Helpful Information
 
 
Category: Post a PHP snippet
Validating an e-mail address

Here's a slick way of validating an email address that someone passes you through your contact form:

if (eregi('^[a-zA-Z0-9._-][email protected][a-zA-Z0-9._-]+\.([a-zA-Z]{2,4})$', $from)) {
// code to send e-mail goes here
}

I'd change a few things.


$email = trim($email);
if (preg_match('/^[a-z0-9._-][email protected][a-z0-9._-]+\.([a-z]{2,4})$/i', $email)) {
// code to send e-mail goes here
}

Still, if you use this, understand that it is not infallible.(sp?) All it does is screen out someone from typing "dga;sfgharggnjg" into the email box. [email protected] would beat the script, as would [email protected] But, this script is still great at screening out some nonsense submissions.

Dan

[email protected] would beat the script, as would [email protected] But, this script is still great at screening out some nonsense submissions.
Nope. The regular expression says that there must be two to four characters after the @ symbol and that they must be alphabetic. I have this code in place in my contact form, and both your examples don't skirt my edits.

What might be interesting is using the Validate PEAR package. I haven't tried that, but it's supposed to somehow validate the domain as well as the email address.

Nope. The regular expression says that there must be two to four characters after the @ symbol and that they must be alphabetic. I have this code in place in my contact form, and both your examples don't skirt my edits.

What might be interesting is using the Validate PEAR package. I haven't tried that, but it's supposed to somehow validate the domain as well as the email address.

Actually I believe it's 2-4 chars after the period for the TLD. [email protected] would work.

Actually I believe it's 2-4 chars after the period for the TLD. [email protected] would work.
Proving once again that I'm terrible about interpreting regular expressions. ;)

I just tested your example, and it does pass the edits in my contact form.

There also needs to be a clause written into the regex to allow an additional period and 2-4 chars for domains such as .co.uk. I wrote the clause below:


$email = trim($email);
if (preg_match('/^[a-z0-9._-][email protected][a-z0-9._-]+\.([a-z]{2,4})($|\.([a-z]{2,4})$)/i', $email)) {
// code to send e-mail goes here
}

It has worked with .co.uk before. :p

It doesn't seem like it would, as a period is not allowed and co.uk is five characters. *shrug*

It's becouse the .co matches with the "[a-z0-9._-]+" part just after the @.
From:
[email protected]
it matches like this:
[a-z0-9._-]+ => email
@ => @
[a-z0-9._-]+ => site.co
\. => .
([a-z]{2,4}) => uk

It'd probably be best to modify it to comply to RFC 2822 (http://www.faqs.org/rfcs/rfc2822), which is more or less the rules as to what is, and what isn't a valid email address. Examples are: [email protected], User <[email protected]>

It's becouse the .co matches with the "[a-z0-9._-]+" part just after the @.
From:
[email protected]
it matches like this:
[a-z0-9._-]+ => email
@ => @
[a-z0-9._-]+ => site.co
\. => .
([a-z]{2,4}) => uk

Ahh I see. My apologies.

Nope. The regular expression says that there must be two to four characters after the @ symbol and that they must be alphabetic. I have this code in place in my contact form, and both your examples don't skirt my edits.

Sorry, I misread the code.



Proving once again that I'm terrible about interpreting regular expressions.

Don't feel so bad ;)

This is the expression I use to check against email address submissions...

preg_match("/^(([^<>()[\]\\\\.,;:\[email protected]\"]+(\.[^<>()[\]\\\\.,;:\[email protected]\"]+)*)|(\"([^\"\\\\\r]|(\\\\[\w\W]))*\"))@((\[([0-9]{1,3}\.){3}[0-9]{1,3}\])|(([a-z\-0-9&#225;&#224;&#228;&#231;&#233;&#232;&#234;&#241;&#243;&#242;&#244;&#246;&#252;&#230;&#248;&#229;]+\.)+[a-z]{2,}))$/i", $_POST['email_address'])

It'd probably be best to modify it to comply to RFC 2822 (http://www.faqs.org/rfcs/rfc2822), which is more or less the rules as to what is, and what isn't a valid email address.


Fwiw…

http://www.regexlib.com/REDetails.aspx?regexp_id=711

^((?>[a-zA-Z\d!#$%&'*+\-/=?^_`{|}~]+\x20*|"((?=[\x01-\x7f])[^"\\]|\\[\x01-\x7f])*"\x20*)*(?<angle><))?((?!\.)(?>\.?[a-zA-Z\d!#$%&'*+\-/=?^_`{|}~]+)+|"((?=[\x01-\x7f])[^"\\]|\\[\x01-\x7f])*")@(((?!-)[a-zA-Z\d\-]+(?<!-)\.)+[a-zA-Z]{2,}|\[(((?(?<!\[)\.)(25[0-5]|2[0-4]\d|[01]?\d?\d)){4}|[a-zA-Z\d\-]*[a-zA-Z\d]:((?=[\x01-\x7f])[^\\\[\]]|\\[\x01-\x7f])+)\])(?(angle)>)$

http://www.regexlib.com/REDetails.aspx?regexp_id=26

^([a-zA-Z0-9_\-\.]+)@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.)|(([a-zA-Z0-9\-]+\.)+))([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$

would this work for something like [email protected]?

would this work for something like [email protected]?
I have this validation code in place on my contact form. I just tried it with your hypothetical email address, and it passed the validation.

What about

[email protected]

remember that museum is a valid top level domain.

How about

[email protected][124.56.137.21]

Using the ip address in place of the domain name is also valid.

Neither one of those email addresses passes validation using the regular expression we've been discussing in this thread. I just tried it with the contact form on my website, which has that code in it.

i dont write php but couldnt half of these regular expressions be cut down using \w (or \W, i forget which) instead of a-zA-Z0-9_










privacy (GDPR)