E-mail validation with preg_match - Can't understand why my e-mail address is invalid

PatrickR

Hi,

I've picked up a simple e-mail vaildation string from one of the forums which seems to work (most times)...

I've just hit a problem where it is rejecting an e-mail address and I can't see why.

The vailidation statment is....

if (preg_match("/^{(a-z0-9)(+[a-z0-9]+)?@(a-z0-9.)(a-z0-9).[a-z]{2,6}$/",} $address))
{ return true; }
else
{ return false; }

.. but it doesn't like the bit after the '@' sign to be more than 16 characters long in total which I don't get.

So
a.b@1234567890123.com is invalid whilst
a.b@123456789012.com and a.b@1234567890123.uk are both valid?

Can anyone help please?
Regards.
Patrick.

bretticus

This is an example of why I think it makes more sense to keep email validation simple. Better to get a fake email sent through than deny a customer's valid email.

For the most part, a domain name must start and end with an alphanumeric character. The dot something is probably 2-6 characters and alpha only (though that may change over time.) For now, you could do something more simple like:

if (preg_match("/^[a-z0-9][a-z0-9\.\-_]*@[a-z0-9][a-z0-9\.\-_]*[a-z0-9]\.[a-z]{2,6}$/g", $address))
{
	//validate
}

which just means user part starts alphanumeric and then optional zero or more alphanumeric with optional dots, hyphens, and underscores followed by an "at" sign (@.) The same pattern then repeats, but the last letter of the domain name must be alphanumeric and then we have our 2 to 6 letter alpha top level domain name.

If that gives you woes, you could probably just make it something very lenient like:

if (preg_match("/^[a-z0-9\.\-_]+@[a-z0-9].*\.[a-z]{2,6}$/g", $address))
{
	//validate
}

I should mention that these patterns were written quickly and are untested (although, they are probably good.)

NogDog

If using PHP 5.2.0 or later, you can use [man]filter_var/man with the FILTER_VALIDATE_EMAIL constant. (Note however that there is a bug which allows a trailing newline, so [man]trim/man the input first.)

$address = trim($address);
if(filter_var($email, FILTER_VALIDATE_EMAIL))
{
   // OK
}

If you want/need to go the regexp route, the most thorough one I've seen is at http://www.iamcal.com/publish/articles/php/parsing_email/.

PatrickR

Hi Charles,

I wasn't aware of filter_var (or the Data Filtering functionality generally) so that is good advice and something interesting to read as well - great.

I've tried it and it seems to work to a degree but the validation is very slight (probably all I need mind you) but I can't see any proper definition of what the validation routine is actually testing for .... I think it might just be a single '@' between to strings.

Thanks again.
Patrick.

PatrickR

Thanks Betticus,

That's really helpful - I'm still struggling to really understand how to the best out preg_match so your examples and explanation will really help me get to the bottom of my problem (I don't really find the php manual for easy to read for some reason (as comprehensive as it)
Thanks again and keep up the good work.
All the best.
Patrick.

NogDog

PatrickR;10879252 wrote:
Hi Charles,

I wasn't aware of filter_var (or the Data Filtering functionality generally) so that is good advice and something interesting to read as well - great.

I've tried it and it seems to work to a degree but the validation is very slight (probably all I need mind you) but I can't see any proper definition of what the validation routine is actually testing for .... I think it might just be a single '@' between to strings.

Thanks again.
Patrick.

Part of the issue may be some confusion on your part as to what is actually a "legal" email address. I ran the following test using the regex function I linked to above, using the test script that comes with it if you download it from that site. I added the filter_var() into each test iteration so I could compare the difference.

