我的应用程序中有一个密码字段。我使用了欧芹验证。但是,除了必填字段之外,我没有给出任何验证。所以它允许所有角色。但是,我想清理密码而不允许用户添加空格。如果他们尝试过,则应显示错误消息。密码字段应包含至少1个数字。
这是我的代码:
<?php
require('../config.php');
if(!isset($_SESSION['can_access']) || $_SESSION['can_access'] !== true )
header('Location: login.php');
ob_start();
global $DB, $USER;
$id=$USER->id;
$clientid=$_GET['id'];
$errorMessage = '';
$successMessage = '';
if(isset($_SESSION['successMessage']))
{
$successMessage = $_SESSION['successMessage'];
unset($_SESSION['successMessage']);
}
if(isset($_POST['register'])) {
$errors = array();
$data = array();
$chk_sql = "SELECT * FROM {user} u where username = ?";
if (!empty($chk_sql) ) {
$errorMessage='Username already taken';
}
if(!$chk_username = $DB->get_record_sql($chk_sql, array($_POST['username'])) )
{
$insert_record = new stdClass();
$insert_record->username = $_POST['username'];
$insert_record->firstname = $_POST['firstname'];
$insert_record->email = $_POST['email'];
$insert_record->password = password_hash($_POST['password'], PASSWORD_DEFAULT);
$insert_record->mnethostid = 1;
$insert_record->confirmed = 1;
$insert_record->idnumber = 2;
$insert_record->maildisplay = $clientid;
//$insert_record->timecreated = date('Y-m-d');
if( $result = $DB->insert_record('user', $insert_record) )
{
$_SESSION['successMessage'] = "record created successfully";
header('Location: clients.php');
}
}
}
?>
这是我的密码按钮:
<div class="form-group has-feedback">
<input id="signupInputPassword" type="password" name="password" placeholder="Password" autocomplete="off" required class="form-control" >
<span class="fa fa-lock form-control-feedback text-muted"></span>
</div>
任何人都可以帮助我吗?
提前致谢。
答案 0 :(得分:2)
if (isset($_POST['register'])) {
$password = $_POST['password'];
if (preg_match('/\s/', $password)) {
echo "password has whitespace";
} else {
if (strlen($password) <= '8') {
echo "Your Password Must Contain At Least 8 Characters!";
} elseif (!preg_match("#[0-9]+#", $password)) {
echo "Your Password Must Contain At Least 1 Number!";
} elseif (!preg_match("#[A-Z]+#", $password)) {
echo "Your Password Must Contain At Least 1 Capital Letter!";
} elseif (!preg_match("#[a-z]+#", $password)) {
echo "Your Password Must Contain At Least 1 Lowercase Letter!";
}
$errors = array();
$data = array();
$chk_sql = "SELECT * FROM {user} u where username = ?";
if (!empty($chk_sql)) {
$errorMessage = 'Username already taken';
}
if (!$chk_username = $DB->get_record_sql($chk_sql, array($_POST['username']))) {
$insert_record = new stdClass();
$insert_record->username = $_POST['username'];
$insert_record->firstname = $_POST['firstname'];
$insert_record->email = $_POST['email'];
$insert_record->password = password_hash($_POST['password'], PASSWORD_DEFAULT);
$insert_record->mnethostid = 1;
$insert_record->confirmed = 1;
$insert_record->idnumber = 2;
$insert_record->maildisplay = $clientid;
//$insert_record->timecreated = date('Y-m-d');
if ($result = $DB->insert_record('user', $insert_record)) {
$_SESSION['successMessage'] = "record created successfully";
header('Location: clients.php');
}
}
}
}