Well I don't know how many people here at tf will find this useful as there aren't that many phpers. But anyway, this is a script that can be implemented into register pages, here goes!
Well the other day I say that MSN's hotmail sign up had a password security script (Done in Javascript) So I thought i'd have a go at a PHP version!
Currently I don't have anywhere to host it but it's free for you all to view:
This is the Error page,
Any major faults in the chosen password will show up as a list of what they've done wrong.
(These include: Not atleast 6 chars, Not matching passes, Not alphanumeric).
This is the "Easy". If it's a most basic password with little amount of characters it shows up as easy.
Link
This is the "Medium". When a password is fairly safe to use and fairly hard to guess, beyond this wouldn't be worh it unless you want to keep things very important away from prying eyes...
Link
This is "Strong". This means the password is long, involves several letters (Capitals and small letters) and several numbers. One thing to note is I havn't allowed anything but alphanumerics.
Now to the code!
index.php
HTML Code:
<html>
<head>
<title>Password Checker</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css">
body
{
font-family: verdana;
background-color: #FFFFFF;
}
.defaulttext
{
font-size: 10px;
font-color: #000000;
}
input.pass
{
width:150px;
height:15px;
background-color: #FFFFFF;
color: #000000;
font-size: 10px;
}
input.submit
{
width:100px;
height:20px;
color: #000000;
font-size: 10px;
}
iframe
{
border-width:0px;
}
</style>
<!-- Made by Sketchie -->
</head>
<body>
<table cellpadding="0" border="0" cellspacing="0">
<tr>
<td width="300px" valign="top" align="left">
<form action="check.php" method="POST" target="check">
<table cellpadding="0" border="0" cellspacing="0">
<tr>
<td>
<span class="defaulttext">Password:</span>
</td>
<td>
<input class="pass" type="password" name="pass" />
</td>
</tr>
<tr>
<td>
<span class="defaulttext">Re-Password:</span>
</td>
<td>
<input class="pass" type="password" name="repass" />
</td>
</tr>
<tr>
<td colspan="2" align="center">
<input class="submit" type="submit" name="submit" value="check" />
</td>
</tr>
</table>
</form>
</td>
<td width="400px" height="100px" valign="top" align="center">
<iframe src="check.php" name="check" width="400px" height="100px"></iframe>
</td>
</tr>
</table>
</body>
</html>
The index includes the form and an iframe (Too much effort to reload a whole page!)
Both form and iframe are in a table to align next to eachother for neatness
.
The Inline frame (where the magic happens):
check.php - with comments
.
PHP Code:
<?php
function passcheck($password)
{
/*
Ok now lets test how easy the password is to crack
We'll do this by awarding points, the more points, the safer we can presume it is to guess!
*/
$points = 0;
//Check length
$len = strlen($password);
if ($len >= 10) $points = $points+3;
elseif ($len > 8 && $len < 10) $points = $points+2;
else $points = $points+1;
//Check how many chars are numbers
if (ereg("[[:digit:]]{3,}", $password)) $points = $points+3;
elseif (ereg("[[:digit:]]{1,2}", $password)) $points = $points+2;
else $points=$points;
//Check how many chars are letters (After all, it could be purely number based)
if (ereg("[a-z]{3,}", $password)) $points = $points+3;
elseif (ereg("[a-z]{1,2}", $password)) $points = $points+2;
else $points=$points;
//check how many are capitals
if (ereg("[A-Z]{2,}", $password)) $points = $points+3;
elseif (ereg("[A-Z]{1}", $password)) $points = $points+2;
else $points=$points;
return $points;
}
?>
<html>
<head>
<style type="text/css">
body
{
font-family: verdana;
background-color: #FFFFFF;
}
.defaulttext
{
font-size: 10px;
color: #000000;
}
.table
{
width:100px;
background-color: #d5d5d5;
color: #6c6c6c;
font-family: verdana;
font-size: 10px;
}
.unusabletable
{
width:100px;
background-color: #fc4242;
color: #820606;
font-family: verdana;
font-size: 10px;
}
.easytable
{
width:100px;
background-color: #ffb448;
color: #cf7b04;
font-family: verdana;
font-size: 10px;
}
.mediumtable
{
width:100px;
background-color: #87cc6e;
color: #218000;
font-family: verdana;
font-size: 10px;
}
.hardtable
{
width:100px;
background-color: #89b6d9;
color: #0c4775;
font-family: verdana;
font-size: 10px;
}
</style>
<!-- Made by Sketchie -->
</head>
<body>
<?php
if (!isset($_POST['submit']))
{
echo '
<span class="defaulttext">How Secure is Your chosen Password?<br/></span>
<table cellpadding="0" cellspacing="2" border="0" height="20px">
<tr>
<td class="table" align="center">Unusable</td>
<td class="table" align="center">Easy</td>
<td class="table" align="center">Medium</td>
<td class="table" align="center">Strong</td>
</tr>
</table>
';
die();
}
$password = addslashes($_POST['pass']);
$repassword = addslashes($_POST['repass']);
/*
Any c variables that aren't true makes the password unusable
*/
//check both vars are equal
if ($password == $repassword) $c_equ = true;
//check it's length
if (strlen($password) >= 6) $c_len = true;
//check only alphanumeric chars are in password
if(ctype_alnum($password)) $c_aln = true;
if (!$c_equ || !$c_len || !$c_aln)
{
echo '
<span class="defaulttext">How Secure is Your chosen Password?<br/>
<table cellpadding="0" cellspacing="2" border="0" height="20px">
<tr>
<td class="unusabletable" align="center">Unusable</td>
<td class="table" align="center">Easy</td>
<td class="table" align="center">Medium</td>
<td class="table" align="center">Strong</td>
</tr>
</table>
';
if(!$c_equ) echo 'Your passwords did not match!<br/>';
if(!$c_len) echo 'Your chosen password needs to be atleast 6 letters long.<br/>';
if(!$c_aln) echo 'Your chosen password can only have numbers and letters.<br/>';
echo '</span>';
die();
}
//Checks the strength of the password
$total = passcheck($password);
if ($total >= 9)
{
//This will show it as strong
echo '
<span class="defaulttext">How Secure is Your chosen Password?<br/></span>
<table cellpadding="0" cellspacing="2" border="0" height="20px">
<tr>
<td class="table" align="center">Unusable</td>
<td class="table" align="center">Easy</td>
<td class="table" align="center">Medium</td>
<td class="hardtable" align="center">Strong</td>
</tr>
</table>';
}
elseif ($total > 6 && $total < 9)
{
//This will show it as medium
echo '
<span class="defaulttext">How Secure is Your chosen Password?<br/></span>
<table cellpadding="0" cellspacing="2" border="0" height="20px">
<tr>
<td class="table" align="center">Unusable</td>
<td class="table" align="center">Easy</td>
<td class="mediumtable" align="center">Medium</td>
<td class="table" align="center">Strong</td>
</tr>
</table>';
}
else
{
//This will show it as Easy
echo '
<span class="defaulttext">How Secure is Your chosen Password?<br/></span>
<table cellpadding="0" cellspacing="2" border="0" height="20px">
<tr>
<td class="table" align="center">Unusable</td>
<td class="easytable" align="center">Easy</td>
<td class="table" align="center">Medium</td>
<td class="table" align="center">Strong</td>
</tr>
</table>';
}
?>
</body>
</html>
I'd like to thank bfsog, for advice during a little regex dilemma.
I'd upload a working version but neither of my hosts are working ><. Anyone who wants to upload a working version may do so, and link here!
PS: Works on PHP5, untested on PHP4 or less.