I'm trying to use a regex to make sure a password contains a uppercase, lowercase, number and symbol. I am using the following code:

var result = validateModel(
			target = rc,
			constraints = {
				...
				"password" : {
					"required" : true,
					"regex" : "/(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*\W)/",
					"size": "6..255"
				},
				"passwordConfirmation" : { "required" : true, "sameAs" : "password" }
			}
		);

However no matter what I put in it gives the validator error:

The 'password' value does not match the regular expression: /(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*\W)/

. I tried testing my regex using a regex tester https://www.regextester.com/ and used the string

Ok12345!

and verified it was correct. Any ideas?

have you tried it without the forwards slashes (beginning and end)?

Yes I tried

"regex" : "(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*\W)",

and also tried

"regex" : "/(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*\W)/i",

and the same thing happened. 😞

You're using a JS regular expression (and tester) but writing CFML code, which is a bit of a false start

this wont work in cf because its using

?=

a positive lookahead

@Scott Steinbeck... err,,, maybe if they're using CF5 or lower that might be an issue. AFAIK CF has supported positive and negative lookaheads since CFMX6 when they went from [whatever engine they were using to on the C++ version of CFML] to Java and using Apache ORO for the engine (https://svn.apache.org/repos/asf/jakarta/oro/trunk/docs/api/org/apache/oro/text/regex/package-summary.html) And... like... I included a working example in CFML two comments above your one...

whoops, missed your example

The difference with mine is that I'm testing for each char type you need, plus I'm testing the length.

I'm using

"size": "6..255"

to check the length, should I remove it and go with the regex?

Like I said... a) I don't know how coldbox works; b) your regex doesn't do a length check; c) plus at least initially it was a JS regex, not a CFML one. From there it's down to you to test and report back.

@Ookma-Kyi use https://regexr.com/ and switch from Javascript to PCRE (Server) which CFML is compatible with. Top right of the app.

@Daniel Mejia Did that, that is returning Ok12345! as a match using the regex ^(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*\W).$ . However the page still errors with the message The 'password' value does not match the regular expression: The 'password' value does not match the regular expression: ^(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*\W).$ . Here is the validation I am using for the password field: "password" : {                     "required" : true,                     "regex" : "^(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*\W).$",                     "size": "6..255"                 }, I'm running out of ideas and yes I checked the output to make sure what I typed into the field matches what is being passed in.

Right so yeah... use the code that works... don't use the code that doesn't work. Like I said... I don't know anything about ColdBox, so there's no point pinging me with questions about it.

Ok sorry about that

Did you do any investigation of yer own? Did you go look at what ColdBox is doing around the regex-checking / length-checking code?

Yes I found the model for regex, but can't seem to find the actual implementation. https://github.com/coldbox-modules/cbvalidation/blob/development/models/validators/RegexValidator.cfc