabet, 1 Number and 1 Special Character:
/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[$@$!%*?&])[A-Za-z\d$@$!%*?&]{8,}/

Minimum 8 and Maximum 10 characters at least 1 Uppercase Alphabet, 1 Lowercase Alphabet, 1 Number and 1 Special Character:
/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[$@$!%*?&])[A-Za-z\d$@$!%*?&]{8,10}/

I just found these on the web so I haven't tested them, but people seem to have had success with them.

thanks for those.

have tried the first one you listed:

$WAFV_Errors .= WAValidateLE(((isset($_POST["Confirm"]))?$_POST["Confirm"]:"") . "",^(?=.*[A-Za-z])(?=.*\d)[A-Za-z\d]{8,}$/ . "",true,9);

and DW shows a syntax error and the live page is blank

It appears you entered the wrong value. It should have been:

$WAFV_Errors .= WAValidateRX(((isset($_POST["Confirm"]))?$_POST["Confirm"]:"") . "/^(?=.*[A-Za-z])(?=.*\d)[A-Za-z\d]{8,}$/" . "",true,9);

I had tried that as well but it also shows as an error in DW and blank live page

My code example was missing a quote at the end. I've updated it. Please try again.

thanks. it doesnt error now but it doesnt trigger either and doesnt force the requirement

I'm sorry I missed this earlier. This still has "Like Entry" validation. You should have selected "Regular Expression" validation and then entered the expression to validate against:

/^(?=.*[A-Za-z])(?=.*\d)[A-Za-z\d]{8,}$/