<?php

#
# RFC822 Email Parser
#
# By Cal Henderson <cal@iamcal.com>
# This code is licensed under a Creative Commons Attribution-ShareAlike 2.5 License
# http://creativecommons.org/licenses/by-sa/2.5/
#
# $Revision: 1.1 $
#

##################################################################################

function is_valid_email_address($email){

	$qtext = '[^\\x0d\\x22\\x5c\\x80-\\xff]';

	$dtext = '[^\\x0d\\x5b-\\x5d\\x80-\\xff]';

	$atom = '[^\\x00-\\x20\\x22\\x28\\x29\\x2c\\x2e\\x3a-\\x3c'.
		'\\x3e\\x40\\x5b-\\x5d\\x7f-\\xff]+';

	$quoted_pair = '\\x5c[\\x00-\\x7f]';

	$domain_literal = "\\x5b($dtext|$quoted_pair)*\\x5d";

	$quoted_string = "\\x22($qtext|$quoted_pair)*\\x22";

	$domain_ref = $atom;

	$sub_domain = "($domain_ref|$domain_literal)";

	$word = "($atom|$quoted_string)";

	$domain = "$sub_domain(\\x2e$sub_domain)*";

	$local_part = "$word(\\x2e$word)*";

	$addr_spec = "$local_part\\x40$domain";

	return preg_match("!^$addr_spec$!", $email) ? 1 : 0;
}

##################################################################################

function test($email){

	echo "<tr><td>".HtmlEntities($email)."</td>";
	echo "<td>".(is_valid_email_address($email)?'Yes':'No')."</td>";
  echo "<td>".(filter_var($email, FILTER_VALIDATE_EMAIL)?'Yes':'No')."</tr>\n";
}

##################################################################################

?>

<table border="1">
	<tr>
		<th>Input</th>
		<th>Valid?</th>
		<th>filter_var()</th>
	</tr>
<?php test('cal@iamcalx.com'); ?>
<?php test('cal+henderson@iamcalx.com'); ?>
<?php test('cal henderson@iamcalx.com'); ?>
<?php test('"cal henderson"@iamcalx.com'); ?>
<?php test('cal@iamcalx'); ?>
<?php test('cal@iamcalx com'); ?>
<?php test('cal@hello world.com'); ?>
<?php test('cal@[hello world].com'); ?>
<?php test('cal@[hello\\ world].com'); ?>
<?php test('abcdefghijklmnopqrstuvwxyz@abcdefghijklmnopqrstuvwxyz'); ?>

<?php test('woo\\ yay@example.com'); ?>
<?php test('woo\\@yay@example.com'); ?>
<?php test('woo\\.yay@example.com'); ?>

<?php test('"woo yay"@example.com'); ?>
<?php test('"woo@yay"@example.com'); ?>
<?php test('"woo.yay"@example.com'); ?>
<?php test('"woo\\"yay"@test.com'); ?>

<?php test('webstaff@redcross.org'); ?>

</table>

The results:

  Input  	          Valid?  	filter_var()
cal@iamcalx.com	Yes	Yes
cal+henderson@iamcalx.com	Yes	Yes
cal henderson@iamcalx.com	No	No
"cal henderson"@iamcalx.com	Yes	Yes
cal@iamcalx	Yes	No
cal@iamcalx com	No	No
cal@hello world.com	No	No
cal@[hello world].com	Yes	No
cal@[hello\ world].com	Yes	No
abcdefghijklmnopqrstuvwxyz@abcdefghijklmnopqrstuvwxyz	Yes	No
woo\ yay@example.com	No	No
woo\@yay@example.com	No	No
woo\.yay@example.com	No	No
"woo yay"@example.com	Yes	Yes
"woo@yay"@example.com	Yes	Yes
"woo.yay"@example.com	Yes	Yes
"woo\"yay"@test.com	Yes	No
webstaff@redcross.org	Yes	Yes

Within those test cases, filter_var() does not allow any address that is rejected by the regex function, but it does disallow some that the regex allows. Frankly, I'd put my money on the regexp function unless/until I see something to convince me otherwise.

Weedpacket

Just as a heads-up, ICANN recently voted to open up the TLD namespace. You can have domain names that end with anythingyouwant as long as you're prepared to host the name resolution servers.