Return array of error messages on password validate

src/MD_STD_IN.php

@@ -96,9 +96,7 @@ final class MD_STD_IN {
      */
     public static function sanitize_rgb_color(mixed $input):string {
 
-        $output = \filter_var($input,
+        $output = \filter_var($input, FILTER_UNSAFE_RAW, FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH);
-            FILTER_SANITIZE_STRING,
-            FILTER_FLAG_NO_ENCODE_QUOTES);
 
         if ($output === false
             || (preg_match('/^[a-zA-Z0-9]{3}$/', $output) === false && preg_match('/^[a-zA-Z0-9]{6}$/', $output) === false)
@@ -230,6 +228,33 @@ final class MD_STD_IN {
 
     }
 
+    /**
+     * Validates a password (minimum requirements: 8 characters, including
+     * one number and one special char) and returns a list of errors,
+     * if there are any.
+     *
+     * @param string $input Input string.
+     *
+     * @return array<string>
+     */
+    public static function validate_password(string $input):array {
+
+        $errors = [];
+        if (mb_strlen($input) < 8) {
+            $errors[] = 'password_too_short';
+        }
+
+        if ((\preg_match('@[0-9]@', $input)) === false) {
+            $errors[] = 'password_has_no_number';
+        }
+        if ((\preg_match('@[^\w]@', $input)) === false) {
+            $errors[] = 'password_has_no_special_char';
+        }
+
+        return $errors;
+
+    }
+
     /**
      * Sanitizes and validates a phone number. An empty string passes.
      *