From 5bb863ffc981b8c37096fa6d3987efd2245d23d3 Mon Sep 17 00:00:00 2001
From: Joshua Ramon Enslin <joshua@museum-digital.de>
Date: Tue, 8 Mar 2022 20:12:54 +0100
Subject: [PATCH] Add function validate_password

---
 src/MD_STD_IN.php | 25 ++++++++++++++++++++++---
 1 file changed, 22 insertions(+), 3 deletions(-)

diff --git a/src/MD_STD_IN.php b/src/MD_STD_IN.php
index 37c155c..572ba7f 100644
--- a/src/MD_STD_IN.php
+++ b/src/MD_STD_IN.php
@@ -96,9 +96,7 @@ final class MD_STD_IN {
      */
     public static function sanitize_rgb_color(mixed $input):string {
 
-        $output = \filter_var($input,
-            FILTER_SANITIZE_STRING,
-            FILTER_FLAG_NO_ENCODE_QUOTES);
+        $output = \filter_var($input, FILTER_UNSAFE_RAW, FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH);
 
         if ($output === false
             || (preg_match('/^[a-zA-Z0-9]{3}$/', $output) === false && preg_match('/^[a-zA-Z0-9]{6}$/', $output) === false)
@@ -230,6 +228,27 @@ final class MD_STD_IN {
 
     }
 
+    /**
+     * Validates a password (minimum requirements: 8 characters, including
+     * one number and one special char).
+     *
+     * @param string $input Input string.
+     *
+     * @return boolean
+     */
+    public static function validate_password(string $input):bool {
+
+        if (mb_strlen($input) < 8) {
+            return false;
+        }
+
+        if ((\preg_match('@[0-9]@', $input)) === false) return false;
+        if ((\preg_match('@[^\w]@', $input)) === false) return false;
+
+        return true;
+
+    }
+
     /**
      * Sanitizes and validates a phone number. An empty string passes.
      *