SlideShare une entreprise Scribd logo

Java Regular Expression PART II

Abdul Rahman Sherzad
Abdul Rahman Sherzad

This presentation explores and discusses the practical and useful of Regular Expressions covering username validation, complex and strong password validation, password strength checker, email validation, and finally image file extension validation.

Formation
1  sur  25
Télécharger pour lire hors ligne
» Validation » » » » » https://www.facebook.com/Oxus20 oxus20@gmail.com Username Validation Complex and Strong Password Validation Password Strength Checker Email Address Validation Image File Extension Validation Java Regular Expression PART II Abdul Rahman Sherzad
Agenda » Overview » Username Validation » Strong and Complex Password Validation » Password Strength Checker » Email Address Validation » Image File Extension Validation 2 https://www.facebook.com/Oxus20
Regular Expressions » PART I ˃ http://www.slideshare.net/absherzad/java-regular-expression-part-I » Regular Expression is not a programming language, it is the art of the programing » Regular Expression initially is hard to debug , learn and understand, but its powers and magic still attract many developers using Regular Expression. » Let's explore and discuss the following practical and useful Regular Expressions. 3 https://www.facebook.com/Oxus20
1. Username Validation » Whenever you are developing an application that requires authentication, in most cases, the users should provide a username among other credentials information. » Common pattern for username that is widely use is as follow: ˃ 3 to 15 characters in length ˃ with any lower case character, digit or special symbol underscore "_", hyphen "-" and dot "." only. https://www.facebook.com/Oxus20 4
1. Username Validation Pattern ^[a-z0-9._-]{3,15}$ Description ^ Start of the line [a-z0-9._-] Match characters and symbols in the list, a-z, 0-9, underscore, hyphen and dot. {3,15} Minimum 3 characters and maximum of 15 of characters in length $ End of the line 5 https://www.facebook.com/Oxus20
1. Username Validation Example import java.util.regex.Pattern; public class UsernameValidator { private Pattern pattern; private static final String USERNAME_PATTERN = "^[a-z0-9._-]{3,15}$"; public UsernameValidator() { pattern = Pattern.compile(USERNAME_PATTERN); } public boolean validate(final String username) { return pattern.matcher(username).matches(); } } 6 https://www.facebook.com/Oxus20
1. Username Validation Demo public class UsernameValidatorDemo { public static void main(String[] args) { UsernameValidator validator = new UsernameValidator(); System.out.println(validator.validate("absherzad")); System.out.println(validator.validate("ab.sherzad")); System.out.println(validator.validate("ab-sherzad")); System.out.println(validator.validate("ab_sherzad")); System.out.println(validator.validate("oxus20")); System.out.println(validator.validate("ars")); System.out.println(validator.validate("Absherzad")); System.out.println(validator.validate("ab sherzad")); System.out.println(validator.validate("ab")); System.out.println(validator.validate("abdulrahmansherzad")); //true //true //true //true //true //true //false //false //false //false } } 7 https://www.facebook.com/Oxus20
2. Password Complexity Validation » Strong and complex passwords are really important to stop unauthorized access to your electronic accounts i.e. Facebook, Gmail, Yahoo, etc. and devices i.e. PC, Smartphone, etc. » The purpose of choosing a password is to make it as difficult as possible for an intruder to identify your password, whether by guesses or automated attacks. » Following rules are advised ˃ ˃ ˃ ˃ be at least 8 but no more than 50 characters in length use both UPPER CASE and lower case letters include at least one number punctuation mark (allowed symbols are: ! # $ @ _ + , ? . - ); 8 https://www.facebook.com/Oxus20
2. Password Validation Pattern ((?=.*d)(?=.*[a-z])(?=.*[A-Z])(?=.*[!.#$@_+,?-]).{8,50}) Description ( Start of group (?=.*d) must contains one digit from 0-9 (?=.*[a-z]) must contains one lowercase characters (?=.*[A-Z]) must contains one uppercase characters (?=.*[!.#$@_+,?-]) must contains one special symbols in the list "!.#$@_+,?-" . match anything with previous condition checking {8,50} length at least 8 characters and maximum of 50 ) End of group 9 https://www.facebook.com/Oxus20
2. Password Validation Example import java.util.regex.Pattern; public class PasswordValidator { private Pattern pattern; private static final String PASSWORD_PATTERN = "((?=.*d)(?=.*[a-z])(?=.*[A-Z])(?=.*[!.#$@_+,?-]).{8,50})"; public PasswordValidator() { pattern = Pattern.compile(PASSWORD_PATTERN); } public boolean validate(final String password) { return pattern.matcher(password).matches(); } } 10 https://www.facebook.com/Oxus20
2. Password Validation Demo public class PasswordValidatorDemo { public static void main(String[] args) { PasswordValidator validator = new PasswordValidator(); System.out.println(validator.validate("Oxus20.2014")); // true System.out.println(validator.validate("Oxus.20_14")); // true System.out.println(validator.validate("OXUS20@Herat")); // true System.out.println(validator.validate("Oxus20@2014")); // true System.out.println(validator.validate("Oxus202014")); // false System.out.println(validator.validate("Oxus20")); // false System.out.println(validator.validate("Oxus@20")); // false System.out.println(validator.validate("Oxus20@")); // false } } 11 https://www.facebook.com/Oxus20
3. Password Strength Checker » In the previous example I discussed and explained, how to validate Strong and Complex Passwords. » But that was one side of the coin! I mean, that example was for keeping the user accounts secure against intruder to identify the users password, whether by guesses or automated attacks. » As a programmer and developer; you have to make sure while user registration is happening you inform the one who types about the password quality and strength. You can provide dynamic feedback as user types! https://www.facebook.com/Oxus20 12
3. Password Strength Checker Pattern Description [A-Za-z0-9!.#$@_+,?-]{8,50} Checking valid characters and length for password .*[a-z]+.* Checking for existence of lower case letter .*[A-Z].* Checking for existence of upper case letter .*[0-9]+. Checking for existence of number .*[!.#$@_+,?-]+.* Checking for existence of symbol 13 https://www.facebook.com/Oxus20
