http://qs321.pair.com?node_id=11118336

in reply to Efficient way to verify scalar contents

Hi, some untested pseudo code

I see it as a rules matrix to be checked.

I'd take

\$index= min( int(length /4), 5 )

And an array of arrays @rules for lookup.

The rules array would contain subs which all must return true for the password to pass.

Like \$letter = sub {  /[a-z]/i }

(This will test against \$_ )

So \$rules[3] = [ \$letter, \$number ]

\$rules[1] = [ \$forbidden ]

All you need to do now is too loop over all rules and fail if one entry returns false.

HTH! :)

PS instead of code refs one might also store regex refs with qr//.

But why blocking the way to more complicated rules?

Cheers Rolf
(addicted to the Perl Programming Language :)
Wikisyntax for the Monastery

Replies are listed 'Best First'.
Re^2: Efficient way to verify scalar contents
by x_stream3m (Initiate) on Jun 22, 2020 at 05:15 UTC

A little confused on the purpose of

```\$index= min( int(length /4), 5 )

It appears to be the index of the check based on length of the supplied password. You have 4 valid conditions that lead to additional checks; the 5th one is always invalid. Indexes 0, 1, 2, and 3 elements of the array of subroutine references he suggests will call the function appropriate for the length.
```    when (\$_ >= 8 && \$_ <= 11)     # \$index here is min( 2, 5), so 2
when (\$_ >= 12 && \$_ <= 15) {  # \$index here is min( 3, 5), so 3
when (\$_ >= 16 && \$_ <= 19) {  # \$index here is min( 4, 5), so 4
when (\$_ >= 20) {              # \$index here is min( 5+,5), so alw
+ays bounded at 5

TBH it's not clear enough to make great sense to me, but he appears to be suggesting that you put your ranges into buckets based on the formula he gave; for a length of 20 or more, you're always going to fall into bucket 5 (or perhaps element 3) of your array of checks. This is actually a pretty good way to determine a bucket, so then you can have an array of checks; or to make it more clear, a hash:
```my %check_dispatch = (
2 => sub { ... }, # or better, define in named subs and, => \&check1
+, etc
3 => sub { ... },
4 => sub { ... },
5 => sub { ... },
);

my \$pw = \$_;
my \$index = min( (length \$pw)/4, 5);
if (\$check_dispatch{\$index} and 'CODE' eq ref \$check_dispatch{\$index})
+ {
die if not \$check_dispatch{\$index}->(\$pw);
}
As I said it was pseudocode =)

I meant something like this:

```use strict;
use warnings;
use Data::Dump qw/pp dd/;
use List::Util qw/min/;

sub pw_not_ok {
my \$pw  = shift;

my \$short     =
sub { "is too short" };

my \$lowercase =
sub { /[a-z]/ ? "" : "has no lowercase character" };

my \$uppercase =
sub { /[A-Z]/ ? "" : "has no uppercase character" };  ### FIXED

my \$number =
sub { /[0-9]/ ? "" : "has no number" };

my \$special =
sub {
if (
/[\x21-\x2F]/ ||
/[\x3A-\x40]/ ||
/[\x5B-\x60]/ ||
/[\x7B-\x7E]/
) {
return "";
} else {
return "has no special characters";
}
};

my \$pass = sub {""};

my @rules_for_class =
(
[ \$short ],
[ \$short ],
[ \$lowercase, \$uppercase, \$number ,\$special ],
[ \$lowercase, \$uppercase, \$number           ],
[ \$lowercase, \$uppercase                    ],
[ \$pass ]
);

my \$len = length \$pw;

my \$idx = min(int(\$len/4),5);

for my \$rule ( @{ \$rules_for_class[\$idx] } ) {
\$_ = \$pw;
if ( my \$err = \$rule->() ) {
return \$err;
}
}
return;
}

# --------- Tests

for my \$pw (
"A" x 3 ,
"A" x 7 ,
"A" x 11,
"a" x 5 . "A" x 3,
"a" x 5 . "A" x 3 . "1",
"a" x 5 . "A" x 3 . "1" .":",
"a" x 24,
){
if ( my \$err = pw_not_ok(\$pw) ){
warn "ERROR: \$pw is \$err\n";
} else {
print "OK: \$pw\n"
}
}

```
ERROR: AAA is is too short
ERROR: AAAAAAA is is too short
ERROR: AAAAAAAAAAA is has no lowercase character
ERROR: aaaaaAAA is has no number
ERROR: aaaaaAAA1 is has no special characters
OK: aaaaaAAA1:
OK: aaaaaaaaaaaaaaaaaaaaaaaa

Cheers Rolf
(addicted to the Perl Programming Language :)
Wikisyntax for the Monastery

##### UPDATE

see Re^6: Efficient way to verify scalar contents

Though for the sake of readability I'd rather go for a hash of boundaries.

you may also want to limit the max length of your password.

```
use strict;
use warnings;
use Data::Dump qw/pp dd/;
use List::Util qw/min/;

sub pw_not_ok {
my \$pw  = shift;

my \$short     =
sub { "is too short" };

my \$lowercase =
sub { /[a-z]/ ? "" : "has no lowercase character" };

my \$uppercase =
sub { /[A-Z]/ ? "" : "has no uppercase character" };  ### UPDATE
+D

my \$number =
sub { /[0-9]/ ? "" : "has no number" };

my \$special =
sub {
if (
/[\x21-\x2F]/ ||
/[\x3A-\x40]/ ||
/[\x5B-\x60]/ ||
/[\x7B-\x7E]/
) {
return "";
} else {
return "has no special characters";
}
};

my \$pass = sub {""};

my %rules_by_max_length =
(
7 =>  [ \$short ],
11 => [ \$lowercase, \$uppercase, \$number ,\$special ],
15 => [ \$lowercase, \$uppercase, \$number           ],
19 => [ \$lowercase, \$uppercase                    ],
50 => [ \$pass ]
);

my \$len = length \$pw;

return "too long" if \$len >= 50;

my @boundaries = sort { \$a <=> \$b } keys %rules_by_max_length;

for my \$boundary ( @boundaries ) {
next if \$len > \$boundary;
my \$rules = \$rules_by_max_length{\$boundary};

for my \$rule ( @\$rules ) {
\$_ = \$pw;
if ( my \$err = \$rule->() ) {
return \$err;
}
}
}
return;
}

# --------- Tests

for my \$pw (
"A" x 3 ,
"A" x 7 ,
"A" x 11,
"a" x 5 . "A" x 3,
"a" x 5 . "A" x 3 . "1",
"a" x 5 . "A" x 3 . "1" .":",
"a" x 24,
"a" x 100,
){
if ( my \$err = pw_not_ok(\$pw) ){
warn "ERROR: \$pw is \$err\n";
} else {
print "OK: \$pw\n"
}
}

```ERROR: AAA is is too short
ERROR: AAAAAAA is is too short
ERROR: AAAAAAAAAAA is has no lowercase character
ERROR: aaaaaAAA is has no number
ERROR: aaaaaAAA1 is has no special characters
ERROR: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
+aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa is too long
OK: aaaaaAAA1:
OK: aaaaaaaaaaaaaaaaaaaaaaaa