Password Validation with PHP and Regular Expressions

Password Validation with PHP and Regular Expressions

Password Validation with PHP and Regular Expressions.

Regular Expressions are equally complicated and elegant at the exact same time. They may be made to look like someone was only hammering randomly on their keyboard. They're also a remarkably effective and elegant solution to describing the structure of the text and fitting those structures. They're very handy for defining what a string should look like and as such are very great to be used in password validation. It's essential that the password needs to validation With safe & strength. So Make it difficult for password crackers. Use long passwords with letters, CAPS, numbers, and symbols. Let's check a password validation with PHP and regular expressions. That is a straightforward and a long example for php beginners.

 * Regular Expressions
 * Long example for php beginners

$pwd = $_POST['password '];

if( strlen($password ) < 8 ) {
$error .= "Password too short!

if( strlen($password ) > 20 ) {
$error .= "Password too long!

if( strlen($password ) < 8 ) {
$error .= "Password too short!

if( !preg_match("#[0-9]+#", $password ) ) {
$error .= "Password must include at least one number!

if( !preg_match("#[a-z]+#", $password ) ) {
$error .= "Password must include at least one letter!

if( !preg_match("#[A-Z]+#", $password ) ) {
$error .= "Password must include at least one CAPS!

if( !preg_match("#\W+#", $password ) ) {
$error .= "Password must include at least one symbol!

echo "Password validation failure(your choise is weak): $error";
} else {
echo "Your password is strong.";

 * End Code

Short example with Regex

This is the short version of that password -check with regex (lookahead / lookbehind / lookaround) using PHP's PCRE engine.

$password = $_POST['password '];

if (preg_match("#.*^(?=.{8,20})(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.*\W).*$#", $password )){
    echo "Your password is strong.";
} else {
    echo "Your password is not safe.";

You may use "\d" instead of "[a-z]" and "\W" instead of non-word characters, symbols. You can make a manual list of most used symbols like [#.-_,$%&!]. Remember most consumers don't enjoy passwords with symbols, you can exclude emblem check for . Just check letters, duration, caps, and numbers.

$password= $_POST['password'];

if (preg_match("#.*^(?=.{8,20})(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9]).*$#", $password)){
    echo "Your password is good.";
} else {
    echo "Your password is bad.";

Plugin Update

How To Debug WordPress Pending Plugin Update?


Do you've a WordPress site that claims to have a Plugin update or Theme update when all plugin is up to date?

The debugging code, contributed by Kevin Leary, among this article might show that specific update or Theme is creating the update accessible, detect among your WordPress installation.

To find out that plugin or theme is creating the unfinished update notification in your WordPress installation, add the following code to your functions.php file of the currently active theme or child theme.

Once saved in your function file, add to ?debug_updates your WordPress backend after /wp admin/.

Example: admin/? .debug_upgrades

 * Debug Pending Updates
 * Crude debugging method that will spit out all pending plugin
 * and theme updates for admin level users when ?debug_updates is
 * added to a /wp-admin/ URL.
function debug_pending_updates() {

    // Rough safety nets
    if ( ! is_user_logged_in() || ! current_user_can( 'manage_options' ) ) return;
    if ( ! isset( $_GET['debug_updates'] ) ) return;

    $output = "";

    // Check plugins
    $plugin_updates = get_site_transient( 'update_plugins' );
    if ( $plugin_updates && ! empty( $plugin_updates->response ) ) {
        foreach ( $plugin_updates->response as $plugin => $details ) {
            $output .= "

Plugin $plugin is reporting an available update.

"; } } // Check themes wp_update_themes(); $theme_updates = get_site_transient( 'update_themes' ); if ( $theme_updates && ! empty( $theme_updates->response ) ) { foreach ( $theme_updates->response as $theme => $details ) { $output .= "

Theme $theme is reporting an available update.

"; } } if ( empty( $output ) ) $output = "No pending updates found in the database."; wp_die( $output ); } add_action( 'init', 'debug_pending_updates' );

It has helped you discover that plugin or theme is generating the unfinished update notice on your WordPress website

WordPress Tips: How to Create a Private Post in WordPress

What is a Private Post in WordPress? How Does it Work?

A private post in WordPress isn't visible to the public. Only logged in with correct permissions may see it among your site posts.

WordPress comes along with an integrated user role system that assigns permissions and capabilities to various user roles. Each WordPress user has a role assigned to them, which gives them permission to perform specific tasks on an internet site.

Any user who has the permission to publish a post can write a private post and publish it. The message will be visible to the user and the following user roles.

Administrator - May create, edit, and delete any private post created by any user on a WordPress site.
Editor - May create, edit, and delete any personal messages created by any user.
Author - May create, publish, edit, view and delete their very own private posts. They can't see private posts created by other users.

