Hi there,
I am trying to make every effort in making the registration process as
secure as possible.
One way of this, I was told was to ensure that a user registering on
the site MUST enter a password that is encrypted in the database
(done) and to ensure they enter an alpha numeric password.
in my user.rb file I have various rules of validation, such as
password length, email address validation etc..
I want to make sure users enter an alpha numeric password. so far I
have this:
validates_format_of :password,
:with => /^[\w\.\-\+]+$/,
:message => "must contain alpha and numeric
characters!"
However, i can still enter just numerics if i want...
the above validates_format_of rule was taken from this site:
http://guides.rubyonrails.org/security.html#good-passwords
if i leave the password blank, the message ''must contain alpha and
numeric characters!'' does get output on the site, but isn't working
as i want...
Any ideas????
Thanks for your help!!
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Ruby
on Rails: Talk" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---