3. Password Strength Checker Example public class PasswordStrengthChecker { public static String checkPasswordStrength(String password) { String msg = "Your Password is too weak!"; int strength = 0; String lowerCaseCheck = ".*[a-z]+.*"; String upperCaseCheck = ".*[A-Z].*"; String numberExistenceCheck = ".*[0-9]+.*"; String symbolExistenceCheck = ".*[!.#$@_+,?-]+.*"; String validPassword = "[A-Za-z0-9!.#$@_+,?-]{8,50}"; // checking valid characters and length for password if (password.matches(validPassword)) { // checking for existence of upper case letter if (password.matches(upperCaseCheck)) strength += 4; https://www.facebook.com/Oxus20 14
// checking for existence of lower case letter if (password.matches(lowerCaseCheck)) strength += 4; // checking for existence of number if (password.matches(numberExistenceCheck)) strength += 4; // checking for existence of symbol if (password.matches(symbolExistenceCheck)) strength += 4; if (strength >= 16) { msg = "Your Password is Very Strong!"; } else if (strength >= 12) { msg = "Your Password is Strong!"; } else if (strength >= 8) { msg = "Your Password is Normal!"; } else if (strength >= 4) { msg = "Your Password is weak!"; } else { msg = "Your Password is too weak!"; } } return msg; } 15 } https://www.facebook.com/Oxus20
3. Password Strength Checker Demo public class PasswordStrengthCheckerDemo { public static void main(String[] args) { // Your Password is too weak! System.out.println(PasswordStrengthChecker.checkPasswordStrength("1234")); // Your Password is Normal! System.out.println(PasswordStrengthChecker.checkPasswordStrength("OXUS201234")); // Your Password is Strong! System.out.println(PasswordStrengthChecker.checkPasswordStrength("OXUS20_2014")); // Your Password is Very Strong! System.out.println(PasswordStrengthChecker.checkPasswordStrength("Oxus20_2014")); } } 16 https://www.facebook.com/Oxus20
4. Email Address Validation » Email validation is a very common requirement and necessity in many applications and it can be a tricky task. » Basically the main policy for email format would be as follow: ˃ Start with characters, digits or '_', and '-' symbols ˃ The above group can be followed with a '.' and the same pattern as the first group. ˃ Then it must have exactly one '@' character. ˃ The domain name must start with characters, digits and the '-' character. ˃ Then it must be followed by a '.'. ˃ After the '.' you can have characters and digits. ˃ Optionally you can have a second level Top Level Domain that can start with a '.' and the contain only characters. 17 https://www.facebook.com/Oxus20
4. Email Address Validation Pattern ^[_A-Za-z0-9-]+(.[_A-Za-z0-9-]+)*@[A-Za-z0-9-]+(.[A-Za-z0-9]+)*(.[A-Za-z]{2,})$ Description ^ start of the line [_A-Za-z0-9-]+ must start with string in the bracket [ ], must contains one or more group #1 (optional) follow by a dot "." and string in the bracket [ ], must contains one or more must contains a "@" symbol (.[_A-Za-z0-9-]+)* @ [A-Za-z0-9-]+ (.[A-Za-z0-9]+)* (.[A-Za-z]{2,}) $ follow by string in the bracket [ ], must contains one or more group #2 (optional) follow by a dot "." and string in the bracket [ ], must contains one or more (+) group #3 follow by a dot "." and string in the bracket [ ], with minimum length of 2 end of the line 18 https://www.facebook.com/Oxus20
4. Email Address Validation Example import java.util.regex.Pattern; public class EmailValidator { private Pattern pattern; private static final String EMAIL_PATTERN = "^[_A-Za-z0-9-]+(.[_A-Zaz0-9-]+)*@"[A-Za-z0-9-]+(.[A-Za-z0-9]+)*(.[A-Za-z]{2,})$"; public EmailValidator() { pattern = Pattern.compile(EMAIL_PATTERN); } public boolean validate(final String email) { return pattern.matcher(email).matches(); } } 19 https://www.facebook.com/Oxus20
4. Email Address Validation Demo public class EmailValidatorDemo { public static void main(String[] args) { EmailValidator validator = new EmailValidator(); System.out.println(validator.validate("oxus20@gmail.com")); // true System.out.println(validator.validate("absherzad@gmail.com")); // true System.out.println(validator.validate("absherzad@hu.edu.af")); // true System.out.println(validator.validate("first_name.last_name@domain.com")); // true System.out.println(validator.validate("Oxus20@")); // false System.out.println(validator.validate("Oxus20@gmail")); // false System.out.println(validator.validate("Oxus20@gmail.")); // false System.out.println(validator.validate("Oxus20@gmail.c")); // false } } 20 https://www.facebook.com/Oxus20
5. Image File Extension Validation » Now I are going to explain and demonstrate how to validate image file format with Java Regular Expressions. » This is very beneficial for instance when you create an image uploader application and you want to make sure that the users don't upload an illegal file. » Of course this is one of many countermeasures you should consider. The basic policy about the format of image file is as follow: ˃ It should begin with a string of a least one character and not a white space. ˃ It must then be followed by dot '.'. ˃ And finally it should have one of the following file extensions i.e. jpg, jpeg, gif, png, bmp. ˃ Extension is not Case Sensitive https://www.facebook.com/Oxus20 21
5. Image File Extension Pattern ([^s]+(.(?i)(jpg|jpeg|gif|png|bmp))$) Description ( [^s]+ ( . (?i) (jpg|jpeg|gif|png|bmp) ) $ ) Start of group #1 Must contains one or more anything (except white space) Start of group #2 Follow by a dot '.' Ignore the case sensitive checking for the following characters Group #3 check that contains extension of "jpg" or "jpeg" or "gif", "png" or "bmp". End of the group #2 End of the string End of the group #1 22 https://www.facebook.com/Oxus20
5. Image File Extension Example import java.util.regex.Pattern; public class ImageFileExtensionValidator { private Pattern pattern; private static final String IMAGE_PATTERN = "([^s]+(.(?i)(jpg|jpeg|gif|png|bmp))$)"; public ImageFileExtensionValidator() { pattern = Pattern.compile(IMAGE_PATTERN); } public boolean validate(final String image_name) { return pattern.matcher(image_name).matches(); } } 23 https://www.facebook.com/Oxus20
5. Image File Extension Demo public class ImageFileExtensionValidatorDemo { public static void main(String[] args) { ImageFileExtensionValidator validator = new ImageFileExtensionValidator(); System.out.println(validator.validate("oxus20.jpg"));// true System.out.println(validator.validate("oxus20.JPG"));// true System.out.println(validator.validate("OXUS20.jpeg"));// true System.out.println(validator.validate("oxus20.JPg"));// true System.out.println(validator.validate("oxus.png"));// true System.out.println(validator.validate("oxus.Bmp"));// true System.out.println(validator.validate(".jpg"));// false System.out.println(validator.validate("jpg"));// false System.out.println(validator.validate("oxus20"));// false } } 24 https://www.facebook.com/Oxus20
END 25 https://www.facebook.com/Oxus20