With that being said, let us have a look at how to create a private post in WordPress.

Creating a private Post or Private Page in WordPress. Firstly you need to create a brand new post or page. You may also edit the existing post that you would like to make private.

On the message editing screen, you must click the Edit link next to the Visibility option in Publish meta box.


Edit visibility options of a blog post or page in WordPress
Edit visibility options of a blog post or page in WordPress


You'll now see options to create the message sticky, password protected, or private. Go ahead and choose private and after that click the Okay button to continue.


Private post option in WordPress post edit screen
Private post option in WordPress post edit screen


You can now continue editing the post or you can save/publish it. Users who do not have permission to see private posts won't see it.

Note: Images you add to a private post aren't private and may be seen in media library by other authors. Images may also be seen by anyone who has the image URL.
How to Fix the 500 Internal Server Error on WordPress Website

How to Fix the 500 Internal Server Error on WordPress Website

Hello everyone. I’m gonna show you few methods to fix the 500 internal error you may be experiencing on WordPress. So let’s get right into it.

The 500 internal server error runs on every page of your site when there’s a problem with the server or file system. The cause most likely occurs in the root directory where your WordPress files are but it can also be caused by a problem on your host server. I’m going to show you a few ways, you can fix this problem.

But before we begin I recommend you make Backup of your site before trying any of this solution in case something goes wrong.

Create a New “.htaccess” file

A common cause of this error is a corrupted “.htaccess” file. It can become corrupted after you install a plugin or make other change to your WordPress site. The fix is simple since all you need to is create a new “.htaccess” file.

Open up your WordPress root directory in preferred FTP client. This is typically called public_html. If you see folders name wp-admin, wp-content, wp-includes, you’re in the right place. If you don’t see your “.htaccess” file or Dot files, for that matter make hidden files viewable by clicking the server and selecting force showing hidden files. Now This will differ for every FTP client. I’m Using FileZilla But it should be pretty similar.

Once you should find your “.htaccess” file, rename it “”. This essentially deletes your site’s “.htacces” file. So now we need to create a new one. Go to your WordPress admin area, hover over setting and click permalinks. Scroll down to the bottom of the page and hit Save Changes. Now reload your site and see if the 500 internal server error is gone, it was caused a corrupt ".htaccess" file.

It’s also worth mentioning that an improperly named “.htaccess” file will cause this error to run on your site. So make sure it’s not named anything other than “.htaccess”.

So if you’re still having an issue, then let’s talk about another common cause of this issue, which is exceeding your servers “PHP Memory Limit”.

PHP Memory limit Issue In WordPress

This usually happens because of poorly coded plugin running on your site or using too many plugins. You’ll begin to exceed the PHP memory limits set by your hosting provider and either of those things happens, the result becomes a

500 internal server error.

Once again open up your root directory and locate the wp-config.php file. Open your file in your preferred text editor and add this bit of code under the opening PHP tag:


PHP Memory Limit
define( 'WP_MEMORY_LIMIT', '256M' ); 

Save the file and re-uploaded it to your root directory. Now go ahead and refresh your website. If you’re still seeing the error, then you’re not having “PHP memory limit issues. If that did not fix the issue, then remove those line of code. Because it wasn't a problem. If those line of code worked, then great.

I still recommended figuring out what caused you to reach the limit and you could always ask your host to increase the limit on your server.

But if both of those solutions did not work for you then let’s try a few less common solutions.

Deactivating Plugins

If you’re able to access the WordPress admin area, deactivate your plugins one by one. Refresh your website after each deactivation and if the error disappears, it likely caused by that plugin.

If you cannot access the WordPress admin area, then go back your FTP client and open the root directory and open up the wp-content folder. This folder contains your plugins, your themes and other folders. Rename the plugins folder to anything you wish like "". This deactivates all the plugins on your site.

Now refresh your site and check If the error is gone.It was caused by a faulty plugin. After going back and enable them one by one to figure out the culprit. If that didn't work then be sure to revert your folder back to just plugins.

File Permission

AS for other solutions which are more unlikely. You can check the file permissions in your WordPress directory. They should be 755 or 644. If not, the could be causing the 500 internal server error.

Upload Fresh Version

You can also upload fresh versions of wp-admin and wp-includes to your site. But this should be a last resort. Again backup your website before trying this.

Once you do simply redownload  WordPress and only upload the wp-admin and wp-includes folder to your root. If this works, that means you had a corrupted core file.

If none of these solutions worked for you then the only option left is to give up.

Ha Ha Ha…Don’t worry, I’m just kidding.

What you need to do now is contact your host. Many hosts won’t be much of a help in and they’ll actually blame your site’s files for the issue which again is definitely a possibility. So you've really tried all the steps I mentioned before contacting them. If you tried everything then politely ask them their server logs to see if the issue is there.

