Email Validation

Any questions involving matching text strings to patterns - the pattern is called a "regular expression."

Moderator: General Moderators

Post Reply
Jim_Bo
Forum Contributor
Posts: 390
Joined: Sat Oct 02, 2004 3:04 pm

Email Validation

Post by Jim_Bo »

Hi,

Is this good code for email validation:

Code: Select all

if (!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $_POST['email'])) {
	$error_msg = '<center><b>Invalid email address</b></center>';
}

Thanks
User avatar
Chris Corbyn
Breakbeat Nuttzer
Posts: 13098
Joined: Wed Mar 24, 2004 7:57 am
Location: Melbourne, Australia

Post by Chris Corbyn »

Moved to regex :wink:
Jim_Bo
Forum Contributor
Posts: 390
Joined: Sat Oct 02, 2004 3:04 pm

Post by Jim_Bo »

Ok .. didnt see that topic
User avatar
jayshields
DevNet Resident
Posts: 1912
Joined: Mon Aug 22, 2005 12:11 pm
Location: Leeds/Manchester, England

Post by jayshields »

I presume it's easier for you to implement and test the code rather than ask someone else to look at it/test it themselves.

Why don't you try some emails in it and maybe try to fool it, if it fails on something, ask us how to improve it given the test that failed?

Also, check out some comments on php.net regex functions pages, there are some good snippets in there and some decent page links.
timvw
DevNet Master
Posts: 4897
Joined: Mon Jan 19, 2004 11:11 pm
Location: Leuven, Belgium

Post by timvw »

The regular expression wouldn't work well if my e-mail address were mail@timvw.info...
A better implementation: http://www.iamcal.com/publish/articles/ ... ing_email/
User avatar
raghavan20
DevNet Resident
Posts: 1451
Joined: Sat Jun 11, 2005 6:57 am
Location: London, UK
Contact:

Post by raghavan20 »

try mine
User avatar
seodevhead
Forum Regular
Posts: 705
Joined: Sat Oct 08, 2005 8:18 pm
Location: Windermere, FL

Post by seodevhead »

I am looking at TimV's suggestion for an email regex. ( http://www.iamcal.com/publish/articles/ ... ing_email/ )

I am currently testing it and am seeing that it accepts a lot of invalid email addresses, eventhough it is not supposed to. In fact, after a little searching, I found these pages on the website that state what the regex considers valid and invalid. Check out the results:

http://code.iamcal.com/php/rfc822/rfc2822.php
and
http://code.iamcal.com/php/rfc822/rfc2822.php

I mean seriously, how can 'cal@iamcalx' be considered a valid email address? I don't understand this function at all. Perhaps I am missing something. Any help would be greatly appreciated! Thanks.
User avatar
shiznatix
DevNet Master
Posts: 2745
Joined: Tue Dec 28, 2004 5:57 pm
Location: Tallinn, Estonia
Contact:

Post by shiznatix »

if i am not mistaken, cal@imcalx is a valid email address. I searched and could not find the link but somtin like
"natix rocks"@somthing
is a actual valid email address.
User avatar
raghavan20
DevNet Resident
Posts: 1451
Joined: Sat Jun 11, 2005 6:57 am
Location: London, UK
Contact:

Post by raghavan20 »

now-a-days more companies are stressing to not validate on last part of email address after the @ symbol owing to the probability of disallowing some unknown valid email addresses.

Recently, when I checked with wikipedia, this is what I got,
According to RFC 2822, the local-part of the e-mail may use any of these ASCII characters:

Uppercase and lowercase letters
The digits 0 through 9
The characters "!", "#", "$", "%", "&", "'", "*", "+", "-", "/", "=", "?", "^", "_", "`", "{", "|", "}", "~"
The character "." provided that it is not the first or last character in the local-part.
Roja
Tutorials Group
Posts: 2692
Joined: Sun Jan 04, 2004 10:30 pm

Post by Roja »

seodevhead wrote:I am currently testing it and am seeing that it accepts a lot of invalid email addresses, eventhough it is not supposed to.
You are confusing valid (according to the RFC) email addresses with accurate and working - there is a very significant difference.
seodevhead wrote:I mean seriously, how can 'cal@iamcalx' be considered a valid email address? I don't understand this function at all. Perhaps I am missing something. Any help would be greatly appreciated! Thanks.
If you are at my house, and you ping my router (named "Evil"), you get:

PING evil.incarnate (127.0.0.1) 56(84) bytes of data.
64 bytes from evil.incarnate (127.0.0.1): icmp_seq=0 ttl=64 time=0.094 ms

Notice that evil has become evil.incarnate. Similarly, cal@iamcalx can be absolutely valid, accurate, and even working. If my local mailserver was named iamcalx.incarnate, it would get to that mailserver, and deliver it to the user ("cal") on that server.

Email validators don't try to (and cannot) check if an email is real. They check if it complies with the format specified by the RFC's.

If you are wondering why they cannot, think of it as a spammer. If there was a 100% reliable way to detect a real email, we'd get 100x as much spam (if not more).

Validators are meant to reduce the number of invalid emails you send to a user. In my projects, I use an RFC validator ( http://svn.gna.org/viewcvs/blacknova/tr ... iew=markup ), but then I use that email address to send an email containing a code. Without the code, the account is invalid. That way, we've reduced the number of false emails sent from my server, and we've validated the email account (they received the email!).
pennythetuff
Forum Newbie
Posts: 22
Joined: Sun Feb 19, 2006 6:05 pm
Location: Kokomo, Indiana

Post by pennythetuff »

I've been using Roja's script for quite some time now and I've never had any problems. It's probably best to go with an RFC compliant script.
Post Reply