Recommandé

Information Security Engineering
Information Security EngineeringInformation Security Engineering
Information Security Engineering
Md. Hasan Basri (Angel)
 
Report of Student management system
Report of Student management systemReport of Student management system
Report of Student management system
1amitgupta
 
Secure Coding in C/C++
Secure Coding in C/C++Secure Coding in C/C++
Secure Coding in C/C++
Dan-Claudiu Dragoș
 
PACE-IT, Security+1.1: Introduction to Network Devices (part 2)
PACE-IT, Security+1.1: Introduction to Network Devices (part 2)PACE-IT, Security+1.1: Introduction to Network Devices (part 2)
PACE-IT, Security+1.1: Introduction to Network Devices (part 2)
Pace IT at Edmonds Community College
 
Introduction to Web Server Security
Introduction to Web Server SecurityIntroduction to Web Server Security
Introduction to Web Server Security
JITENDRA KUMAR PATEL
 
Trusted systems1
Trusted systems1Trusted systems1
Trusted systems1
Sumita Das
 
Web-servers & Application Hacking
Web-servers & Application HackingWeb-servers & Application Hacking
Web-servers & Application Hacking
Raghav Bisht
 
Understanding and Preventing Layer 2 Attacks
Understanding and Preventing Layer 2 AttacksUnderstanding and Preventing Layer 2 Attacks
Understanding and Preventing Layer 2 Attacks
Tien Dung
 

Recommandé

Information Security Engineering
Information Security EngineeringInformation Security Engineering
Information Security Engineering
Md. Hasan Basri (Angel)
 
Report of Student management system
Report of Student management systemReport of Student management system
Report of Student management system
1amitgupta
 
Secure Coding in C/C++
Secure Coding in C/C++Secure Coding in C/C++
Secure Coding in C/C++
Dan-Claudiu Dragoș
 
PACE-IT, Security+1.1: Introduction to Network Devices (part 2)
PACE-IT, Security+1.1: Introduction to Network Devices (part 2)PACE-IT, Security+1.1: Introduction to Network Devices (part 2)
PACE-IT, Security+1.1: Introduction to Network Devices (part 2)
Pace IT at Edmonds Community College
 
Introduction to Web Server Security
Introduction to Web Server SecurityIntroduction to Web Server Security
Introduction to Web Server Security
JITENDRA KUMAR PATEL
 
Trusted systems1
Trusted systems1Trusted systems1
Trusted systems1
Sumita Das
 
Web-servers & Application Hacking
Web-servers & Application HackingWeb-servers & Application Hacking
Web-servers & Application Hacking
Raghav Bisht
 
Understanding and Preventing Layer 2 Attacks
Understanding and Preventing Layer 2 AttacksUnderstanding and Preventing Layer 2 Attacks
Understanding and Preventing Layer 2 Attacks
Tien Dung
 
Ssh (The Secure Shell)
Ssh (The Secure Shell)Ssh (The Secure Shell)
Ssh (The Secure Shell)
Mehedi Farazi
 
Insecure Java Deserialization
Insecure Java DeserializationInsecure Java Deserialization
Insecure Java Deserialization
Shiv Sahni
 
DBMS
DBMS DBMS
DBMS
PrateekBisht18
 
Ch03 Network and Computer Attacks
Ch03 Network and Computer AttacksCh03 Network and Computer Attacks
Ch03 Network and Computer Attacks
phanleson
 
Ssh
SshSsh
Ssh
Raghu nath
 
User id installation and configuration
User id installation and configurationUser id installation and configuration
User id installation and configuration
Alberto Rivai
 
CNIT 123 8: Desktop and Server OS Vulnerabilities
CNIT 123 8: Desktop and Server OS VulnerabilitiesCNIT 123 8: Desktop and Server OS Vulnerabilities
CNIT 123 8: Desktop and Server OS Vulnerabilities
Sam Bowne
 
Syllabus for Cyber security and Ethical Hacking
Syllabus for Cyber security and Ethical HackingSyllabus for Cyber security and Ethical Hacking
Syllabus for Cyber security and Ethical Hacking
Mehedi Hasan
 
