CrowdforGeeks | Build Skills with Online Courses from Top Institutions

CodeIgniter Strong Password Validation

When You are going to create a Registration Form then You should make sure that users always must have a strong password. It's quite easy to create a Strong password Validation with CodeIgniter, by using the Form Validation Library and REGEX.

For example, Set the minimum and maximum length of the password, It should contain a lowercase, uppercase, numbers, and special chars. You can also easily make sure that the data entered in the password field Should be equal to password confirmation field.

An example password policy could be:

Required
Lowercase
Uppercase
Number
Special Chars

PasswordValidation.php(view)

<!DOCTYPE html>
<html>
<head>
<title>Strong Password Validation</title>
  <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css">
  <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
</head>
<body>
<div class="container-fluid ">
    <div class="row">
    <div class="col-md-9 offset-md-1"> 
     <div class="user_about_content_box">
       <div class="tab-pane">         
         <h3>Strong Password Validation</h3>
        </div>  
<div class="col-md-8">
	<?php 
	if($this->session->flashdata('success'))
	{
echo "<span class='text-success' style='font-weight:bold'>".$this->session->flashdata('success')."</span>";	
	}
	?>
</div>	
       <form method="post" action="<?php echo base_url('passwordcontroller/index'); ?>">
        <div class="col-md-8">
       <div class="form-group" id="prime_cat">
            <input type="email" value="<?php echo set_value('email'); ?>" name="email" class="form-control input-group-lg" placeholder="Email">  
       </div>
	   <?php if(form_error('email')){echo "<span style='color:red'>".form_error('email')."</span>";} ?>
	   
       <div class="form-group" id="prime_cat">
            <input type="text" value="<?php echo set_value('new_password'); ?>" name="new_password" class="form-control input-group-lg" placeholder="New Password">  
       </div>
	   <?php if(form_error('new_password')){echo "<span style='color:red'>".form_error('new_password')."</span>";} ?>
	   
       <div class="form-group" id="prime_cat">
            <input type="password" value="<?php echo set_value('confirm_password'); ?>" name="confirm_password" class="form-control input-group-lg" placeholder="Confirm Password">  
       </div>
	   <?php if(form_error('confirm_password')){echo "<span style='color:red'>".form_error('confirm_password')."</span>";} ?>
       <div class="form-group col-md-12">
            <input  class="btn btn-primary" type="submit" value="Create account">
        </div>
        </div>
       </form>
     </div>  <!--Content box ends-->
 	
 	</div>
	</div>
</div>
</div>
</body>
</html>

PasswordController.php(Controller)

<?php
defined('BASEPATH') OR exit('No direct script access allowed');
class PasswordController extends CI_Controller 
{

	
	public function index()
	{
	
		
		$rules = array(
				[
					'field' => 'email',
					'label' => 'Email',
					'rules' => 'required',
				],
				[
					'field' => 'new_password',
					'label' => 'New Password',
					'rules' => 'callback_valid_password',
				],
				[
					'field' => 'confirm_password',
					'label' => 'Confirm Password',
					'rules' => 'matches[new_password]',
				],
			);
			$this->form_validation->set_rules($rules);
		
		
		if($this->form_validation->run()==FALSE)
		{
		$this->load->view('PasswordValidation');	
		}
		else
		{
			
	$this->session->set_flashdata('success','Congrates ');	
			
		redirect(base_url('PasswordController/index'));	
		}
		
	}
	
	//Create strong password 
	public function valid_password($password = '')
	{
		$password = trim($password);

		$regex_lowercase = '/[a-z]/';
		$regex_uppercase = '/[A-Z]/';
		$regex_number = '/[0-9]/';
		$regex_special = '/[!@#$%^&*()\-_=+{};:,<.>??~]/';

		if (empty($password))
		{
			$this->form_validation->set_message('valid_password', 'The {field} field is required.');

			return FALSE;
		}

		if (preg_match_all($regex_lowercase, $password) < 1)
		{
			$this->form_validation->set_message('valid_password', 'The {field} field must be at least one lowercase letter.');

			return FALSE;
		}

		if (preg_match_all($regex_uppercase, $password) < 1)
		{
			$this->form_validation->set_message('valid_password', 'The {field} field must be at least one uppercase letter.');

			return FALSE;
		}

		if (preg_match_all($regex_number, $password) < 1)
		{
			$this->form_validation->set_message('valid_password', 'The {field} field must have at least one number.');

			return FALSE;
		}

		if (preg_match_all($regex_special, $password) < 1)
		{
			$this->form_validation->set_message('valid_password', 'The {field} field must have at least one special character.' . ' ' . htmlentities('!@#$%^&*()\-_=+{};:,<.>??~'));

			return FALSE;
		}

		if (strlen($password) < 5)
		{
			$this->form_validation->set_message('valid_password', 'The {field} field must be at least 5 characters in length.');

			return FALSE;
		}

		if (strlen($password) > 32)
		{
			$this->form_validation->set_message('valid_password', 'The {field} field cannot exceed 32 characters in length.');

			return FALSE;
		}

		return TRUE;
	}
	//strong password end

}

Output(validation error)

Output(validation success message)