$pattern = "^([.a-z0-9_-]+)*@(([a-z0-9_-])+(\.[a-z]))";
if(eregi($pattern,$email,$matches)){echo "email-PASSED";}else{echo "email-FAILED";}

1. Is $pattern above sufficient to make sure that the email is valid and my form doesn't get hacked?
2. Will it disallow any valid emails?

    Try this one, I found this on the PHP page for eregi a while ago:

    $regex =
  '^'.
  '[_a-z0-9-]+'.        /* One or more underscore, alphanumeric,
                           or hyphen charactures. */
  '(\.[_a-z0-9-]+)*'.  /* Followed by zero or more sets consisting
                           of a period and one or more underscore,
                           alphanumeric, or hyphen charactures. */
  '@'.                  /* Followed by an "at" characture. */
  '[a-z0-9-]+'.        /* Followed by one or more alphanumeric
                           or hyphen charactures. */
  '(\.[a-z0-9-]{2,})+'. /* Followed by one or more sets consisting
                           of a period and two or more alphanumeric
                           or hyphen charactures. */
  '$';

      From a REGEX syntax manual:

      $ (dollar)

      Description:
      Matches at the end of the string the regex pattern is applied to. Matches a position rather than a character. Most regex flavors have an option to make the dollar match before line breaks (i.e. at the end of a line in a file) as well. Also matches before the very last line break if the string ends with a line break.

      Example:
      .$ matches f in abc\ndef. Also matches c in "multi-line" mode.

        This is my option:

        function validMail($email)
{
	return ereg("^[^@ ]+@[^@ ]+\.[^@ \.]+$", $email);
}

        Regards,

          Write a Reply...