Web security
Web securityWeb security
Web security
Muhammad Usman
 
Watering hole attacks detect the undetectable
Watering hole attacks detect the undetectableWatering hole attacks detect the undetectable
Watering hole attacks detect the undetectable
PaladionNetworks01
 
SQL injection
SQL injectionSQL injection
SQL injection
Raj Parmar
 
Secure Socket Layer (SSL)
Secure Socket Layer (SSL)Secure Socket Layer (SSL)
Secure Socket Layer (SSL)
Samip jain
 
Computer And Internet Security
Computer And Internet SecurityComputer And Internet Security
Computer And Internet Security
JFashant
 
Students record keeping system
Students record keeping systemStudents record keeping system
Students record keeping system
Mia Manik
 
Security Design Principles.ppt
Security Design Principles.ppt Security Design Principles.ppt
Security Design Principles.ppt
DrBasemMohamedElomda
 
E-Mail Forensics
E-Mail ForensicsE-Mail Forensics
E-Mail Forensics
BGA Cyber Security
 
User Expert forum Wildfire configuration
User Expert forum Wildfire configurationUser Expert forum Wildfire configuration
User Expert forum Wildfire configuration
Alberto Rivai
 
Password cracking and brute force
Password cracking and brute forcePassword cracking and brute force
Password cracking and brute force
vishalgohel12195
 
Active directory
Active directory Active directory
Active directory
deshvikas
 
System security
System securitySystem security
System security
sommerville-videos
 
Java Regular Expression PART I
Java Regular Expression PART IJava Regular Expression PART I
Java Regular Expression PART I
Abdul Rahman Sherzad
 
validation-of-email-addresses-collected-offline
validation-of-email-addresses-collected-offlinevalidation-of-email-addresses-collected-offline
validation-of-email-addresses-collected-offline
Kenscio Digital Marketing Pvt Ltd
 

Contenu connexe

Tendances

Syllabus for Cyber security and Ethical Hacking
Syllabus for Cyber security and Ethical HackingSyllabus for Cyber security and Ethical Hacking
Syllabus for Cyber security and Ethical Hacking
Mehedi Hasan
 
Computer And Internet Security
Computer And Internet SecurityComputer And Internet Security
Computer And Internet Security
JFashant
 
Active directory
Active directory Active directory
Active directory
deshvikas
 

Tendances (20)

Ssh (The Secure Shell)
Ssh (The Secure Shell)Ssh (The Secure Shell)
Ssh (The Secure Shell)
 
Insecure Java Deserialization
Insecure Java DeserializationInsecure Java Deserialization
Insecure Java Deserialization
 
DBMS
DBMS DBMS
DBMS
 
Ch03 Network and Computer Attacks
Ch03 Network and Computer AttacksCh03 Network and Computer Attacks
Ch03 Network and Computer Attacks
 
Ssh
SshSsh
Ssh
 
User id installation and configuration
User id installation and configurationUser id installation and configuration
User id installation and configuration
 
CNIT 123 8: Desktop and Server OS Vulnerabilities
CNIT 123 8: Desktop and Server OS VulnerabilitiesCNIT 123 8: Desktop and Server OS Vulnerabilities
CNIT 123 8: Desktop and Server OS Vulnerabilities
 
Syllabus for Cyber security and Ethical Hacking
Syllabus for Cyber security and Ethical HackingSyllabus for Cyber security and Ethical Hacking
Syllabus for Cyber security and Ethical Hacking
 
Web security
Web securityWeb security
Web security
 
Watering hole attacks detect the undetectable
Watering hole attacks detect the undetectableWatering hole attacks detect the undetectable
Watering hole attacks detect the undetectable
 
SQL injection
SQL injectionSQL injection
SQL injection
 
Secure Socket Layer (SSL)
Secure Socket Layer (SSL)Secure Socket Layer (SSL)
Secure Socket Layer (SSL)
 
Computer And Internet Security
Computer And Internet SecurityComputer And Internet Security
Computer And Internet Security
 
Students record keeping system
Students record keeping systemStudents record keeping system
Students record keeping system
 
Security Design Principles.ppt
Security Design Principles.ppt Security Design Principles.ppt
Security Design Principles.ppt
 
E-Mail Forensics
E-Mail ForensicsE-Mail Forensics
E-Mail Forensics
 
User Expert forum Wildfire configuration
User Expert forum Wildfire configurationUser Expert forum Wildfire configuration
User Expert forum Wildfire configuration
 
Password cracking and brute force
Password cracking and brute forcePassword cracking and brute force
Password cracking and brute force
 
Active directory
Active directory Active directory
Active directory
 
System security
System securitySystem security
System security
 

En vedette

Regular Expressions 101
Regular Expressions 101Regular Expressions 101
Regular Expressions 101
Raj Rajandran
 

En vedette (10)

Java Regular Expression PART I
Java Regular Expression PART IJava Regular Expression PART I
Java Regular Expression PART I
 
validation-of-email-addresses-collected-offline
validation-of-email-addresses-collected-offlinevalidation-of-email-addresses-collected-offline
validation-of-email-addresses-collected-offline
 
Email Validation
Email ValidationEmail Validation
Email Validation
 
Regular Expression
Regular ExpressionRegular Expression
Regular Expression
 
Javascript
JavascriptJavascript
Javascript
 
Regular expression (compiler)
Regular expression (compiler)Regular expression (compiler)
Regular expression (compiler)
 
Introduction to Regular Expressions
Introduction to Regular ExpressionsIntroduction to Regular Expressions
Introduction to Regular Expressions
 
Regular Expressions
Regular ExpressionsRegular Expressions
Regular Expressions
 
Regular Expressions 101
Regular Expressions 101Regular Expressions 101
Regular Expressions 101
 
