Input Validation Using Regular Expressions
Regular expressions are often used for user input validation. One common problem is to validate that the e-mail that the user entered is valid. There are a zillion readymade e-mail regex for your use, but I was always interested in knowing why something works, so I set about to create my own regex. That led to my making more commonly-used regular expressions, so I thought Iâd share them.
Note that Iâm still very much of a newbie when it comes to regular expressions, so these might not be the most efficient ways to validate the appropriate inputs. I checked that each patternâs working using RadSoftwareâs excellent RegexDesigner. Itâs such a relief to not have to not have to write a test application.
Oh, the â#â you see in the regular expressions are comments.
using System;using System.Text.RegularExpressions;namespace SG.Net.Utilities{public class InputValidation{/// <summary>/// A password is valid if/// 1. Itâs at least [minLength] long./// 2. It has at least one uppercase letter./// 3. It has at least one lowercase letter./// 4. It has at least one digit./// 5. It has at least one non-alphanumeric character./// </summary>/// <param name="password">The password to validate.</param>/// <param name="minLength">Minimum length of the password.</param>/// <returns>True if the password is valid, false otherwise.</returns>public static bool ValidatePassword(string password, int minLength){Regex pattern = new Regex(@"^ # Match the start of string(?=.*d) # Do we have at least one digit?(?=.*[A-Z]) # Do we have at least one uppercase letter?(?=.*[a-z]) # Do we have at least one lowercase letter?(?=.*[^a-zA-Z0-9nrt ]) # Do we have at least one non-alphanumeric character?.{" + minLength.ToString() + @",} # Is it at least 6 characters long?$ # Match the end of the string", RegexOptions.Multiline | RegexOptions.IgnorePatternWhitespace);return pattern.IsMatch(password);}/// <summary>/// An email is valid if/// 1. It contains an â@â symbol./// 2. It contains a â.â symbol./// 3. There are alphanumeric characters (or certain symbols) in front of the â@â symbol./// 4. There are alphanumeric characters in between â@â and â.â symbols./// 5. There are alpha characters after the â.â symbol./// </summary>/// <param name="email">The email address to validate.</param>/// <returns>True if email is valid, false otherwise.</returns>/// <remarks>/// This function supports multiple subdomains./// Check http://www.ietf.org/rfc/rfc2822.txt for generic syntax of emails/// </remarks>public static bool ValidateEmail(string email){Regex pattern = new Regex(@"^ # Match the beginning of the string[a-zA-Z0-9]+ # Start with an alphanumeric character[a-zA-Z0-9!`#$^&*]* # Allow for any number of approved symbols@ # Match the â@â symbol[a-zA-Z0-9]+ # One or more alphanumeric characters[a-zA-Z0-9.]* # Allow for subdomains. # Match the â.â symbol[a-zA-Z]+ # Match the domain$ # Match the end of the string", RegexOptions.Multiline | RegexOptions.IgnorePatternWhitespace);return pattern.IsMatch(email);}/// <summary>/// A social security number is valid if itâs 9 digits long./// </summary>/// <param name="ssn">The social security number to validate.</param>/// <returns>True if the ssn is valid, false otherwise. </returns>public static bool ValidateSSN(string ssn){//Strip the seperators (for example, â-â). Itâs so much easier to code the regular//expression when we donât have to handle the seperators (which the user may or may//not have entered.ssn.Trim().Replace("-", String.Empty).Replace(".", String.Empty).Replace(" ", String.Empty);return Regex.IsMatch(ssn, @"^d{9}$");}/// <summary>/// A phone number is valid if it is 6 or 9 digits long./// </summary>/// <param name="phoneNumber">The phone number to validate.</param>/// <returns>True if phone number is valid, false otherwise.</returns>/// <remarks>Obviously, this doesnât allow for international phone numbers.</remarks>public static bool ValidatePhoneNumber(string phoneNumber){//Valid phone numbers, for example, include://1. (999)-999-9999//2. (999)999-9999//3. 999-999-9999//4. 9999999999//So weâll once again strip the seperators to make our lives easier.//(), â-â, â.â, and â â are considered valid seperators.phoneNumber.Trim().Replace("(", String.Empty).Replace(")", String.Empty).Replace("-", String.Empty).Replace(".", String.Empty).Replace(" ", String.Empty);return ((Regex.IsMatch(phoneNumber, @"^d{9}$") || Regex.IsMatch(phoneNumber, @"^d{6}$")));}/// <summary>/// Validates a date using C#-built in DateTime.TryParse()/// function./// </summary>/// <param name="date">The date to validate</param>/// <returns>True if the date is valid, false otherwise.</returns>public static bool ValidateDate(string date){//Dates can be entered in a couple of different formats://1. 2006-03-04//2. 03-04-2006//3. April 3 2006//4. April 3, 2006//5. Apr 3, 2006//6. 03-APR-2006//7. 3-APR-06//You get the idea.//Itâs probably doable with regular expressions, but we//might as well use C#âs awesome DateTime.Parse(string date)//method to validate the date.DateTime dateParsed = new DateTime();return DateTime.TryParse(date, out dateParsed);}/// <summary>/// An IP Address is valid if itâs 10 digits long./// </summary>/// <param name="ipaddress">The IP Address to validate</param>/// <returns>True if IP Address is valid, false otherwise.</returns>public static bool ValidateIPAddress(string ipaddress){//Weâre only going to allow the â.â for a seperator.ipaddress.Trim().Replace(".", String.Empty);//Weâll also strip the âhttp://â, âhttps://â, or âftp://âipaddress.Replace("http://", String.Empty).Replace("https://", String.Empty).Replace("ftp://", String.Empty);return Regex.IsMatch(ipaddress, @"^d{10}$");}/// <summary>/// Validates most forms of urls./// </summary>/// <param name="url">The URL to validate</param>/// <returns>True if the URL is valid, false otherwise.</returns>/// <remarks>Check http://www.ietf.org/rfc/rfc2396.txt for generic syntax of URLs.</remarks>public static bool ValidateURL(string url){//Valid urls include://1. http://www.awesomesite.com///2. http://awesomesite.com///3. www.awesomesite.com//4. www.awesomesubdomain.awesomesite.com//5. http://www.awesomesite.com/awesomepage.aspx//6. ftp://awesomesite.com//7. 999.999.999 (IP Address)//8. https://awesomesite.com///9. awesomesite.com//10. http://999.999.999//Substitute whatever domain name you want for the âcomâ//Weâll check for the domain case first, and the ip address case//second.Regex pattern = new Regex(@"^ # Match start of string( # Match one offtp://| # thesehttps://| # threehttp:// # characters)? # (optional); followed(www.)? # optionally by the string âwww.â followed by[A-Za-z0-9]+ # one or more alphanumeric characters[A-Za-z0-9.]* # Allow for subdomains. # Match the â.â symbol[A-Za-z]+ # Followed by one or more alphanumeric characters/? # Followed by an optional (closing) slash(/[A-Za-z0-9/]+ # Allow for pages. # Match the â.â symbol[A-Za-z0-9/]+ # Match the pageâs extension)? # All of which is optional, of course$ # Match end of string", RegexOptions.Multiline | RegexOptions.IgnorePatternWhitespace);if(pattern.IsMatch(url))return true;//Letâs now try to check for the IP Address casereturn InputValidation.ValidateIPAddress(url);}}}