Version 1.2 - 9 Oct 2001
By: Tom Nunamaker, tom@nunamaker.com,
www.toshop.com
DESCRIPTION: CF_PASSWORDCHECKER checks your passwords for various rules,
can confirm the password with a confirmation password, enforce minimum and maximum
lengths, check for mixed case, existance of a number and/or a "special" character
and query a data dictionary database.
| USAGE: |
<CF_PASSWORDCHECKER |
| |
PASSWORD="#password#" |
| |
[PASSWORDCONFIRM = "#passwordconfirm#"
(Default=#password#)] |
| |
[USERNAME="" (Default="")] |
| |
[MINLENGTH = "6" (Default = 6)] |
| |
[MAXLENGTH = "15" (Default = 15)] |
| |
[CHECKMIXEDCASE (Default
= false)] |
| |
[CHECKNUMERIC (Default = false)] |
| |
[CHECKSPECIALCHAR (Default = false)] |
| |
[BANNEDCHARS="&*()" (Default="")] |
| |
[BANSPACES (Default=true)] |
| |
[CHECKDICTIONARY (Default = false)] |
| |
[DSN="AMOCC" (Default = "")] |
| |
[TABLENAME="words" (Default="")] |
| |
[FIELDNAME="words" (Default="")] |
| |
[DSNUSERNAME="words" (Default="")] |
| |
[DSNPASSWORD="words" (Default="")] |
| |
> |
| NOTE: "[]" brackets indicate attribute is optional |
REQUIRED ATTRIBUTES
- PASSWORD
This is the password you're checking.
OPTIONAL ATTRIBUTES
- PASSWORDCONFIRM
If passed, will be compared to Password to make sure they are the same
- USERNAME
The username to check against the password. If included, will check the
password to make sure the username is not contained in the password.
- MINLENGTH
Minimum password length. Defaults to 6 characters
- MAXLENGTH
Maximum password length. Defaults to 15 characters
- CHECKMIXEDCASE
If this attribute is present, the password must be mixed case. IE, have
at least one UPPERCASE and one LOWERCASE letter
- CHECKNUMERIC
If this attribute is present, a number must be in the password
- CHECKSPECIALCHAR
If this attribute is present, a non-alphnumeric is required in the password
- BANNEDCHARS
Enter banned characters. If they appear in the password, it will be
rejected
- BANSPACES
Controls if spaces are allowed in the password or not. Defaults to "false"
which disallows spaces
- CHECKDICTIONARY
Use DSN, TABLENAME and FIELDNAME to check the password to see if it's
a dictionary word. Over 53,000 words in the sample database
- DSN
The datasource name in the CFQUERY tag to query the data dictionary
database
- TABLENAME
The table name in the data dictionary database
- FIELDNAME
The field name of the word list in the data dictionary database
- DSNUSERNAME
The username needed to connect to the datasource
- DSNPASSWORD
The password needed to connect to the datasource
| RETURNS: |
validpassword = True or false. If password passes
all tests, returns TRUE, otherwise, FALSE |
|
errormsg NULL string unless validpassword = false,
then errormsg contains the last error encountered. |
|
|
| EXAMPLE: |
<CF_PASSWORDCHECKER PASSWORD="#form.password#" |
|
PASSWORDCONFIRM = "#form.password2#" |
|
USERNAME=""> |
|
CHECKMIXEDCASE |
|
CHECKNUMERIC |
|
CHECKSPECIALCHAR |
|
BANNEDCHARS="&*()" |
|
CHECKDICTIONARY |
|
DSN="WORDS" |
|
TABLENAME="words" |
|
FIELDNAME="words"> |
|
DSNUSERNAME=""> |
|
DSNPASSWORD=""> |
| |
|
|
|
<cfif validpassword IS true> |
|
Good password |
|
<cfelse> |
|
Bad Password. Here's what's
wrong with it:
<cfoutput>#errormsg#</cfoutput>
|
|
</cfif>
|
See working example at http://toshop.com/passwordchecker/
|