watcher wrote:
^(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z])[0-9a-zA-Z]{6,20}$
This Reg Expression I'm told requires a password to have a least 1
uppercase letter, 1 digit and a minimum length of 5 characters.
Minimum length of 6. Maximum length of 20.
The solution works for adding new users, but if you try to edit an existing
user the validation fails because the encrypted password is been validated.
This I sure is a common requirement but I can find a common solution.
You could require that the current password be provided in order to edit
an existing user, then you can check whether the pre-encrypted password
matches your rules, and that the post-encrypted password matches their
current password. If either of those fail the edit can be rejected.
Of course, this makes it much more difficult for an administrator to
edit a user (unless they happen to know the password), so you could
either require the admin's current password in this case, or simply skip
these checks if the current user is an admin.
-Dale
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