At the end of the day, I recommended you backup your website on a regular basis and update your plugin, themes, and WordPress core files as soon as they’re available to prevent this from happening
Choosing Between Bootstrap or Foundation

Learn More About Choosing Between Bootstrap or Foundation

Choosing between Bootstrap or Foundation is such as choosing between red or white wine. One is not necessarily better than the other, they simply pair well with different things, and individuals have a tendency to develop personal preferences. Nevertheless, this is not just fuzzy tastebuds were speaking about here. This is a code, with explicit logic and intent. Therefore, there's to be some kind of difference, right?

Let's dig in. Free trial on Treehouse. Do you need to learn to code?

CLICK HERE FOR A FREE TRIAL. Grid System The maximum outstanding part of a much frontend framework is the grid system.


Foundation has always been slightly ahead of the curve in this area. It was the first large frame to go responsive and the only large mobile first frame for an amount of time. Nevertheless, Bootstrap also has these features in place now. The syntax for creating grids could be somewhat different. So this is an area where personal preferences might come into play. But it's easy to create equivalent code fragments that do almost the exact same thing in both frameworks. Currently, there are much few grid features in Foundation that might make it a much better option in particular instances.


Which makes it easy to split the contents of an unordered list into an equally spaced grid. Just specify the number of items in each row and Foundation takes care of the rest. Foundation also has the capability to easily the columns and remove gutters with the collapsed class. Or centre columns with the centred columns syntax. Sizing Units For calculating widths, typography, and almost everything else. Bootstrap uses pixels and Foundation uses rems. There are functional differences in between both of these units which are important to understanding. But both are able to produce the same results. Pixels are an a.bsolute unit, but in the age of responsive design. A much relative unit such as rems helps me think with regards to proportions.


Like I said, this is really a much matter of viewpoint And personal workflow. So if you truly love pixels, Bootstrap could be for you.

I admit, learning about the differences in between pixels, ems, and rems is dull for many people. Nevertheless, if you are not familiar, it's well worth spending some time to read this article from 2011 about font sizing with rems because it'll save you lots of guesswork in the future. Features and Components Initially, both frameworks appear to have a much very comparable list of prebuilt components, but there are several slight differences that may help you make the decision. Foundation has an integrated form validation through Abide. That's not to say that Bootstrap could also have Form validation, but for some, the premade Foundation alternative could be a nice head start. Foundation also includes Interchange, that is a much robust solution for responsive images, even though it could be more than you need.

Using .htaccess to Add Additional Web Security to Your WordPress Site

Using .htaccess to Add Additional Web Security to Your WordPress Site

Modifying or creating .htaccess files can greatly improve the web security of your WordPress installation. Through this file, we can limit access to files and folders, perform redirects, disable directory browsing, and much more.

In this section, we're going to focus on using your .htaccess files to deny access to your wp-config. PHP file, your administration area if you wish, disable directory browsing and lock down the .htaccess file itself.

You edit .htaccess files with a text editor. Often times you will not be able to save the file locally on your machine as .htaccess. If this is the case for you simply save it as htaccess.txt, upload it to your server, and then rename it to .htaccess.

So let's look at what your .htaccess file probably looks like.

Using an FTP program (FileZilla is free and multi-platform) download your .htaccess file from the root folder of your site and open it in a text editor such as Notepad on Windows or TextWrangler (free) on Mac. It should look

wordpress htaccess rules

Now, when editing this file keep in mind that WordPress accesses this file and can modify anything between the BEGIN WordPress and END WordPress lines, so leave those as is. All of our additions are going to be entered on the lines after the END WordPress line.


To disable directory browsing we will add the following line to the file.

#Prevent Directory Browsing
Options All -Indexes


To protect your configurations file, add the following to your .htaccess file.

# Prevent Access to wp-config.php file
<files wp-config.php>
order allow,deny
deny from all


These files generate an error when trying to be accessed directly anyhow, but it doesn't hurt to add
another layer of protection. To make sure nobody can access your .htaccess files add the following
to it.

# Prevent Access to .htaccess
<Files .htaccess>
order allow,deny
deny from all


Before you take this step there are some considerations. If you have a static or fixed IP address then this option will work well. If your IP address changes then you may end up locking yourself out too. Of course, you can always use FTP to remove or change the restrictions. To lock everyone out except the IP listed (change it to yours), create a new .htaccess file in the wp-admin folder and add the following to it.

order deny,allow
allow from192.168.1.1
deny from all

Don't forget to change the IP address to that of your own. You can find out your IP address by going to Google and simply type what is my IP?


Include the following in your admin .htaccess file to fix this.

<Files admin-ajax.php>
Order allow,deny
Allow from all
Satisfy any
Privacy Policy