Hello,

I want BuddyPress passwords to require 8 characters with a mix of upper and lower case letters and numbers. I wrote this into my bp-custom.php code

`add_action(‘bp_signup_validate’,’io_check_password’);
function io_check_password(){
global $bp;
if(isset($_POST)) {
if(!preg_match(“/^.*(?=.{8,})(?=.*d)(?=.*[a-z])(?=.*[A-Z]).*$/” , $_POST )){
$bp->signup->errors = ‘Your password must be at least 8 characters long and contain a mix of lower and upper case letters and at least one number’;
}
}
}`

And that works fine for signup, but I cannot figure out how to run a regex against passwords that are being changed in the profile > settings screen.

It looks like bp-core-settings.php saves the new password and gives no hooks for me to run my own validation. It just checks if the password is there and matches, then saves right away:

`if ( $_POST != ” && $_POST != ” ) {
if ( $_POST == $_POST && !strpos( ” ” . $_POST, “\” ) )
$current_user->user_pass = $_POST;
else
$pass_error = true;
} else if ( empty( $_POST ) && !empty( $_POST ) || !empty( $_POST ) && empty( $_POST ) ) {
$pass_error = true;
} else {
unset( $current_user->user_pass );
}`

Any ideas??

[@nicholmikey Participant 14 years, 3 months ago]

Without using js

[@nicholmikey Participant 14 years, 3 months ago]

Is it not possible to enforce password strength without js?