Devise gem - Do not allow special character in password - ruby-on-rails-3

I have used devise gem in rails application. password format for validation I found is
PASSWORD_FORMAT_USED_CURRENTLY = /\A
(?=.{10,}) # Must contain 10 or more characters
(?=.*\d) # Must contain a digit
(?=.*[a-z]) # Must contain a lower case character
(?=.*[A-Z]) # Must contain an upper case character
(?=.*[[:^alnum:]]) # Must contain a symbol
/x
It works fine but I want two requirements to be fulfilled for my password
1) password must contain at least 6 letters ( it can be capital letters, small letters, digits or a combination of all ).
PASSWORD_FORMAT = /\A
(?=.{6,}) # Must contain 6 or more characters
/x
2) the second criteria is that the password should not contain any special characters.
I don't know how to achieve this
what I found is only that how can I make compulsory the presence of special characters but not vice versa.
Thanks in advance

The second regex itself will handle both the cases.
PASSWORD_FORMAT = /\A
(?=.{6,}) # Must contain 6 or more characters
(?=.*\w) # Must contain capital letters, small letters, digits or a combination of all. Must not contain any special characters.
/x

Related

onelogin username and email regex

Where can I find the username and email requirements/regex on onelogin's docs? I have looked everywhere but cannot find it
In general it is pretty accepting. Although customers can add rules to make their acceptance criteria more strict.
email = [^#\s]+#[a-Z0-9]+.[a-Z0-9]+
this means:
1. one or more characters that aren't the # sign or whitespace
2. the # sign
3. one or more characters a-Z or 0-9
4. the period '.'
5. one or more characters a-Z or 0-9
username = .*
this means basically any character but new lines
both must be unique within the customers account though.

Regular Expression for alphanumeric and some special characters not adjacent

I would like to have a regular expression to make an Oracle SQL REGEXP_LIKE query that checks
if a string starts with one alphanumeric character
if the string ends with one alphanumeric character
if the "body" of the string contains only alphanumeric character OR these authorized characters (written) : hyphen (dash), dot, apostrophe, space
if the authorised characters are NOT adjacent (to avoid something like "he--'''l..'-lo")
I started with this :
^[a-zA-Z0-9]+(a-zA-Z0-9\-\.'|([^\-\.'])\1)*[a-zA-Z0-9]$
I used backslash to escape assuming that dot and hyphen are metacharacters
I think this is what you want:
^[a-zA-Z0-9]+([-.' ][a-zA-Z0-9]|[a-zA-Z0-9])*\w?$
It looks for
at least 1 alphanumeric (alnum),
followed by
either an authorized character followed by an alphanumeric or just an alphanumeric, repeated any number of times (including 0).
optionally followed by
an alnum
This meets your specification. I'm not sure if starts with one alnum and ends with one alnum means that there must be at least 2 alnums, or if they can be the same. If there must be at least 2 of them, remove the last ? (which make the last alnum optional).
Regards
assuming you meant "authorised characters are NOT adjacent to each other"
try something along these lines
^[a-zA-Z0-9]+([a-zA-Z0-9]+[\-\.' ]?)*[a-zA-Z0-9]$
so that the repeating middle part always has one alphanumeric character followed by zero to one special characters.

