Username & Password comparison!

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
cashflowtips
Forum Newbie
Posts: 22
Joined: Tue Jul 31, 2007 11:06 pm

Username & Password comparison!

Post by cashflowtips »

i having a problem on how to check the user name and password during registration session...

the input like this :-

user name : admin
password : admin123
/* False */

if something like this happen, the system should output error message because the password have partial words same as the user name. if can, i would like to limit it to allow only 3 consecutive letter to be same.

example :-

user name : admin
password : admi123
/* False */

user name : admin
password : adm789
/* True (allowed) */

can anybody help me here?
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

What have you tried so far?
cashflowtips
Forum Newbie
Posts: 22
Joined: Tue Jul 31, 2007 11:06 pm

Post by cashflowtips »

feyd wrote:What have you tried so far?
i tried to find any example from the net but couldn't find anything. most of the example are comparing between array. can you help me here?
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

Generally, I don't. But this is probably more complicated than you would reach on your own in a relatively short time.

Code: Select all

feyd:~ feyd$ cat a.php
<?php
$a = 'administrator';
$b = array();
$c = 4;
for($i = 0, $j = strlen($a) - $c; $i <= $j; $i++)
{
        $b[] = substr($a, $i, $c);
}

$b = implode($b, '|');

if(empty($b))
{
        $b = $a;
}

$p = '#(?:' . $b . ')#i';
$t = array('admin123','adm456','admi789', 'min012', 'adin345');

foreach($t as $q)
{
        preg_match($p, $q, $m);
        echo 'Pattern \'', $p, '\' tested against ', var_export($q, true), ' was ', (empty($m) ? 'not found to match.' : 'found to match ' . var_export(implode($m, ''), true) . '.'), PHP_EOL; 
}
feyd:~ feyd$ php -f a.php 
Pattern '#(?:admi|dmin|mini|inis|nist|istr|stra|trat|rato|ator)#i' tested against 'admin123' was found to match 'admi'.
Pattern '#(?:admi|dmin|mini|inis|nist|istr|stra|trat|rato|ator)#i' tested against 'adm456' was not found to match.
Pattern '#(?:admi|dmin|mini|inis|nist|istr|stra|trat|rato|ator)#i' tested against 'admi789' was found to match 'admi'.
Pattern '#(?:admi|dmin|mini|inis|nist|istr|stra|trat|rato|ator)#i' tested against 'min012' was not found to match.
Pattern '#(?:admi|dmin|mini|inis|nist|istr|stra|trat|rato|ator)#i' tested against 'adin345' was not found to match.
cashflowtips
Forum Newbie
Posts: 22
Joined: Tue Jul 31, 2007 11:06 pm

Post by cashflowtips »

i found two codes but im not sure whether it solve my problem...

Code: Select all

$username="admin";
$password="admin123";

$cheek1=substr($username,0,3);
$cheek2=substr($password,0,3);

if($cheek1==$cheek2){
     echo "Sorry the username and password have the same first three letters";
}
else{
     echo "Username and password are valid as the first three letters dont match";
}
and

Code: Select all

function valid ($user, $pass) {
    // Does the password contain the beginning of user?
    $t = '/' . substr($user, 0, 4) . '(?:' . substr($user, 4, 0xF) . ')?/i';
    if (preg_match($t, $pass)) {
        # Password contain part of the username.
        return false;
    }
    return true;
}

$user = 'superadmin';
$pass = 'suderpass';

var_dump(valid($user, $pass));
can it trace something like this :-

user name : 12admin99
password : !(admin)!

will it return true or false?
User avatar
n00b Saibot
DevNet Resident
Posts: 1452
Joined: Fri Dec 24, 2004 2:59 am
Location: Lucknow, UP, India
Contact:

Post by n00b Saibot »

feyd, what exactly were you doing there :lol:
cashflowtips
Forum Newbie
Posts: 22
Joined: Tue Jul 31, 2007 11:06 pm

Post by cashflowtips »

can anyone help me here?
User avatar
n00b Saibot
DevNet Resident
Posts: 1452
Joined: Fri Dec 24, 2004 2:59 am
Location: Lucknow, UP, India
Contact:

Post by n00b Saibot »

fayd's example takes up the user name and matches it in groups of 4 letters... that is defintely for you if you want to search for any part of username in password.
however, i have a question - whcih of the following are valid for you?
- admin / admi123
- admin / dmin123
- admin / 12admin3
- admin / 12min3
cashflowtips
Forum Newbie
Posts: 22
Joined: Tue Jul 31, 2007 11:06 pm

Post by cashflowtips »

n00b Saibot wrote:fayd's example takes up the user name and matches it in groups of 4 letters... that is defintely for you if you want to search for any part of username in password.
however, i have a question - whcih of the following are valid for you?
- admin / admi123
- admin / dmin123
- admin / 12admin3
- admin / 12min3
as long it has 3 consecutive letter, like
adm
dmn
min

in the password, it will return false.

- admin / admi123
FALSE
- admin / dmin123
FALSE
- admin / 12admin3
FALSE
- admin / 12min3
FALSE

-admin / 12mi3
TRUE
-admin / ad123
TRUE
User avatar
superdezign
DevNet Master
Posts: 4135
Joined: Sat Jan 20, 2007 11:06 pm

Post by superdezign »

cashflowtips wrote:as long it has 3 consecutive letter, like
adm
dmn
min

in the password, it will return false.
That's not what you said at first. Change $c in feyd's code to 3, and you're set. Beware though that only 3 characters is not smart at all. It's *VERY* easy to accidentally have 3 characters from your username in your password, as a lot of words in the dictionary have similar 3-letter combinations. The same with 4-letter combinations (though not as many). :P

BTW feyd, very intuitive solution.
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

superdezign wrote:BTW feyd, very intuitive solution.
Trying to keep it simple, relatively.
Post Reply