I'm trying to figure out what the password requirements are for a custom CMS i'm using. I found the piece of code that checks the passwords. From what I can see are these the correct requirements? 7 - 20 Characters, aZ and 0-9 characters acceptable.
if (!preg_match("/^.*(?=.{7,20})(((?=.*[0-9])(?=.*[A-Z])(?=.*[^a-zA-Z0-9]))|((?=.*[a-z])(?=.*[A-Z])(?=.*[^a-zA-Z0-9]))|((?=.*[a-z])(?=.*[0-9])(?=.*[^a-zA-Z0-9]))|((?=.*[a-z])(?=.*[0-9])(?=.*[A-Z]))).*$/",$password)) {
I'd recommend heading over to https://regex101.com . It has an automated tool that will parse out regex into (somewhat readable) english, and let you test candidates right in the browser.