Equivalence Partitioning on Email Field

Does anyone know how to derive test cases by using equivalence partitioning on email address field validation?
Test cases
1) Email Length
The format of email addresses is local-part#domain where the local-part may be up to 64 characters long and the domain name may have a maximum of 255 characters – but the maximum 256 characters length of a forward or reverse path restricts the entire email address to be no more than 254 characters
So, divide test cases in two scenarios:
i) email id between 0 to 254 characters
ii) email id greater than 254 characters
2) Characters and Numbers
Email accepts Uppercase and lowercase English letters (a–z, A–Z) and Digits 0 to 9
So, check email address with alphabets lower and upper-case and numbers, Check weather the loginid accepts the user name starting with caps letter or number or spl charaters
eg. niceandsimple#example.com, niceand122simple123#example.com
3) Special Charachters
Characters !#$%&'*+-/=?^_{|}~ are been accepted. So, write two scenarios.
1) email id with Characters !#$%&'*+-/=?^_{|}~ should be accepted
ii) email id containing characters other than Characters !#$%&'*+-/=?^_`{|}~ should not be accepted
eg.
---> !#$%&'*+-/=?^_`{}|~#example.org
---> " "#example.org
4) Special Characters with restrictions
Special characters are allowed with restrictions. They are:
Space and "(),:;<>#[]
The restrictions for special characters are that they must only be used when contained between quotation marks, and that 2 of them (the backslash \ and quotation mark " (ASCII: 92, 34)) must also be preceded by a backslash \ (e.g. "\\"").
Two scenarios
1) characters "(),:;<>#[] within double quotes
ii) charachters "(),:;<>#[] without double quotes
eg.
----> "()<>[]:,;#\\"!#$%&'*+-/=?^_`{}| ~.a"#example.org
5) Email with Dots (.)
i) email id with single dot should be accepted
a.little.lengthy.but.fine#dept.example.com
ii) email with multiple continues dot not accepted
a.little.....fine#dept.example.com
iii) Leading dot in address is not allowed
.abc123#gmail.com
iv) Trailing dot in address is not allowed
abc123.#gmail.com
v) Multiple dot in the domain portion is invalid
abc123#gmail..com
6) domain name
i) same domain name ----> check the mail can be of same domain name i.e gmail#gmail.com
ii) Domain is valid IP address
iii) Square bracket around IP address is considered valid
iv) Dash in domain name is valid
v) Missing # sign and domain
vi) Garbage ( ##%^%#$##$##.com )
vii) Two # sign
viii) Leading dash in front of domain is invalid
ix) .web is not a valid top level domain
x) Invalid IP format
7) Text in email
1) Text followed email is not allowed
email#domain.com (Joe Smith)
2) Text before email allowed
(Joe Smith)email#domain.com
Take each input condition described in the specification and derive at least two equivalence classes for it. One class represents the set of cases which satisfy the condition (the valid class) and one represents cases which do not (the invalid class), example as below:
–Number of email field: 0<21
•Class 1: any value less then 1(invalid input)
•Class 2: 1-20 (valid input)
•Class 3: any value more then 20(invalid input)
•Select at least 1 value from each class as test data for testing on the field “Number of email”
–Value below will be use for testing for “number of email” field validation and verification
–-5, 5, 25

TSQL, ensure at least one character appears before # sign

In TSQL, if I'm searching for valid .com email addresses, I need to make sure there's an # sign, it ends in .com, and there's at least one character before and after the #.
SELECT * FROM CUSTOMER WHERE [EMAIL] LIKE '%#%.com';"
I don't believe the above query would satisfy the requirement of ensuring that there is at least one character before and after the # sign (and before the .com sign in the second case). How can I adjust the wildcards in this example to mean "any sequence of 1 or more characters" where each % sign is?
Use the underscore character to match a mandatory single character in conjunction with % to match optional additional ones.
LIKE '_%#_%.com';"
SELECT * FROM CUSTOMER WHERE EMAIL LIKE _%#%_.com;
This may satisfy your requirement as _ is used to indicate a compulsory character.

