Results 1 to 13 of 13
  1. #1

    Help with Email Validation

    Hello,

    I'm having a problem with my email validation. I'm either letting everything through or letting nothing. My code is below, the eregi() line is the only one you will really need to check. As it is now, it lets nothing through, even valid emails. If I dorp the ! in front of the function then it lets everything through (obviously).

    Anyone see whats wrong?

    Thanks in advance.

    PHP Code:
    //error check for name, password, and email
        
    if ($fname == "" || $lname == "" || $upass == "") {
            echo 
    "<b>Your name or password were not entered.  Please fill out all fields.</b><br><br>";
        } elseif (!
    eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$"$email)) {
            echo 
    "<b>Your email was entered incorrectly.  Please provide a valid email.</b><br><br>";
        } else {
            
    //verify the user email isn't already registered
            
    $query "SELECT * FROM users";
            
    $result mysql_query($query) or die("Invalid query: " mysql_error());
            
            
    //assume it does not exist
            
    $exists 0;
            while (
    $row mysql_fetch_array($result)) {
                
    //if it does exist
                
    if ($row['uemail'] == $uemail) {
                    
    $exists 1;
                }
            }
            
            
    //if it does not exist, then we're good
            
    if (!$exists) {        
                
    $badData 0;
            } else {
                echo 
    "<b>Your email is already registered with us.</b><br><br>";
            }
        } 

  2. #2
    I don't really like debugging regex's, but here's one I use that you can feel free to steal:

    PHP Code:
        function check_email($email)
        {
            
    # This function call will break RFC specs, but this is a web app and people with email
            # addresses funky enough to have characters that are dangerous to display in a webpage
            # can bite my shiny metal ***
            
    if( !check_string$email1255 ) )
                return 
    FALSE;
            
            
    # First, we check that there's one @ symbol, and that the lengths are right
            
    if (!ereg("[^@]{1,64}@[^@]{1,255}"$email)) {
                
    # Email invalid because wrong number of characters in one section, or wrong number of @ symbols.
                
    return false;
            }
            
            
    # Split it into sections to make life easier
            
    $email_array explode("@"$email);
            
    $local_array explode("."$email_array[0]);
            for (
    $i 0$i sizeof($local_array); $i++) {
                if (!
    ereg("^(([A-Za-z0-9!#$%&'*+/=?^_`{|}~-][A-Za-z0-9!#$%&'*+/=?^_`{|}~\.-]{0,63})|(\"[^(\\|\")]{0,62}\"))$"$local_array[$i])) {
                    return 
    false;
                }
            }
            
            if (!
    ereg("^\[?[0-9\.]+\]?$"$email_array[1])) { # Check if domain is IP. If not, it should be valid domain name
                
    $domain_array explode("."$email_array[1]);
                if (
    sizeof($domain_array) < 2) {
                    return 
    false# Not enough parts to domain
                
    }
                for (
    $i 0$i sizeof($domain_array); $i++) {
                    if (!
    ereg("^(([A-Za-z0-9][A-Za-z0-9-]{0,61}[A-Za-z0-9])|([A-Za-z0-9]+))$"$domain_array[$i])) {
                        return 
    false;
                    }
                }
            }
            
            return 
    TRUE;
        } 

  3. #3
    There are plenty of email regexps at regexlib.com

    http://www.regexlib.com/DisplayPatterns.aspx

    Also - while on the subject of form validation, take a look at the Stratgy pattern example on phppatterns.com - could make your life a bit easier - especially when you get into very compelx forms with lots of validation rules.

  4. #4
    Originally posted by mpeacock
    There are plenty of email regexps at regexlib.com

    http://www.regexlib.com/DisplayPatterns.aspx

    Also - while on the subject of form validation, take a look at the Stratgy pattern example on phppatterns.com - could make your life a bit easier - especially when you get into very compelx forms with lots of validation rules.
    This is definitely good advice. Designing reusable and extensible classes now might take longer, but will save you an obscene amount of time in the long run.

    But... test any regex's you get from regexlib. They can be quite flawed occasionally. A good way of testing regex's is the windows software "The Regex Coach" (just google it)

  5. #5
    Thanks for the tips guys, very helpful. I'll try them out tonight.

