Solved

Perl - check new password for user name

Posted on 2011-02-18
5
285 Views
Last Modified: 2012-05-11
I have a snip of code in a script where users reset their password, here doing a check to see make sure the user does not use their name in their new password.

I'm trying to use the Q and E, which I thought would strip out the special characters and numbers but guess not.

From the script below, how can I get a match if the new password contains the users name? I guess I could do a substitute and remove all numbers and any special characters found, any suggestions?

Thanks,


#! /usr/bin/perl
use strict;
use warnings;

my $pass = 'Jimmy#123';
my $username = 'Jimmy5';

        # My own name? switched username and pass around (sundaram)
        if (   (defined $username)
            && ($username ne "")
            && (($username =~ /\Q$pass\E/i) ||
                ($pass =~ /\Q$username\E/i)
               )
           ) {
               print "MATCH\n";
             } else {
                print "NO Match\n";
               }

Open in new window

0
Comment
Question by:bt707
  • 3
  • 2
5 Comments
 
LVL 26

Expert Comment

by:wilcoxon
ID: 34930138
You have it backwards.  It should be $pass =~ /$username/ since you want to check the password to see if it contains the username.
0
 

Author Comment

by:bt707
ID: 34930169
wilcoxon,

I'm checking it both ways, to see if the password contains the user name and also if the new password contains the name.

So already have what you showed in the code, have it both with an OR

&& (($username =~ /\Q$pass\E/i) ||
($pass =~ /\Q$username\E/i)

what am I missing?

0
 
LVL 26

Expert Comment

by:wilcoxon
ID: 34930193
Hmm.  I need to read closer - you have both conditions.  \Q and \E say that what is between them is a literal quote (disabling pattern metacharacters (not to strip out anything).

$pass =~ /\Q$username\E/ should handle matching the username as part of the password.

Your code is not matching because the password does not contain the username.  If you want to strip out non-word characters first then you should add the below two lines (or only one of them depending on which you want stripped) before the if conditions.

$username =~ s{[^a-zA-Z]}{}g;
$pass =~ s{[^a-zA-Z]}{}g;
#! /usr/bin/perl
use strict;
use warnings;

my $pass = 'Jimmy#123';
my $username = 'Jimmy5';

        # My own name? switched username and pass around (sundaram)
        if (   (defined $username)
            && ($username ne "")
            && (($username =~ /\Q$pass\E/i) ||
                ($pass =~ /\Q$username\E/i)
               )
           ) {
               print "MATCH\n";
             } else {
                print "NO Match\n";
               }

Open in new window

0
 
LVL 26

Accepted Solution

by:
wilcoxon earned 500 total points
ID: 34930205
Sigh.  Ignore the code attached to the previous answer - I never hit attach and assumed it would go away when I hit submit (rather than attaching and submitting).

So, including stripping non-letters, the code would be (done because I was submitting another comment anyway).
#! /usr/bin/perl
use strict;
use warnings;

my $pass = 'Jimmy#123';
my $username = 'Jimmy5';

# keep only letters in both the password and username
$pass =~ s{[^a-zA-Z]}{}g;
$username =~ s{[^a-zA-Z]}{}g;

        # My own name? switched username and pass around (sundaram)
        if (   (defined $username)
            && ($username ne "")
            && (($username =~ /\Q$pass\E/i) ||
                ($pass =~ /\Q$username\E/i)
               )
           ) {
               print "MATCH\n";
             } else {
               print "NO Match\n";
             }

Open in new window

0
 

Author Closing Comment

by:bt707
ID: 34930234
Ok, this will help get what I want, I was thinking the Q and E was suppose to do something else then what it's doing and you pointed out.

I was getting what I want from just stripping the numbers from the username  - $username =~ s/[0-9]//g; - but that will not work for all users, what you added and gave me should get me where I wanted to be.

Thanks!!!
0

Featured Post

Courses: Start Training Online With Pros, Today

Brush up on the basics or master the advanced techniques required to earn essential industry certifications, with Courses. Enroll in a course and start learning today. Training topics range from Android App Dev to the Xen Virtualization Platform.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

On Microsoft Windows, if  when you click or type the name of a .pl file, you get an error "is not recognized as an internal or external command, operable program or batch file", then this means you do not have the .pl file extension associated with …
Many time we need to work with multiple files all together. If its windows system then we can use some GUI based editor to accomplish our task. But what if you are on putty or have only CLI(Command Line Interface) as an option to  edit your files. I…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
This Micro Tutorial demonstrates using Microsoft Excel pivot tables, how to reverse engineer competitors' marketing strategies through backlinks.

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question