Java script
Java scriptJava script
Java script
 

Similaire à Java Regular Expression PART II

A Brief Introduction in SQL Injection
A Brief Introduction in SQL InjectionA Brief Introduction in SQL Injection
A Brief Introduction in SQL Injection
Sina Manavi
 
Secure Dot Net Programming
Secure Dot Net ProgrammingSecure Dot Net Programming
Secure Dot Net Programming
Adam Getchell
 
External Data Access with jQuery
External Data Access with jQueryExternal Data Access with jQuery
External Data Access with jQuery
Doncho Minkov
 
12-security.ppt - PHP and Arabic Language - Index
12-security.ppt - PHP and Arabic Language - Index12-security.ppt - PHP and Arabic Language - Index
12-security.ppt - PHP and Arabic Language - Index
webhostingguy
 

Similaire à Java Regular Expression PART II (20)

GCSECS-DefensiveDesign.pptx
GCSECS-DefensiveDesign.pptxGCSECS-DefensiveDesign.pptx
GCSECS-DefensiveDesign.pptx
 
PHP Form Validation Technique
PHP Form Validation TechniquePHP Form Validation Technique
PHP Form Validation Technique
 
SQL Injection
SQL Injection SQL Injection
SQL Injection
 
Session4-Authentication
Session4-AuthenticationSession4-Authentication
Session4-Authentication
 
Web Technology Lab File
Web Technology Lab FileWeb Technology Lab File
Web Technology Lab File
 
A Brief Introduction in SQL Injection
A Brief Introduction in SQL InjectionA Brief Introduction in SQL Injection
A Brief Introduction in SQL Injection
 
How did i steal your database
How did i steal your databaseHow did i steal your database
How did i steal your database
 
Front-End Dev Tools
Front-End Dev ToolsFront-End Dev Tools
Front-End Dev Tools
 
User authentication module using php
User authentication module using phpUser authentication module using php
User authentication module using php
 
Secure Dot Net Programming
Secure Dot Net ProgrammingSecure Dot Net Programming
Secure Dot Net Programming
 
Mysql
MysqlMysql
Mysql
 
The Evolution of Selectors
The Evolution of SelectorsThe Evolution of Selectors
The Evolution of Selectors
 
Cracking for the Blue Team
Cracking for the Blue TeamCracking for the Blue Team
Cracking for the Blue Team
 
Web Security Mistakes: Trusting The Client
Web Security Mistakes: Trusting The ClientWeb Security Mistakes: Trusting The Client
Web Security Mistakes: Trusting The Client
 
Asp
AspAsp
Asp
 
External Data Access with jQuery
External Data Access with jQueryExternal Data Access with jQuery
External Data Access with jQuery
 
Sq li
Sq liSq li
Sq li
 
Web Security
Web SecurityWeb Security
Web Security
 
D:\Technical\Ppt\Sql Injection
D:\Technical\Ppt\Sql InjectionD:\Technical\Ppt\Sql Injection
D:\Technical\Ppt\Sql Injection
 
12-security.ppt - PHP and Arabic Language - Index
12-security.ppt - PHP and Arabic Language - Index12-security.ppt - PHP and Arabic Language - Index
12-security.ppt - PHP and Arabic Language - Index
 

Plus de Abdul Rahman Sherzad

Data is the Fuel of Organizations: Opportunities and Challenges in Afghanistan
Data is the Fuel of Organizations: Opportunities and Challenges in AfghanistanData is the Fuel of Organizations: Opportunities and Challenges in Afghanistan
Data is the Fuel of Organizations: Opportunities and Challenges in Afghanistan
Abdul Rahman Sherzad
 
Applicability of Educational Data Mining in Afghanistan: Opportunities and Ch...
Applicability of Educational Data Mining in Afghanistan: Opportunities and Ch...Applicability of Educational Data Mining in Afghanistan: Opportunities and Ch...
Applicability of Educational Data Mining in Afghanistan: Opportunities and Ch...
Abdul Rahman Sherzad
 
Web Application Security and Awareness
Web Application Security and AwarenessWeb Application Security and Awareness
Web Application Security and Awareness
Abdul Rahman Sherzad
 
Database Automation with MySQL Triggers and Event Schedulers
Database Automation with MySQL Triggers and Event SchedulersDatabase Automation with MySQL Triggers and Event Schedulers
Database Automation with MySQL Triggers and Event Schedulers
Abdul Rahman Sherzad
 
Mobile Score Notification System
Mobile Score Notification SystemMobile Score Notification System
Mobile Score Notification System
Abdul Rahman Sherzad
 
Evaluation of Existing Web Structure of Afghan Universities
Evaluation of Existing Web Structure of Afghan UniversitiesEvaluation of Existing Web Structure of Afghan Universities
Evaluation of Existing Web Structure of Afghan Universities
Abdul Rahman Sherzad
 

Plus de Abdul Rahman Sherzad (20)

Data is the Fuel of Organizations: Opportunities and Challenges in Afghanistan
Data is the Fuel of Organizations: Opportunities and Challenges in AfghanistanData is the Fuel of Organizations: Opportunities and Challenges in Afghanistan
Data is the Fuel of Organizations: Opportunities and Challenges in Afghanistan
 
PHP Unicode Input Validation Snippets
PHP Unicode Input Validation SnippetsPHP Unicode Input Validation Snippets
PHP Unicode Input Validation Snippets
 
Iterations and Recursions
Iterations and RecursionsIterations and Recursions
Iterations and Recursions
 
Sorting Alpha Numeric Data in MySQL
Sorting Alpha Numeric Data in MySQLSorting Alpha Numeric Data in MySQL
Sorting Alpha Numeric Data in MySQL
 
PHP Variable variables Examples
PHP Variable variables ExamplesPHP Variable variables Examples
PHP Variable variables Examples
 
Cross Join Example and Applications
Cross Join Example and ApplicationsCross Join Example and Applications
Cross Join Example and Applications
 
Applicability of Educational Data Mining in Afghanistan: Opportunities and Ch...
Applicability of Educational Data Mining in Afghanistan: Opportunities and Ch...Applicability of Educational Data Mining in Afghanistan: Opportunities and Ch...
Applicability of Educational Data Mining in Afghanistan: Opportunities and Ch...
 
