Layout:  On create user screens, the user inputs various user information and creates a password for the user.  Click "add User", and create the user.

The passwords in the DB must be 7 characters in length and contain at least 1 non-alphanumeric character.  So in response, I created a regular expression and added it to a Regular Expression Validator.

<asp:RegularExpressionValidator runat="server" ID="regExPassword" ValidationExpression="^[\w]*(?=\w*\W)[\w\W]{7,}" ControlToValidate="txtPassword" Display="none" ErrorMessage="Password..blah blah blah"></asp:RegularExpressionValidator>

The problem is that the expression doesn't want to work with the asp validator.  It won't stop displaying the Error Message even when the password should be correct.

 I have tested the regular expression with two Regex progz...RegexBuilder and The Regex Coach.  Each one passes with flying colors. 

^[\w]*(?=\w*\W)[\w\W]{7,}

I have exhausted all my resources (Google + all my asp books) and any help would be greatly appreciated.  Thanks.

-D

The problem is that the validator uses the Javascript (IE version) RegEx object, and that only supports a subset of the features unfortunately. The .NET, Java, etc versions of RegEx are bazillion times more advanced. I had this issue multiple times too...often with actual compile errors even.

Anyway, while its not always the case, I'd start by removing the beggining of line character (the ^ ). For certain controls, it -feels- (I didn't test it extensively) that its assumed, and I've had weird behaviors while using ^ and $ with textbox, while other times it worked just fine... Try taking it out and see what happens.

Thanks alot for the reply.  I will try modifying the expression on Monday when I have work.  I'll post results then.  Thanks again for the quick and timely post.

-D

Okay, I tried modifying the expression and tested it, but still got bad results.  But thanks to your explanation I started testing it in javascript based regex testers instead of .net formatted testers.  I'm going to rebuild the expression now.  Could anyone recommend a solid regular expression website?  Most I come across are either too simple, not enough examples, or in a different format.

 Thanks,
-D

To assist you, here is the regular expression docs for javascript:

http://www.synchro.net/docs/js/ref/regexp.html#1193136

 Afternoon Peter,

Ok, finally got back this problem.  I wanted to run it by you just in case you could see any holes in the javascript regex.

My original problem was to verify at least 7 characters with a special character as well...the default password security of asp.net.  I was having difficulty with a single regex expression, so I took the CustomValidator property ClientValidationFunction and hooked it up to a javascript function, and it runs this code:

 function testPassword(sender, args)
{
    var passwd =  args.Value;

    if (passwd.match(/(.*[\W])/) && passwd.match(/(.*[\w]{7,})/))
        {
            args.IsValid = true;
        }
    else
       {
            args.IsValid = false;
       }
}

And if this can help anyone else out I hope it does.  There isn't much regarding this format on the net, which is kind of ironic because MS makes it their default.

-Derrick
 

I'm not sure you've come up with the right regex. Let me state in English what each expression says:

(.*[\W])

Somewhere in the string, there must be a list of any character except carriage returns. It must be followed by any character that is not a letter, digit, or underscore. That's not bad although it forces a later character to be the special character instead of at any position.

(.*[\w]{7,})

Somewhere in the string, there must be a list of any character except carriage returns. It must be followed by at least 7 digits, letters,  or underscores (in any order). This demands a sequence of 7 or more to be digits, letters, or underscores. As a result, the special character cannot be found in this sequence.

I'll leave it to you to assess if that's OK.

 

Thanks alot for the review Peter, I'm going to take a harder look at this when I get back in the office tomorrow and write some test scenarios.

-Derrick