-
Jan 29th, 2015, 10:30 AM
#1
Thread Starter
Hyperactive Member
-
Jan 29th, 2015, 10:42 AM
#2
Re: How to validate username and password using regex?
Your RegEx is slightly wrong in that you're not escaping the minus character. Use the backslash to escape the minus character and you should be fine. I was able to determine this by plugging your RegEx into http://www.regexr.com/ and when I did so it pointed out the error.
-
Jan 29th, 2015, 11:16 AM
#3
Re: How to validate username and password using regex?
Why are you using RegEx for a username and password? Typically, these are two strings that the user has to enter exactly correct, in which case equality is the only passing rule. By using RegEx of any sort, you will either create a rule that allows a user to be "close enough" to some username and password, or will be using a sledgehammer to drive a finishing nail.
My usual boring signature: Nothing
-
Jan 29th, 2015, 11:28 AM
#4
Thread Starter
Hyperactive Member
Re: How to validate username and password using regex?
I have heard about MySQL Injection and also followed some protection guide on codeporject. That guide says I should filter user inputs. That's why I used regex to filter username here...
-
Jan 29th, 2015, 11:31 AM
#5
Re: How to validate username and password using regex?
If you're concerned about SQL injections, one of the best preventative measures is to use a parameterized query which JMcIlhinney has an article on in the VB.Net codebank.
-
Jan 29th, 2015, 11:32 AM
#6
Re: How to validate username and password using regex?
I think it's a validation routine, not a authentication... you know the rules, at least 57 characters, no more than 128, use letters, upper and lower, 12 must be symbols, but not next to each other, must include a 24-digit number but no consecutive numbers, typed in Greek and must result in a limerick.
And that's just the username. Passwords can only be 8 characters, have at least 1 number, 1 letter, 1 symbol, and contain both upper and lower case letters.
-tg
-
Jan 29th, 2015, 11:36 AM
#7
Thread Starter
Hyperactive Member
Re: How to validate username and password using regex?
Thanks dday9 I will follow this parameterized query tutorial. But also want to provide other security measures.
But the command of mine above is actually doing the opposite thing. It is actually not allowing the regex patter in the username. It is escaping the regex on pattern and allowing other characters other than the regex. How can I reverse the process???
tg can you please provide me most secure regex pattern for both username and password???
-
Jan 29th, 2015, 11:50 AM
#8
Thread Starter
Hyperactive Member
Re: How to validate username and password using regex?
I am not able to find the post of parameterized sql query of JMcIlhinney in the CodeBank. My searching knowledge is a bit low. Can someone provide me his thread link please???
-
Jan 29th, 2015, 11:52 AM
#9
Re: How to validate username and password using regex?
Can someone provide me his thread link please???
I found JMcIlhinney's blog post Using Parameters in ADO.NET here: http://jmcilhinney.blogspot.com/2009...in-adonet.html
If I find the vbforums codebank thread I'll also post it.
Edit: Here is the codebank thread: http://www.vbforums.com/showthread.p...ight=parameter
Last edited by dday9; Jan 29th, 2015 at 12:04 PM.
-
Jan 29th, 2015, 12:04 PM
#10
Re: How to validate username and password using regex?
Parametize your query and you won't need to worry about SQL Injections. Don't use Regex to help you prevent SQL Injections because you will run into many problems.
-
Jan 29th, 2015, 01:51 PM
#11
Hyperactive Member
Re: How to validate username and password using regex?
Originally Posted by dday9
Your RegEx is slightly wrong in that you're not escaping the minus character. Use the backslash to escape the minus character and you should be fine. I was able to determine this by plugging your RegEx into http://www.regexr.com/ and when I did so it pointed out the error.
In addition to the error in the RegEx pattern that DDay9 pointed out, you also have a logical error in your If statement:
Code:
If UsernameRegex.Success Then MsgBox("Do not use illegal characters on the username field!!!", MsgBoxStyle.Information, "Information") : tbx_username.Focus() : Exit Sub
According to this condition, if the username text matches the RegEx pattern, it will spit out an error message. But I think you want the opposite; if the username doesn't match, then toss the error. BTW, although you are able to connect multiple lines together, it is usually frowned upon... It make it more difficult to read (esp. for others reading your code), it is more difficult to debug (eg you can't just comment out a line), and if there are changes to be made, you have to edit and test the entire line. Finally, I'd use a MsgBoxStyle.Exclamation or MsgBoxStyle.Critical as MsgBoxStyle.Information is used more for general, non-error messages whereas the former styles are used to alert the user to an error.
-
Jan 29th, 2015, 02:34 PM
#12
Addicted Member
Re: How to validate username and password using regex?
Hi friends,
You can use regexbuddy to test regex streams.
Regards
-
Jan 29th, 2015, 02:37 PM
#13
Re: How to validate username and password using regex?
Allow the user to choose their user name (e-mail address is nice). Allow the user to pick their password with few restrictions (typically just at least 8 characters). Anything else is annoying and worthless. Using regex is just a pointless exercise in this case.
"Ok, my response to that is pending a Google search" - Bucky Katt.
"There are two types of people in the world: Those who can extrapolate from incomplete data sets." - Unk.
"Before you can 'think outside the box' you need to understand where the box is."
-
Jan 29th, 2015, 03:26 PM
#14
Thread Starter
Hyperactive Member
Re: How to validate username and password using regex?
Thanks you all for the suggestion guys...Thanks a lot...Problem solved...
-
Jan 30th, 2015, 04:15 PM
#15
Re: [RESOLVED] How to validate username and password using regex?
I spy with my eye a full stop
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|