ASP Regular Expression for UK Telephone format in VB.net

I want regular expression validator for my telephone field in VB.net. Please see the requirement below:
Telephone format should be (+)xx-(0)xxxx-xxxxxx ext xxxx (Optional) example my number would appear as 44-7966-591739 Screen would be formatted to show +44-(0)7966-591739 ext
Please suggest.
Best Regards,
Yuv
+44-(0)7966-591739
The (0) is not valid in phone number display. Remove it.
It's +44 7966 591739 or 07966 591739.
The RegEx pattern is inefficient in multiple ways:
(\d{4}|\d{3})
The above simplifies to:
\d{3,4}
There are bigger problems:
^(((+44\s?\d{4}|(?0\d{4})?)\s?\d{3}\s?\d{3})|((+44\s?\d{3}|(?0\d{3})?)\s?\d{3}\s?\d{4})|((+44\s?\d{2}|(?0\d{2})?)\s?\d{4}\s?\d{4}))(\s?#(\d{4}|\d{3}))?$
Having found the leading +44 or leading 0 once, why keep on searching for it again and again?
^((+44\s?..|0..).....|(+44\s?..|0..).....|(+44\s?..|0..).....)
simplifies to
^(+44\s?|0)(.. .....|.. .....|.. .....)
However, the above pattern caters only for UK 4+6, 3+7 and 2+8 format numbers and not for 3+6, 4+5, 5+5 and 5+4 format numbers.
The pattern is inadequate.
Phone number validation and formatting needs to be broken down into separate steps. Allow a wide range of input formats, extract the vital digits and throw away the various dial prefixes, then strictly format the remaining number in international or national format.
For London numbers, the correct format with spaces is:
+44 20 3555 7890 or 020 3555 7890 or (020) 3555 7890
and without spaces:
+442035557890 or 02035557890.
(0) in parentheses is NEVER valid. Do not use it.
UK phone numbers use a variety of formats: 2+8, 3+7, 3+6, 4+6, 4+5, 5+5, 5+4. Some users don't know which format goes with which number range and might use the wrong one on input. Let them do that; you're interested in the DIGITS.
Step 1: Check the input format looks valid
Make sure that the input looks like a UK phone number. Accept various dial prefixes, +44, 011 44, 00 44 with or without parentheses, hyphens or spaces; or national format with a leading 0. Let the user use any format they want for the remainder of the number: (020) 3555 7788 or 00 (44) 203 555 7788 or 02035-557-788 even if it is the wrong format for that particular number. Don't worry about unbalanced parentheses. The important part of the input is making sure it's the correct number of digits. Punctuation and spaces don't matter.
^\(?(?:(?:0(?:0|11)\)?[\s-]?\(?|\+)44\)?[\s-]?\(?(?:0\)?[\s-]?\(?)?|0)(?:\d{5}\)?[\s-]?\d{4,5}|\d{4}\)?[\s-]?(?:\d{5}|\d{3}[\s-]?\d{3})|\d{3}\)?[\s-]?\d{3}[\s-]?\d{3,4}|\d{2}\)?[\s-]?\d{4}[\s-]?\d{4}|8(?:00[\s-]?11[\s-]?11|45[\s-]?46[\s-]?4\d))(?:(?:[\s-]?(?:x|ext\.?\s?|\#)\d+)?)$
The above pattern matches optional opening parentheses, followed by 00 or 011 and optional closing parentheses, followed by an optional space or hyphen, followed by optional opening parentheses. Alternatively, the initial opening parentheses are followed by a literal + without a following space or hyphen. Any of the previous two options are then followed by 44 with optional closing parentheses, followed by optional space or hyphen, followed by optional 0 in optional parentheses, followed by optional space or hyphen, followed by optional opening parentheses (international format). Alternatively, the pattern matches optional initial opening parentheses followed by the 0 trunk code (national format).
The previous part is then followed by the NDC (area code) and the subscriber phone number in 2+8, 3+7, 3+6, 4+6, 4+5, 5+5 or 5+4 format with or without spaces and/or hyphens. This also includes provision for optional closing parentheses and/or optional space or hyphen after where the user thinks the area code ends and the local subscriber number begins. The pattern allows any format to be used with any GB number. The display format must be corrected by later logic if the wrong format for this number has been used by the user on input.
The pattern ends with an optional extension number arranged as an optional space or hyphen followed by x, ext and optional period, or #, followed by the extension number digits. The entire pattern does not bother to check for balanced parentheses as these will be removed from the number in the next step.
At this point you don't care whether the number begins 01 or 07 or something else. You don't care whether it's a valid area code. Later steps will deal with those issues.
