I'm creating a form in PHP that contains a field called email where the user needs to enter his/her email ID. In order to ensure that the mail ID entered is authentic in terms of syntax (eg. [email protected] is valid) I need to append some kind of validation to it. I find the situation quite nebulous as I don't understand how to check if the mail ID entered contains an @ symbol etc. Kindly help. Thanks. :)
-
2Possible duplicate of stackoverflow.com/questions/201323/….Rusty Fausak– Rusty Fausak2011-09-22 18:54:58 +00:00Commented Sep 22, 2011 at 18:54
Add a comment
|
4 Answers
Best solution is to just do:
if (filter_var($email, FILTER_VALIDATE_EMAIL)) {
...
}
and let PHP handle the heavy work for you. Otherwise, if you want to be strictly correct and use a regex directly yourself, you'll be stuck with this monstrosity:
(?:[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*|"(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21\x23-\x5b\x5d-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])*")@(?:(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?|\[(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?|[a-z0-9-]*[a-z0-9]:(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21-\x5a\x53-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])+)\])
for strict RFC2822 compliance.
1 Comment
martinstoeckli
Yes, that's the way to go! And should you feel uncomfortable with emails missing a toplevel domain (localhost is valid), then you can additionally check for a 2-4 character domain with
preg_match('/\.[A-Z]{2,4}$/i', $email).First you need to define valid e-mail.
There are different approaches to this depending on how important is this validation to you.
Some folks use crazy by-the-RFC regexps.
Another extreme is save anything user entered and later try sending confirmation e-mail to that address. No confirmation = bad e-mail.
You'll probably want something in between: make sure there's an @ in the middle, for example:
$email_arr = explode('@', $email);
if (sizeof($email_arr) !== 2 || $email_arr[0] == '' || $email_arr[1] == '')
... // definitely not valid
UPD: Marc B nailed it with filter_var($email, FILTER_VALIDATE_EMAIL)
That's probably the best way.
answered Sep 22, 2011 at 18:53
Stanislav Shabalin
19.3k3 gold badges20 silver badges18 bronze badges
Comments
You can use regex to validate the format:
<?php
$email = "[email protected]"; // or perhaps $_POST['email'];
if(eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email)) {
echo "Valid email address.";
}
else {
echo "Invalid email address.";
}
?>
1 Comment
mario
Also a pretty dull email regex, failing many valid addresses. Do not copy and paste this.
From my own code:
if( !preg_match( "(^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$)i", $email))
echo "E-mail address invalid";
A very small number of legitimate addresses may fail, such as anything @example.info, and any email address that uses unusual characters, but for the most part this works nicely.
answered Sep 22, 2011 at 18:49
Niet the Dark Absol
326k86 gold badges480 silver badges604 bronze badges
3 Comments
mario
Awful regex. It will even fail for
+ plus signs in addresses. Please do not distribute further.
Niet the Dark Absol
I have never once seen anyone with a
+ sign in their email address.mario
Every gmail user can use them. Very probable tool for spam filtering. And it's pretty telling whenever a site does not accept it. Mostly incompetence though. Also that's why the
-1