Password strength checker for YII

Hello,

a "dirty" password strength checker for Yii. Easiest way to use it to drop it into "components" folder. with 'minLevel' => 3 . You set the minlevel.

Some info: For the freedom of the user you shouldnt set the lelvel to high. Only if you sell things have auctions or something similar "important" things. You should bind the user to a "secure" password.



<?php


/*


 * A password strength checker!


 * Drop it where you like it :)


 *


 * LINK: www.u-r-reality.de


 */





class EPassValidator extends CValidator


{


    public $minLevel;





    private $password;


    private $lvl;


    private $length;





    protected function validateAttribute($object, $attribute)


    {


        if(!$object->hasErrors())


        {


            $this->password = $object->$attribute;





            $this->minLevel = $this->minLevel ? $this->minLevel : 3;





            echo $this->minLevel;





            if($this->getLevel($this->password) < $this->minLevel)


            {


                $message = Yii::t('yii','The password is not secure enough.');


                $this->addError($object,$attribute,$message);


            }


        }


    }





    protected function getLevel($password)


    {


        if ( strlen( $password ) == 0 )


            return 1;





        $this->lvl = 0;





        $this->length = strlen($password);





        if(strtolower($password) != $password)


        $this->lvl += 2;





        if(strtoupper($password) == $password)


        $this->lvl += 2;





        if($this->length >= 8 && $this->length <= 15)


        $this->lvl += 2;





        if($this->length >= 16 && $this->length <=35)


        $this->lvl += 3;





        if($this->length > 35)


        $this->lvl += 4;





        preg_match_all('/[0-9]/', $password, $numbers);


        $this->lvl += count($numbers[0]);





        preg_match_all('/[|!@#$%&*/=?,;.:-_+~^\]/', $password, $specialchars);


        $this->lvl += sizeof($specialchars[0]);





        $chars = str_split($password);


        $num_unique_chars = sizeof( array_unique($chars) );


        $this->lvl += $num_unique_chars * 2;





        $this->lvl = $this->lvl > 99 ? 99 : $this->lvl;


        $this->lvl = floor($this->lvl / 10 + 1);





        return $this->lvl;


    }





}


?>


Do what ever you like with it. Just keep the link. And dont claim it as your own :)

To create a password strength checker for Yii, you can follow these steps:

Step 1: Create a new file called PasswordStrengthValidator.php in the validators directory of your Yii application.

Step 2: Open the PasswordStrengthValidator.php file and add the following code:

phpCopy code

<?php

namespace app\validators;

use yii\validators\Validator;

class PasswordStrengthValidator extends Validator
{
    public $minLength = 8; // Minimum password length
    public $requireSpecialChar = true; // Require at least one special character
    public $requireDigit = true; // Require at least one digit
    public $requireLowercase = true; // Require at least one lowercase letter
    public $requireUppercase = true; // Require at least one uppercase letter

    public function init()
    {
        parent::init();
        $this->message = '{attribute} is not strong enough.';
    }

    public function validateAttribute($model, $attribute)
    {
        $value = $model->$attribute;

        if (strlen($value) < $this->minLength) {
            $this->addError($model, $attribute, $this->message);
            return;
        }

        if ($this->requireSpecialChar && !preg_match('/[!@#$%^&*]/', $value)) {
            $this->addError($model, $attribute, $this->message);
            return;
        }

        if ($this->requireDigit && !preg_match('/\d/', $value)) {
            $this->addError($model, $attribute, $this->message);
            return;
        }

        if ($this->requireLowercase && !preg_match('/[a-z]/', $value)) {
            $this->addError($model, $attribute, $this->message);
            return;
        }

        if ($this->requireUppercase && !preg_match('/[A-Z]/', $value)) {
            $this->addError($model, $attribute, $this->message);
            return;
        }
    }
}

Step 3: Now, in your model where you want to use the password strength validation, add the following code to the rules() method:

phpCopy code

public function rules()
{
    return [
        // ... other rules ...
        ['password', 'app\validators\PasswordStrengthValidator'],
    ];
}

This will add the PasswordStrengthValidator to the password attribute of your model.

Step 4: You can customize the validator’s behavior by adjusting the properties such as minLength, requireSpecialChar, requireDigit, requireLowercase, and requireUppercase in the PasswordStrengthValidator class.

For example, to set a minimum length of 10 characters, you can modify the validator in the model as follows:

phpCopy code

public function rules()
{
    return [
        // ... other rules ...
        ['password', 'app\validators\PasswordStrengthValidator', 'minLength' => 10],
    ];
}

Now, when you try to save a model with a weak password, it will fail the validation and display the error message.

Remember to adjust the namespace and file path according to your Yii application’s structure.

That’s it! You have created a password strength checker using Yii’s built-in validation mechanism.