schuledaniel/ausbildungschule
2
0
Fork 0
Code Activity

Files from 27-03-26: Password Hashing and checks for password stregnth

Browse Source
This commit is contained in:
Daniel
2026-03-27 08:14:22 +01:00
parent 9238cba6f3
commit 39c8234b6d
3 changed files with 65 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
Zweites Jahr/README.md
View File

@@ -7,6 +7,10 @@ Wichtige Informationen
- Wird eventuell nie aktuell sein. - Wird eventuell nie aktuell sein.
- Stundenplan - [Link](https://wvss-mannheim.webuntis.com/WebUntis/?school=wvss-mannheim#/basic/timetablePublic/class?entityId=2583) - Stundenplan - [Link](https://wvss-mannheim.webuntis.com/WebUntis/?school=wvss-mannheim#/basic/timetablePublic/class?entityId=2583)
## 27-03-26 - PHP (Unterrichts Projekt)
- Registrierung weiter gemacht
- Passwort checks
- Passwort hashing
## 25-03-26 - PHP (Unterrichts Projekt) ## 25-03-26 - PHP (Unterrichts Projekt)
- Registrierung gemacht - Registrierung gemacht

47
Zweites Jahr/unterrichts_projekt/portal/functions.php Normal file
View File

@@ -0,0 +1,47 @@
<?php
/**
* Check password strength (1/2)
* @param string $password password to check
* @return bool - true or false
*/
function isStrongPassword(string $password): bool
{
// min. 8 Zeichen, 1 Kleinbuchstabe, 1 Großbuchstabe, 1 Zahl, 1 Sonderzeichen
return (bool) preg_match(
'/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[^a-zA-Z0-9]).{8,}$/',
$password
);
}
/**
* Check password strength (2/2)
* @param string $password password to check
* @return bool - true or false
*/
function checkPasswordStrength(string $password): bool {
$strength = 0;
//check length
$length = strlen($password);
if($length >= 8) $strength++;
//check if caps
if(preg_match('/[A-Z]/', $password)) $strength++;
//check if lower cases
if(preg_match('/[a-z]/', $password)) $strength++;
//check if numbers
if(preg_match('/[0-9]/', $password)) $strength++;
//check if spec. chars
if(preg_match('/[^a-zA-Z0-9]/', $password)) $strength++;
return($strength >= 5);
}

15
Zweites Jahr/unterrichts_projekt/portal/register.php
View File

@@ -14,8 +14,11 @@
</form> </form>
</body> </body>
</html> </html>
<?php <?php
require_once '../inc/db_connection_function.php'; require_once '../inc/db_connection_function.php';
require_once 'functions.php';
$dbh = db_connect(); $dbh = db_connect();
$errors = ''; $errors = '';
@@ -24,6 +27,12 @@ if(!empty($_REQUEST)) { // Button wurde gedrückt?
$email = $_REQUEST['email']; $email = $_REQUEST['email'];
$pw = $_REQUEST['pw']; $pw = $_REQUEST['pw'];
if(isStrongPassword($pw)){ // hier kann man die gegeben Funktion nutzen oder "checkPAsswordStrength" (aus functions.php)
$pw = password_hash($pw, PASSWORD_DEFAULT);
} else {
$errors .= "Passwort zu schwach!<br>";
}
$query = "INSERT INTO user VALUES (NULL, :email, :pw)"; $query = "INSERT INTO user VALUES (NULL, :email, :pw)";
$stmt = $dbh->prepare($query); $stmt = $dbh->prepare($query);
@@ -36,13 +45,17 @@ if(!empty($_REQUEST)) { // Button wurde gedrückt?
$errMsg = $e->getMessage(); $errMsg = $e->getMessage();
$errCode = $e->getCode(); $errCode = $e->getCode();
echo $e;
switch($errCode) { switch($errCode) {
case "23000": $custErrMsg = "<p>Email-Adress already exists!</p>"; break; case "23000": $custErrMsg = "<p>Email-Adress already exists!</p>"; break;
default: $custErrMsg = "<p>Oooops, something went wrong!</p>"; default: $custErrMsg = "<p>Oooops, something went wrong!</p>";
} }
echo $custErrMsg; echo $custErrMsg;
} }
} } else {
$errors .= "Beide Felder müssen ausgefüllt werden<br>";
} // Ende Felder müssen ausgefüllt werden.
} }