A Reason Not to Like Notes
I've been working on a user registration "component" for a Domino database. Something to let users register for access and then, once logged in, change their passwords.
As part of both processes the password entered is validated and checked it's of a certain quality. It has to be a certain length as well as containing both uppercase and lowercase letters along with some numbers. So, "P4ssw0rD" is ok but "p4ssw0rd" and "P4SSW0RD" aren't.
I needed to perform this validation both in @Formula and LotusScript.
The @Formula is simple:
@Length(Password)>6 & @Matches(Password; "*{A-Z}*")
& @Matches(Password; "*{a-z}*") & @Matches(Password; "*{0-9}*")
It would follow that the LotusScript equivalent would be:
If Len(doc.Password(0))>6 And doc.Password(0) Like "*[A-Z]*" And doc.Password(0) Like "*[a-z]*" And doc.Password(0) Like "*#*" Then
But, wait. It looks like there's a bug in LotusScript which means all the following are True:
"ABCDE" Like "*[a-z]*"
"abcde" Like "*[A-Z]*"
"AbCdE" Like "*[A-Z]*"
The only way round this I've found is to use the whole alphabet, like so:
If Len(doc.Password(0))>6 And doc.Password(0) Like "*[ACBDEFGHIJKLMNOPQRSTUVWXYZ]*" And doc.Password(0) Like "*[acbdefghijklmnopqrstuvwxyz]*" And doc.Password(0) Like "*#*" Then
You've got to like love Notes! An hour of my day wasted...
Skip to the 
You can subscribe to an individual
I know the feeling.
Of course, all other options other than Notes are not bug free either. Maybe an hour isn't too bad compared to some other tools?
Reply
I'm not sure it's a bug...
By default, string comparisons in LotusScript are case-insensitive, and "like" is a kind of string comparision...
What happens if you put in "Option compare Case" before you start comparing?
Reply
Forget what I said... "Option Compare Case" seems to be the default anyway ...
Reply
Show the rest of this thread
Hi,
if you use "Option Compare Binary" the Like-Operator works correctly.
Sven
Reply
Regular Expressions are always a great way to test passwords
LotusScript
http://lekkimworld.com/2005/09/25/1127661564236.html
LotusScript
http://www.openntf.org/projects/pmt.. ..70053f5cd/468846f664e3212c862577a50053b3ff!OpenDocument
Javascript in the client
http://www.breakingpar.com/bkp/home.nsf/0/87256B280015193F87256C4F005D3717
Reply
Never liked the idea of using either ls2j or createobject in LS. I'd rather just rewrite the whole agent in java!
Reply
Forget about anything serious about regular expressions in LS. Just use Java and LJ2J if you need to work with LS. Tommy Valand wrote about it http://dontpanic82.blogspot.com/2007/10/simple-ls2j-regular-expression-class.html. It has served me well.
Reply
Ummm.....
Why not just Evaluate() the same @Formula?
Dim s as String
s = |
@Length(Password)>6 & @Matches(Password; "*{A-Z}*")
& @Matches(Password; "*{a-z}*") & @Matches(Password; "*{0-9}*")
|
Dim vResult as Variant
vResult = Evaluate(s, yourDoc)
Print (vResult(0))
Reply
Because evalaute() is cheating.
Reply
Hide the rest of this thread
LOL! Did you forget Evaluate() or are you now whimsically some crazed LS purist?
It's pretty darn efficient is what it is! :-)
Reply
It's not that I forgot about it. It's just that there's an LS equivalent to the @Function I'd used and, in that case, you'd like to assume, there'd be no need for Evaluate(). So I went down the pure LS path. Once I'd got to the point of no return I didn't even consider evaluate().
Also, yes I'm a purist and hate to use Evaluate unless there's no alternative.
Reply
And here I thought I knew you so well. All the righteous hacks to get Domino to behave that you've taught us over the years, I figured you'd be the furthest thing from a LotusScript purist. I can't get it to do my job for me without liberal and judicious abuse and misuse. I suppose my LS function from years ago that wrote a vbs file for some bailing-wire automation would receive a level stare from you. ;-)
Not to wax apologist, but you know using Evaluate in some circumstances can yield substantial performance benefits... LS2J instances should always be kept to a minimum though or you're just begging for sluggishness.
Reply
If using the whole alphabet trick hadn't worked then I'd have "happily" gone for the Evaluate method instead. I just try to avoid it unless completely necessary and all avenues have been exhausted. It feels awkward and cumbersome having to dim the variant and all that malarkey.
Performance is very rarely an issue in most things that I work on.
Reply
I've done quite a bit of performance testing, and found that in a majority of cases evaluate() is faster (by far) than doing the same thing in Lotuscript. Lotuscript is always interpreted where Evaluate() calls a formula language processing api which is compiled. In one test case, I compared @password() for creating hash to an actual lotuscript written hash algorithm, and the rest was hundreds of times faster in evaluate.
Another advantage, as in this case, is that you increase the chances of a bug (yours or lotus's) that would result in your two code paths having a different result when you need to perform the same routine in both languages. Less code == better code.
Reply
actually - evaluate() and @Eval can be very very useful if you want to be able to modify your rules in *one* place without having to modify the code in several places and if you want to be sure that the exact same code is executed (which is perhaps preferred and a bit beautiful in a situation like this? (keep the rules in one place)) imho at least.
Just store your @Formula expression in a doc, retrieve it from the executing code and run it via @eval/evaluate().
my 2...
Reply
LOL. You just found the right words for what I always thought. :-)
Anyway, there's one thing I find much more annoying when working with "real" (read: DD entry) user registration attempts. I never know when and if Domino will really pick up the account and in particular any group memberships.
Maybe it's only me, but to date I have not found a reliable way to send out a notification message to the new registered users at a point in time, where I can be absolutely sure, that the new account is fully functional. If you have available any magic tricks here, let it flow.
Reply
In the past customers of mine have settled for emails sent out immediately which are worded along the following lines:
"Your account has now been created and your password is &*^^%^. If at first you can't login please allow 10 minutes for our systems to update."
Not ideal, but it works.
Jake
Reply
Hi Jake, You need to love Notes, I am not gonna tell you how many hours I wasted in that other M.... world ;-) where you needs A4 pages of code while the @formula is just within a page rule length.
LOVE NOTES
Reply