  6. #6
    Originally posted by altano
    But... test any regex's you get from regexlib. They can be quite flawed occasionally. A good way of testing regex's is the windows software "The Regex Coach" (just google it)
    That's also good advice. I'd extend it a bit and say that you should test all code you plan on using in your production environment - especially code obtained from free services. You're the one who's business reputation could hang in the balance if there's an unchecked bug.

    Cheers, Michael

  7. #7
    Join Date
    Mar 2004
    Location
    USA
    Posts
    4,342
    One line function:

    PHP Code:
    <?php
    function is_valid_email($string) { 
        return 
    preg_match('/^[.\w-]+@([\w-]+\.)+[a-zA-Z]{2,6}$/'$string); 
    ?>

    Source

    Peace,
    Testing 1.. Testing 1..2.. Testing 1..2..3...

  8. #8
    Join Date
    Mar 2004
    Posts
    1,301
    Originally posted by azizny
    One line function:

    PHP Code:
    <?php
    function is_valid_email($string) { 
        return 
    preg_match('/^[.\w-]+@([\w-]+\.)+[a-zA-Z]{2,6}$/'$string); 
    ?>

    Source

    Peace,
    it's not a good one.

    testing,[email protected] is a valid email ... is it?

    here is a good one. It does the following:
    - first, check the syntax of the email address
    -second, nice one: it checks if the domain of the email can receive email using function getmxrr()

    PHP Code:
    function validate_email($email)
    {

       
    // Create the syntactical validation regular expression
       
    $regexp "^([_a-z0-9-]+)(\.[_a-z0-9-]+)*@([a-z0-9-]+)(\.[a-z0-9-]+)*(\.[a-z]{2,4})$";

       
    // Presume that the email is invalid
       
    $valid 0;

       
    // Validate the syntax
       
    if (eregi($regexp$email))
       {
          list(
    $username,$domaintld) = split("@",$email);
          
    // Validate the domain
          
    if (getmxrr($domaintld,$mxrecords)) {
             
    $valid 1;
          }
       } else {
          
    $valid 0;
       }

       return 
    $valid;

    }

    $email "[email protected]";

    if (
    validate_email($email))
       echo 
    "$email is valid!";
    else
       echo 
    "$email is invalid!"
    can't remember where i got it. happened to close the window.....it is a good one
    Last edited by orbitz; 05-11-2005 at 04:42 PM.

  9. #9
    getmxrr won't work on windows by default. to do so, another class which will ping/ open socket to the server needs to be built.
    everyday is deadline

  10. #10
    Join Date
    Mar 2004
    Location
    USA
    Posts
    4,342

    Arrow

    Originally posted by orbitz
    it's not a good one.

    testing,[email protected] is a valid email ... is it?
    Nope its not a valid email, and the above function also catches that..

    btw, that function was extracted from php.net itself..

    Peace,
    Testing 1.. Testing 1..2.. Testing 1..2..3...

  11. #11
    Join Date
    Mar 2004
    Posts
    1,301
    frankly, you anwered to that script I just copied and paste that script, and that how it answered

    i had: testing,[email protected]

    and it validated the email.

    That's why i said it is bad.

    anything coming from the source..doesn't mean it is always correct. You should run the script and see for yourself.
    Last edited by orbitz; 05-11-2005 at 11:01 PM.

  12. #12
    PHP Code:
    <?php 
    function is_valid_email($string) { 
        return 
    preg_match('/^[.w-]+@([w-]+.)+[a-zA-Z]{2,6}$/'$string); 
    ?>
    maybe the author forgot to escape the dot. it should be rewritten as:
    PHP Code:
    <?php 
    function is_valid_email($string) { 
        return 
    preg_match('/^[\.w-]+@([w-]+\.)+[a-zA-Z]{2,6}$/'$string); 
    ?>
    and testing,[email protected] will be evaluated as invalid email.

    anyway, according to rfc 822, [email protected] is a valid email address. anyway, you may also take a look at rfc 2821 (section 3.4.1) and consider such form as invalid email address.
    everyday is deadline

  13. #13
    edit: rediscover vb 2.x bug. the dot (.) should be replaced with backslash dot (\ .). somehow, vbulletin parsed the php code (this is a known bug of vbulletin actually. don't know if someone cares to fix).

    sorry, too late to realize. no chance to edit the post
    everyday is deadline

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •