Regex PHP with password length of 8 with at least 1 upper case, number nd letter

Question

extract( $_POST );

    // determine whether phone number is valid and print
    // an error message if not
    if ( !@ereg( "^[0-9]{3}-[0-9]{7}$", $phone))
    {
        echo( "<SCRIPT LANGUAGE='JavaScript'>
        window.alert('Please insert a valid phone number with (xxx-xxxxxxx) format.')
        window.location.href='';
        </SCRIPT>");
    }
else if (!@preg_match('/^(?=.*\d{3,})(?=.*[A-Za-z]{5,})[0-9A-Za-z!@#$%]{8,32}$/', $pass))
    {
        echo("<SCRIPT LANGUAGE='JavaScript'> 
        window.alert('Password must be at least 8 characters long and must contain at least 1 number and 1 letter')
        window.location.href='';
        </SCRIPT>");
    }

I'm not sure what's wrong with the coding above but I can't seem to get the correct password value? It keeps displaying the same error message

Answer 1

If you're after exactly 8 characters with those conditions then you would need something like this instead:

else if (!@preg_match('/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)[a-zA-Z\d]{8}$/', $pass))

Answer 2

What your regex means?

^(?=.*\d{3,})(?=.*[A-Za-z]{5,})[0-9A-Za-z!@#$%]{8,32}$

Regex Breakdown

^ #Start of string
  (?=.*\d{3,}) #Match at least 3 consecutive digits anywhere in string
  (?=.*[A-Za-z]{5,}) #Match at least 5 consecutive characters from the set anywhere in string
  [0-9A-Za-z!@#$%]{8,32} #Ensure that length of string is in between 8 and 32
$ #End of string

This will give what you desire (as per you described in your question)

(?=.{8,})(?=.*[A-Z])(?=.*[a-z])(?=.*[0-9])

Regex Breakdown

(?=.{8,}) #Ensure that string is of at least length 8 
(?=.*[A-Z]) #Match a single capital letter anywhere in string
(?=.*[a-z]) #Match a single small letter anywhere in string
(?=.*\d) #Match a single digit anywhere in string