ansaurus

Question

Regular expression to exclude special characters

Answer 1

+2 A:

/^(?=.*\d)(?=.*[a-zA-Z])[0-9a-zA-Z]{8,16}$/

The last part of your regex, .{8,16}, allows any character with a dot.

The lookahead only makes sure that there's at least one digit and one letter - it doesn't say anything about other characters. Also, note that I've updated your letter matching part - you don't need two character classes.

_{Disallowing special characters in a password is totally counter intuitive. Why are you doing that?}

Amarghosh 2010-07-19 13:57:06

awesome. That works. Thanks

Priyank 2010-07-19 14:05:55

The only times i've ever seen "alphanumeric only" password requirements, they were because some idiot couldn't be bothered to learn how to sanitize/escape data. Not that the OP is necessarily that idiot -- i'm going to bet he knows a few, though.

cHao 2010-07-19 14:07:56

Well, if it was up to me, I'd let user type all the junk in the world for his password. However sometimes; uniformity with legacy site is more important to business than security. Go figure! :)

Priyank 2010-07-19 14:22:30

Note, better to use `\A` and `\Z` instead of `^` and `$`. This string matches that regex: `"!\n1234abcd\n#"`

glenn jackman 2010-07-19 14:28:15

I'd use `[[:alpha:]]` instead of `[a-zA-Z]` and `[[:digit:][:alpha:]]` instead of `[0-9a-zA-Z]`. More descriptive and should allow non-english chars

glenn jackman 2010-07-19 14:30:38

glenn, quit complicating things. :) The regex is fine; if they're going to complain over a freaking **space**, for gawd's sake, what do you think they're going to do with 'ä'?

cHao 2010-07-19 16:44:43

ansaurus

tags:

views:

answers:

Regular expression to exclude special characters

related questions