Web Application Security and Awareness
Web Application Security and AwarenessWeb Application Security and Awareness
Web Application Security and Awareness
 
Database Automation with MySQL Triggers and Event Schedulers
Database Automation with MySQL Triggers and Event SchedulersDatabase Automation with MySQL Triggers and Event Schedulers
Database Automation with MySQL Triggers and Event Schedulers
 
Mobile Score Notification System
Mobile Score Notification SystemMobile Score Notification System
Mobile Score Notification System
 
Herat Innovation Lab 2015
Herat Innovation Lab 2015Herat Innovation Lab 2015
Herat Innovation Lab 2015
 
Evaluation of Existing Web Structure of Afghan Universities
Evaluation of Existing Web Structure of Afghan UniversitiesEvaluation of Existing Web Structure of Afghan Universities
Evaluation of Existing Web Structure of Afghan Universities
 
PHP Basic and Fundamental Questions and Answers with Detail Explanation
PHP Basic and Fundamental Questions and Answers with Detail ExplanationPHP Basic and Fundamental Questions and Answers with Detail Explanation
PHP Basic and Fundamental Questions and Answers with Detail Explanation
 
Java Applet and Graphics
Java Applet and GraphicsJava Applet and Graphics
Java Applet and Graphics
 
Fundamentals of Database Systems Questions and Answers
Fundamentals of Database Systems Questions and AnswersFundamentals of Database Systems Questions and Answers
Fundamentals of Database Systems Questions and Answers
 
Everything about Database JOINS and Relationships
Everything about Database JOINS and RelationshipsEverything about Database JOINS and Relationships
Everything about Database JOINS and Relationships
 
Create Splash Screen with Java Step by Step
Create Splash Screen with Java Step by StepCreate Splash Screen with Java Step by Step
Create Splash Screen with Java Step by Step
 
Fal-e-Hafez (Omens of Hafez) Cards in Persian using Java
Fal-e-Hafez (Omens of Hafez) Cards in Persian using JavaFal-e-Hafez (Omens of Hafez) Cards in Persian using Java
Fal-e-Hafez (Omens of Hafez) Cards in Persian using Java
 
Web Design and Development Life Cycle and Technologies
Web Design and Development Life Cycle and TechnologiesWeb Design and Development Life Cycle and Technologies
Web Design and Development Life Cycle and Technologies
 
Java Virtual Keyboard Using Robot, Toolkit and JToggleButton Classes
Java Virtual Keyboard Using Robot, Toolkit and JToggleButton ClassesJava Virtual Keyboard Using Robot, Toolkit and JToggleButton Classes
Java Virtual Keyboard Using Robot, Toolkit and JToggleButton Classes
 

Dernier

Salient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsSalient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functions
KarakKing
 
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
ZurliaSoop
 

Dernier (20)

Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
Graduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - EnglishGraduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - English
 
Micro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfMicro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdf
 
Sociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning ExhibitSociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning Exhibit
 
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxHMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
 
Salient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functionsSalient Features of India constitution especially power and functions
Salient Features of India constitution especially power and functions
 
Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docx
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.
 
Food safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdfFood safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdf
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptx
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17
 
REMIFENTANIL: An Ultra short acting opioid.pptx
REMIFENTANIL: An Ultra short acting opioid.pptxREMIFENTANIL: An Ultra short acting opioid.pptx
REMIFENTANIL: An Ultra short acting opioid.pptx
 
Fostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the ClassroomFostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the Classroom
 
How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17
 
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
Jual Obat Aborsi Hongkong ( Asli No.1 ) 085657271886 Obat Penggugur Kandungan...
 
SOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning PresentationSOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning Presentation
 
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
 
How to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POSHow to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POS
 
Google Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptxGoogle Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptx
 