Step 2: Extract the NSN so it can be checked in more detail for length and range
After checking the input looks like a GB telephone number using the pattern above, the next step is to extract the NSN part so that it can be checked in greater detail for validity and then formatted in the right way for the applicable number range.
^\(?(?:(?:0(?:0|11)\)?[\s-]?\(?|\+)(44)\)?[\s-]?\(?(?:0\)?[\s-]?\(?)?|0)([1-9]\d{1,4}\)?[\s\d-]+)(?:((?:x|ext\.?\s?|\#)\d+)?)$
Use the above pattern to extract the '44' from $1 to know that international format was used, otherwise assume national format if $1 is null.
Extract the optional extension number details from $3 and store them for later use.
Extract the NSN (including spaces, hyphens and parentheses) from $2.
Step 3: Validate the NSN
Remove the spaces, hyphens and parentheses from $2 and use further RegEx patterns to check the length and range and identify the number type.
These patterns will be much simpler, since they will not have to deal with various dial prefixes or country codes.
The pattern to match valid mobile numbers is therefore as simple as
^7([45789]\d{2}|624)\d{6}$
Premium rate is
^9[018]\d{8}$
There will be a number of other patterns for each number type: landlines, business rate, non-geographic, VoIP, etc.
By breaking the problem into several steps, a very wide range of input formats can be allowed, and the number range and length for the NSN checked in very great detail.
Step 4: Store the number
Once the NSN has been extracted and validated, store the number with country code and all the other digits with no spaces or punctuation, e.g. 442035557788.
Step 5: Format the number for display
Another set of simple rules can be used to format the number with the requisite +44 or 0 added at the beginning.
The rule for numbers beginning 03 is
^44(3\d{2})(\d{3])(\d{4})$
formatted as
0$1 $2 $3 or as +44 $1 $2 $3
and for numbers beginning 02 is
^44(2\d)(\d{4})(\d{4})$
formatted as
(0$1) $2 $3 or as +44 $1 $2 $3
The full list is quite long. I could copy and paste it all into this thread, but it would be hard to maintain that information in multiple places over time. For the present the complete list can be found at: http://aa-asterisk.org.uk/index.php/Regular_Expressions_for_Validating_and_Formatting_GB_Telephone_Numbers
For validation:
As bobince points out, you should be flexible with phone numbers because there are so many ways to enter them.
One simple yet effective way to validate the value is first strip all non-numeric values, then make sure it is at least 11 digits long, and - if you're limiting to UK numbers - then check it starts with either 0 or 44.
I can't be bothered looking up vb.net syntax, but something along the lines of this:
if Phone.replaceAll('\D','').length < 11
// Invalid Number
endif;
(The \D is regex for anything not 0-9.)
To format a number as requested, assuming you've got a relatively fixed input that you want to display to a page, something like this might work:
replace:
(\d{2,3})\D*0?\D*(\d{4})\D*(\d{5})\D*(\d*)
with:
+$1-(0)$2-$3 ext $4
That's fairly flexible but wont accept any old phone number. It currently required an international code at the start, and I'm not quite sure on the rules of them to know if it's going to work perfectly, but it might be good enough for what you need.
An explanation of that regex, in regex comment mode (so it can be used directly as a regex if necessary):
(?x) # enable regex comment mode (whitespace ignored, hashes start comments)
# international code:
(\d{2,3}) # matches 3 or 2 digits; captured to group 1.
# optional 0 with potental spaces dashes or parens:
\D* # matches as many non-digits as possible, none required.
0? # optionally match a zero
\D* # matches as many non-digits as possible, none required.
# main part of number:
(\d{4}) # match 4 digits; captured to group 2
\D* # matches as many non-digits as possible, none required.
(\d{5}) # match 5 digits; captured to group 3.
# optional prefix:
\D* # matches as many non-digits as possible, none required.
(\d*) # match as many digits as possible, none required; captured to group 4.
Never include a (0) in parentheses in the international format.
ITU E.123 warns against it: http://www.itu.int/rec/T-REC-E.123-200102-I/en
as does: http://revk.www.me.uk/2009/09/it-is-not-44-0207-123-4567.html