I've written a number of regular expressions that sequentially check a password in PHP and have noticed a few anomalies. The regexs are intended to check that the password has at least one uppercase letter, lowercase letter, number and symbol in any position. The first three seem to be working fine as they are quite basic:
/[a-z]+/ (checks for at least one lowercase letter anywhere in string)
/[A-Z]+/ (checks for at least one uppercase letter anywhere in string)
/[0-9]+/ (checks for at least one number anywhere in string)
The regex for finding the symbol is quite extensive as it contains a large set of possible symbols that can be matched and also a set of symbols that shouldn't match:
/[\!\$\%\^\&\*\(\)\-\_\=\+\[\]\{\}\;\:\@\.\,\<\>\?\/\?\#]+[^\"\'\£]+/
This generally works except when a symbol is at the end of the string:
123$ABCxyz > this passes OK
123ABCxyz$ > this fails as the symbol is not recognised
Changing the regex to omit the last part and it works:
/[\!\$\%\^\&\*\(\)\-\_\=\+\[\]\{\}\;\:\@\.\,\<\>\?\/\?\#]+/
I assume that the regex in imposing a rule that fails due the last part. Running the NOT regex separately also fails.
[^\"\'\£]+/
I would assume that this statement would return true if none of the characters it targets are found.
Can anyone please explain why?
Many thanks, Kw