Java Regular Expression PART II

  • 1. » Validation » » » » » https://www.facebook.com/Oxus20 oxus20@gmail.com Username Validation Complex and Strong Password Validation Password Strength Checker Email Address Validation Image File Extension Validation Java Regular Expression PART II Abdul Rahman Sherzad
  • 2. Agenda » Overview » Username Validation » Strong and Complex Password Validation » Password Strength Checker » Email Address Validation » Image File Extension Validation 2 https://www.facebook.com/Oxus20
  • 3. Regular Expressions » PART I ˃ http://www.slideshare.net/absherzad/java-regular-expression-part-I » Regular Expression is not a programming language, it is the art of the programing » Regular Expression initially is hard to debug , learn and understand, but its powers and magic still attract many developers using Regular Expression. » Let's explore and discuss the following practical and useful Regular Expressions. 3 https://www.facebook.com/Oxus20
  • 4. 1. Username Validation » Whenever you are developing an application that requires authentication, in most cases, the users should provide a username among other credentials information. » Common pattern for username that is widely use is as follow: ˃ 3 to 15 characters in length ˃ with any lower case character, digit or special symbol underscore "_", hyphen "-" and dot "." only. https://www.facebook.com/Oxus20 4
  • 5. 1. Username Validation Pattern ^[a-z0-9._-]{3,15}$ Description ^ Start of the line [a-z0-9._-] Match characters and symbols in the list, a-z, 0-9, underscore, hyphen and dot. {3,15} Minimum 3 characters and maximum of 15 of characters in length $ End of the line 5 https://www.facebook.com/Oxus20
  • 6. 1. Username Validation Example import java.util.regex.Pattern; public class UsernameValidator { private Pattern pattern; private static final String USERNAME_PATTERN = "^[a-z0-9._-]{3,15}$"; public UsernameValidator() { pattern = Pattern.compile(USERNAME_PATTERN); } public boolean validate(final String username) { return pattern.matcher(username).matches(); } } 6 https://www.facebook.com/Oxus20
  • 7. 1. Username Validation Demo public class UsernameValidatorDemo { public static void main(String[] args) { UsernameValidator validator = new UsernameValidator(); System.out.println(validator.validate("absherzad")); System.out.println(validator.validate("ab.sherzad")); System.out.println(validator.validate("ab-sherzad")); System.out.println(validator.validate("ab_sherzad")); System.out.println(validator.validate("oxus20")); System.out.println(validator.validate("ars")); System.out.println(validator.validate("Absherzad")); System.out.println(validator.validate("ab sherzad")); System.out.println(validator.validate("ab")); System.out.println(validator.validate("abdulrahmansherzad")); //true //true //true //true //true //true //false //false //false //false } } 7 https://www.facebook.com/Oxus20
  • 8. 2. Password Complexity Validation » Strong and complex passwords are really important to stop unauthorized access to your electronic accounts i.e. Facebook, Gmail, Yahoo, etc. and devices i.e. PC, Smartphone, etc. » The purpose of choosing a password is to make it as difficult as possible for an intruder to identify your password, whether by guesses or automated attacks. » Following rules are advised ˃ ˃ ˃ ˃ be at least 8 but no more than 50 characters in length use both UPPER CASE and lower case letters include at least one number punctuation mark (allowed symbols are: ! # $ @ _ + , ? . - ); 8 https://www.facebook.com/Oxus20
  • 9. 2. Password Validation Pattern ((?=.*d)(?=.*[a-z])(?=.*[A-Z])(?=.*[!.#$@_+,?-]).{8,50}) Description ( Start of group (?=.*d) must contains one digit from 0-9 (?=.*[a-z]) must contains one lowercase characters (?=.*[A-Z]) must contains one uppercase characters (?=.*[!.#$@_+,?-]) must contains one special symbols in the list "!.#$@_+,?-" . match anything with previous condition checking {8,50} length at least 8 characters and maximum of 50 ) End of group 9 https://www.facebook.com/Oxus20
  • 10. 2. Password Validation Example import java.util.regex.Pattern; public class PasswordValidator { private Pattern pattern; private static final String PASSWORD_PATTERN = "((?=.*d)(?=.*[a-z])(?=.*[A-Z])(?=.*[!.#$@_+,?-]).{8,50})"; public PasswordValidator() { pattern = Pattern.compile(PASSWORD_PATTERN); } public boolean validate(final String password) { return pattern.matcher(password).matches(); } } 10 https://www.facebook.com/Oxus20
  • 11. 2. Password Validation Demo public class PasswordValidatorDemo { public static void main(String[] args) { PasswordValidator validator = new PasswordValidator(); System.out.println(validator.validate("Oxus20.2014")); // true System.out.println(validator.validate("Oxus.20_14")); // true System.out.println(validator.validate("OXUS20@Herat")); // true System.out.println(validator.validate("Oxus20@2014")); // true System.out.println(validator.validate("Oxus202014")); // false System.out.println(validator.validate("Oxus20")); // false System.out.println(validator.validate("Oxus@20")); // false System.out.println(validator.validate("Oxus20@")); // false } } 11 https://www.facebook.com/Oxus20
  • 12. 3. Password Strength Checker » In the previous example I discussed and explained, how to validate Strong and Complex Passwords. » But that was one side of the coin! I mean, that example was for keeping the user accounts secure against intruder to identify the users password, whether by guesses or automated attacks. » As a programmer and developer; you have to make sure while user registration is happening you inform the one who types about the password quality and strength. You can provide dynamic feedback as user types! https://www.facebook.com/Oxus20 12
  • 13. 3. Password Strength Checker Pattern Description [A-Za-z0-9!.#$@_+,?-]{8,50} Checking valid characters and length for password .*[a-z]+.* Checking for existence of lower case letter .*[A-Z].* Checking for existence of upper case letter .*[0-9]+. Checking for existence of number .*[!.#$@_+,?-]+.* Checking for existence of symbol 13 https://www.facebook.com/Oxus20
  • 14. 3. Password Strength Checker Example public class PasswordStrengthChecker { public static String checkPasswordStrength(String password) { String msg = "Your Password is too weak!"; int strength = 0; String lowerCaseCheck = ".*[a-z]+.*"; String upperCaseCheck = ".*[A-Z].*"; String numberExistenceCheck = ".*[0-9]+.*"; String symbolExistenceCheck = ".*[!.#$@_+,?-]+.*"; String validPassword = "[A-Za-z0-9!.#$@_+,?-]{8,50}"; // checking valid characters and length for password if (password.matches(validPassword)) { // checking for existence of upper case letter if (password.matches(upperCaseCheck)) strength += 4; https://www.facebook.com/Oxus20 14
