Does this regex expression allow "*"?

Question

I really know very little about regex's.
I'm trying to test a password validation.

Here's the regex that describes it (I didn't write it, and don't know what it means):

private static string passwordField = "[^A-Za-z0-9_.\\-!@#$%^&*()=+;:'\"|~`<>?\\/{}]";  

I've tried a password like "dfgbrk*", and my code, using the above regex, allowed it.
Is this consistent with what the regex defines as acceptable, or is it a problem with my code?

Can you give me an example of a string that validation using the above regex isn't suppose to allow?

Added: Here's how the original code uses this regex (and it works there):

public static bool ValidateTextExp(string regexp, string sText)
            {
                if ( sText == null)
                {
                    Log.WriteWarning("ValidateTextExp got null text to validate against regExp {0} . returning false",regexp);
                    return false;
                }

                return (!Regex.IsMatch(sText, regexp));
            }

It seems I'm doing something wrong..

Thanks.

Answer 1

You regular expression is just an inverted character class and describes just one single character (but that can’t be *). So it depends on how you use that character class.

Answer 2

Your regex matches a value that contains any single character which is not in that list.

Your test value matches because it has spaces in it, which do not appear to be in your expression.

The reason it's not is because your character class starts with ^. The reason it matches any value that contains any single character that is not that is because you did not specify the beginning or end of the string, or any quantifiers.

The above assumes I'm not missing the importance of any of the characters in the middle of the character soup :)

This answer is also dependent on how you actually use the Regex in code.

---

If your intention was for that Regex string to represent the only characters that are actually allowed in a password, you would change the regex like so:

string pattern = "^[A-Z0-9...etc...]+$";

The important parts there are:

• The ^ has been removed from inside the bracket, to outside; where it signifies the start of the whole string.
• The $ has been added to the end, where it signifies the end of the whole string.
• Those are needed because otherwise, your pattern will match anything that contains the valid values anywhere inside - even if invalid values are also present.
• finally, I've added the + quantifier, which means you want to find any one of those valid characters, one or more times. (this regex would not permit a 0-length password)

If you wanted to permit the ^ character also as part of the password, you would add it back in between the brackets, but just *not as the first thing right after the opening bracket [. So for example:

string pattern = "^[A-Z0-9^...etc...]+$";

The ^ has special meaning in different places at different times in Regexes.

Answer 3

Depends on how you apply it. It describes exactly one character, however, the ^ in the beginning buggs me a little, as it prohibits every other character, so there is probably something terribly fishy there.

Edit: as pointed out in other answers, the reason for your string to match is the space, not the explanation that was replaced by this line.