Consecutive constraint's regex doesn't work. [#2127421]

Comment	File	Size	Author
#6	password_policy-consecutive_regex-2127421-6.patch	2.14 KB	jsagotsky

Comment #1

jsagotsky CreditAttribution: jsagotsky commented 5 November 2013 at 16:32

New issue queue keeps eating my patch. Here's a link instead. https://gist.github.com/sagotsky/7321750

(Not that this helps drush make...)

Log in or register to post comments

Comment #2

erikwebb CreditAttribution: erikwebb commented 27 November 2013 at 15:23

How does the consecutive constraint test pass if this is an issue? Should we update that test to use "2" as the count as well?

Log in or register to post comments

Comment #3

erikwebb CreditAttribution: erikwebb commented 27 November 2013 at 15:29

Version:

7.x-2.0-alpha1

» 7.x-2.x-dev

Log in or register to post comments

Comment #4

jsagotsky CreditAttribution: jsagotsky commented 27 November 2013 at 15:52

erikwebb,

Yeah, it looks like the test needs an update. I wrote a quick script to mimic the test with the original and patched patterns.


// mimic psasword_policy's test cases

$constraint = 2;

$patterns = array(
  'original' => '/(.)[\1]{'.($constraint-1).'}/',   
  'patched' => '/(.)\1{'.($constraint-1).'}/',     
);

foreach ($patterns as $label => $pattern) {
  foreach (array('', 'a', 'ab', 'aba', 'aab', 'aaab') as $password) {
    $status = (!preg_match($pattern, $password)) ? 'pass' : 'fail';
    print "$label '$password' $status \n";
  }
}

Results are identical when the constraint is 1. When I up it to 2, the original pattern lets through 'aab' and 'aaab'.