  • 15. // checking for existence of lower case letter if (password.matches(lowerCaseCheck)) strength += 4; // checking for existence of number if (password.matches(numberExistenceCheck)) strength += 4; // checking for existence of symbol if (password.matches(symbolExistenceCheck)) strength += 4; if (strength >= 16) { msg = "Your Password is Very Strong!"; } else if (strength >= 12) { msg = "Your Password is Strong!"; } else if (strength >= 8) { msg = "Your Password is Normal!"; } else if (strength >= 4) { msg = "Your Password is weak!"; } else { msg = "Your Password is too weak!"; } } return msg; } 15 } https://www.facebook.com/Oxus20
  • 16. 3. Password Strength Checker Demo public class PasswordStrengthCheckerDemo { public static void main(String[] args) { // Your Password is too weak! System.out.println(PasswordStrengthChecker.checkPasswordStrength("1234")); // Your Password is Normal! System.out.println(PasswordStrengthChecker.checkPasswordStrength("OXUS201234")); // Your Password is Strong! System.out.println(PasswordStrengthChecker.checkPasswordStrength("OXUS20_2014")); // Your Password is Very Strong! System.out.println(PasswordStrengthChecker.checkPasswordStrength("Oxus20_2014")); } } 16 https://www.facebook.com/Oxus20
  • 17. 4. Email Address Validation » Email validation is a very common requirement and necessity in many applications and it can be a tricky task. » Basically the main policy for email format would be as follow: ˃ Start with characters, digits or '_', and '-' symbols ˃ The above group can be followed with a '.' and the same pattern as the first group. ˃ Then it must have exactly one '@' character. ˃ The domain name must start with characters, digits and the '-' character. ˃ Then it must be followed by a '.'. ˃ After the '.' you can have characters and digits. ˃ Optionally you can have a second level Top Level Domain that can start with a '.' and the contain only characters. 17 https://www.facebook.com/Oxus20
  • 18. 4. Email Address Validation Pattern ^[_A-Za-z0-9-]+(.[_A-Za-z0-9-]+)*@[A-Za-z0-9-]+(.[A-Za-z0-9]+)*(.[A-Za-z]{2,})$ Description ^ start of the line [_A-Za-z0-9-]+ must start with string in the bracket [ ], must contains one or more group #1 (optional) follow by a dot "." and string in the bracket [ ], must contains one or more must contains a "@" symbol (.[_A-Za-z0-9-]+)* @ [A-Za-z0-9-]+ (.[A-Za-z0-9]+)* (.[A-Za-z]{2,}) $ follow by string in the bracket [ ], must contains one or more group #2 (optional) follow by a dot "." and string in the bracket [ ], must contains one or more (+) group #3 follow by a dot "." and string in the bracket [ ], with minimum length of 2 end of the line 18 https://www.facebook.com/Oxus20
  • 19. 4. Email Address Validation Example import java.util.regex.Pattern; public class EmailValidator { private Pattern pattern; private static final String EMAIL_PATTERN = "^[_A-Za-z0-9-]+(.[_A-Zaz0-9-]+)*@"[A-Za-z0-9-]+(.[A-Za-z0-9]+)*(.[A-Za-z]{2,})$"; public EmailValidator() { pattern = Pattern.compile(EMAIL_PATTERN); } public boolean validate(final String email) { return pattern.matcher(email).matches(); } } 19 https://www.facebook.com/Oxus20
  • 20. 4. Email Address Validation Demo public class EmailValidatorDemo { public static void main(String[] args) { EmailValidator validator = new EmailValidator(); System.out.println(validator.validate("oxus20@gmail.com")); // true System.out.println(validator.validate("absherzad@gmail.com")); // true System.out.println(validator.validate("absherzad@hu.edu.af")); // true System.out.println(validator.validate("first_name.last_name@domain.com")); // true System.out.println(validator.validate("Oxus20@")); // false System.out.println(validator.validate("Oxus20@gmail")); // false System.out.println(validator.validate("Oxus20@gmail.")); // false System.out.println(validator.validate("Oxus20@gmail.c")); // false } } 20 https://www.facebook.com/Oxus20
  • 21. 5. Image File Extension Validation » Now I are going to explain and demonstrate how to validate image file format with Java Regular Expressions. » This is very beneficial for instance when you create an image uploader application and you want to make sure that the users don't upload an illegal file. » Of course this is one of many countermeasures you should consider. The basic policy about the format of image file is as follow: ˃ It should begin with a string of a least one character and not a white space. ˃ It must then be followed by dot '.'. ˃ And finally it should have one of the following file extensions i.e. jpg, jpeg, gif, png, bmp. ˃ Extension is not Case Sensitive https://www.facebook.com/Oxus20 21
  • 22. 5. Image File Extension Pattern ([^s]+(.(?i)(jpg|jpeg|gif|png|bmp))$) Description ( [^s]+ ( . (?i) (jpg|jpeg|gif|png|bmp) ) $ ) Start of group #1 Must contains one or more anything (except white space) Start of group #2 Follow by a dot '.' Ignore the case sensitive checking for the following characters Group #3 check that contains extension of "jpg" or "jpeg" or "gif", "png" or "bmp". End of the group #2 End of the string End of the group #1 22 https://www.facebook.com/Oxus20
  • 23. 5. Image File Extension Example import java.util.regex.Pattern; public class ImageFileExtensionValidator { private Pattern pattern; private static final String IMAGE_PATTERN = "([^s]+(.(?i)(jpg|jpeg|gif|png|bmp))$)"; public ImageFileExtensionValidator() { pattern = Pattern.compile(IMAGE_PATTERN); } public boolean validate(final String image_name) { return pattern.matcher(image_name).matches(); } } 23 https://www.facebook.com/Oxus20
  • 24. 5. Image File Extension Demo public class ImageFileExtensionValidatorDemo { public static void main(String[] args) { ImageFileExtensionValidator validator = new ImageFileExtensionValidator(); System.out.println(validator.validate("oxus20.jpg"));// true System.out.println(validator.validate("oxus20.JPG"));// true System.out.println(validator.validate("OXUS20.jpeg"));// true System.out.println(validator.validate("oxus20.JPg"));// true System.out.println(validator.validate("oxus.png"));// true System.out.println(validator.validate("oxus.Bmp"));// true System.out.println(validator.validate(".jpg"));// false System.out.println(validator.validate("jpg"));// false System.out.println(validator.validate("oxus20"));// false } } 24 https://www.facebook.com/Oxus20