Check E-Mail addresses in PHP
Description:A major problem when someone submits an E-Mail address on your website is judging whether the E-Mail address is valid or not, you can find several millions of scripts on-line that can help you to validate this data. But beware! Most of them restrict E-Mail addresses too much...
Incorrect RestrictionsThe IETF (Internet Engineering Task Force) document, RFC 3696, titled “Application Techniques for Checking and Transformation of Names” by John Klensin, gives several valid e-mail addresses that are rejected by many PHP validation routines. The addresses: Azb\@ded@example.co.uk, customer/dep=sales@example.co.uk and !def!xyz%acc@example.co.uk are all valid, however scripts dont allow "\" or two "@" in an E-Mail string.
Okay so how many people in the world have an E-Mail address format such as above, well whether or not this is a popular trend does not mean you should ignore it completely, who knows how widely used these weird formats will be become in the next few years. Especially as E-Mail address name-space become more filled.
One of the more popular regular expressions found in the literature rejects all of them:
"^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)
↪*(\.[a-z]{2,3})$"
This regular expression allows only the underscore (_) and hyphen (-) characters, numbers and lower-case alphabetic characters. Even assuming a preprocessing step that converts upper-case alphabetic characters to lower-case, the expression rejects addresses with valid characters, such as the slash (/), equal sign (=), exclamation point (!) and percent (%). The expression also requires that the highest-level domain component has only two or three characters, thus rejecting valid domains, such as .museum.
Correct E-Mail ValidationBelow is a function that will better validate E-Mail addresses on your PHP scripts, it will check if they conform to RFC 3696 and will also do a DNS check to see if the email exists on record, this is the best way to validate E-Mail addresses in PHP.
/**
Validate an email address.
Provide email address (raw input)
Returns true if the email address has the email
address format and the domain exists.
*/
function validEmail($email)
{
$isValid = true;
$atIndex = strrpos($email, "@");
if (is_bool($atIndex) && !$atIndex)
{
$isValid = false;
}
else
{
$domain = substr($email, $atIndex+1);
$local = substr($email, 0, $atIndex);
$localLen = strlen($local);
$domainLen = strlen($domain);
if ($localLen < 1 || $localLen > 64)
{
// local part length exceeded
$isValid = false;
}
else if ($domainLen < 1 || $domainLen > 255)
{
// domain part length exceeded
$isValid = false;
}
else if ($local[0] == '.' || $local[$localLen-1] == '.')
{
// local part starts or ends with '.'
$isValid = false;
}
else if (preg_match('/\\.\\./', $local))
{
// local part has two consecutive dots
$isValid = false;
}
else if (!preg_match('/^[A-Za-z0-9\\-\\.]+$/', $domain))
{
// character not valid in domain part
$isValid = false;
}
else if (preg_match('/\\.\\./', $domain))
{
// domain part has two consecutive dots
$isValid = false;
}
else if
(!preg_match('/^(\\\\.|[A-Za-z0-9!#%&`_=\\/$\'*+?^{}|~.-])+$/',
str_replace("\\\\","",$local)))
{
// character not valid in local part unless
// local part is quoted
if (!preg_match('/^"(\\\\"|[^"])+"$/',
str_replace("\\\\","",$local)))
{
$isValid = false;
}
}
if ($isValid && !(checkdnsrr($domain,"MX") ||
↪checkdnsrr($domain,"A")))
{
// domain not found in DNS
$isValid = false;
}
}
return $isValid;
}
Article adapted from: http://www.linuxjournal.com/article/9585?page=0,3
