[RESOLVED] Where could I find a script that validates an email address when users register?

Smudly

I'm trying to create a professional script that validates that an email typed in a text field by the user when they are registering, is an actual email address. So, if the email address is missing the @ sign or doesn't meet the typical parameters that an email should have, it will not pass and the user will have to type in a valid email address. This is pretty advanced for me. Any scripts you guys use that you would like to share? Or, where could I find a script that does something like this?

dagon

if(!filter_var($email, FILTER_VALIDATE_EMAIL))
  {
  echo "E-mail is not valid";
  }
else
  {
  echo "E-mail is valid";
  }

NogDog

Dagon's suggestion is probably sufficient, and should be quite efficient, and probably what I would do in most cases. But if you need to strictly validate the email address per the applicable protocols, I would suggest: http://www.iamcal.com/publish/articles/php/parsing_email/ .

Smudly

I'm having some troubles with my email validator. When I hit submit, I keep getting the error "Enter a Valid Email", even if the email address is valid. There is something wrong with my structure but I can't figure it out. The area that is having trouble is:

    //////////// Email Validation ////////////
function validEmail($email)
{
   $isValid = true;
   $atIndex = strrpos($email, "@");
   if (is_bool($atIndex) && !$atIndex)
   {
      $isValid = false;
   }
   else
   {
      $domain = substr($email, $atIndex+1);
      $local = substr($email, 0, $atIndex);
      $localLen = strlen($local);
      $domainLen = strlen($domain);
      if ($localLen < 1 || $localLen > 64)
      {
         // local part length exceeded
         $isValid = false;
      }
      else if ($domainLen < 1 || $domainLen > 255)
      {
         // domain part length exceeded
         $isValid = false;
      }
      else if ($local[0] == '.' || $local[$localLen-1] == '.')
      {
         // local part starts or ends with '.'
         $isValid = false;
      }
      else if (preg_match('/\\.\\./', $local))
      {
         // local part has two consecutive dots
         $isValid = false;
      }
      else if (!preg_match('/^[A-Za-z0-9\\-\\.]+$/', $domain))
      {
         // character not valid in domain part
         $isValid = false;
      }
      else if (preg_match('/\\.\\./', $domain))
      {
         // domain part has two consecutive dots
         $isValid = false;
      }
      else if
(!preg_match('/^(\\\\.|[A-Za-z0-9!#%&`_=\\/$\'*+?^{}|~.-])+$/',
                 str_replace("\\\\","",$local)))
      {
         // character not valid in local part unless
         // local part is quoted
         if (!preg_match('/^"(\\\\"|[^"])+"$/',
             str_replace("\\\\","",$local)))
         {
            $isValid = false;
         }
      }
      if ($isValid && !(checkdnsrr($domain,"MX") || checkdnsrr($domain,"A")))
      {
         // domain not found in DNS
         $isValid = false;
      }
   }
   return $isValid;
}

    if (validEmail($email)==false){
    $proerror = "Enter a Valid Email";
}
else{
//////////// End Email Validation /////////

$update = "UPDATE `users` SET `fname`='$fnamenew', `lname`='$lnamenew', `email`='$emailnew' WHERE `username`='$username'";
mysql_query($update);
$success = "Success!";
}

And here is my entire code:

<?php
session_start();
if (isset($_SESSION['username'])){

include('inc/connect.php');



$username = isset($_SESSION['username']) ? $_SESSION['username'] : '';

$edit = (isset($_POST['edit']));
$passchange = (isset($_POST['passchange']));

if (!empty($username))
{
    //if user is logged in

$sql = mysql_query("SELECT * FROM `users` WHERE `username`='$username'");
$row = mysql_fetch_assoc($sql);

$dbfname = $row['fname'];
$dblname = $row['lname'];
$dbemail = $row['email'];
$dbpassword = $row['password'];
$passcapture = $_POST['password'];
$password = md5($passcapture);

$error = "";
$proerror = "";

if ($edit)
{

    $fnamenew = mysql_real_escape_string(strtolower(strip_tags($_POST['fname'])));
    $lnamenew = mysql_real_escape_string(strtolower(strip_tags($_POST['lname'])));
    $emailnew = mysql_real_escape_string(strip_tags($_POST['email']));




//////////// Email Validation ////////////
function validEmail($email)
{
   $isValid = true;
   $atIndex = strrpos($email, "@");
   if (is_bool($atIndex) && !$atIndex)
   {
      $isValid = false;
   }
   else
   {
      $domain = substr($email, $atIndex+1);
      $local = substr($email, 0, $atIndex);
      $localLen = strlen($local);
      $domainLen = strlen($domain);
      if ($localLen < 1 || $localLen > 64)
      {
         // local part length exceeded
         $isValid = false;
      }
      else if ($domainLen < 1 || $domainLen > 255)
      {
         // domain part length exceeded
         $isValid = false;
      }
      else if ($local[0] == '.' || $local[$localLen-1] == '.')
      {
         // local part starts or ends with '.'
         $isValid = false;
      }
      else if (preg_match('/\\.\\./', $local))
      {
         // local part has two consecutive dots
         $isValid = false;
      }
      else if (!preg_match('/^[A-Za-z0-9\\-\\.]+$/', $domain))
      {
         // character not valid in domain part
         $isValid = false;
      }
      else if (preg_match('/\\.\\./', $domain))
      {
         // domain part has two consecutive dots
         $isValid = false;
      }
      else if
(!preg_match('/^(\\\\.|[A-Za-z0-9!#%&`_=\\/$\'*+?^{}|~.-])+$/',
                 str_replace("\\\\","",$local)))
      {
         // character not valid in local part unless
         // local part is quoted
         if (!preg_match('/^"(\\\\"|[^"])+"$/',
             str_replace("\\\\","",$local)))
         {
            $isValid = false;
         }
      }
      if ($isValid && !(checkdnsrr($domain,"MX") || checkdnsrr($domain,"A")))
      {
         // domain not found in DNS
         $isValid = false;
      }
   }
   return $isValid;
}

    if (validEmail($email)==false){
    $proerror = "Enter a Valid Email";
}
else{
//////////// End Email Validation /////////

$update = "UPDATE `users` SET `fname`='$fnamenew', `lname`='$lnamenew', `email`='$emailnew' WHERE `username`='$username'";
mysql_query($update);
$success = "Success!";
}

$dbfname = $fnamenew;
$dblname = $lnamenew;
$dbemail = $emailnew;




}

// Change Password
if ($passchange)
{
        if($password){

            if($password==$dbpassword){

                $passwordnew = $_POST['passwordnew'];
                $passwordconf = $_POST['passwordconf'];

                if (isset($passwordnew) && !empty($passwordnew)){

                    if (isset($passwordconf) && !empty($passwordconf)){
                        if (strlen($passwordnew)>=6 && strlen($passwordconf)>=6){

                            if ($passwordnew==$passwordconf){

                                $passwordnew = md5($passwordnew);

                            $passupdate = "UPDATE `users` SET `password`='$passwordnew' WHERE `username`='$username'";
                            mysql_query($passupdate);

                            $passsuccess = "Success!";

                        }
                        else{
                            $error = "Your new password does not match!";
                        }
                        }
                        else{
                            $error = "Your new password must contain at least 6 characters!";
                        }
                    }
                    else{
                        $error = "Please type in your Confirmed Password!";
                    }

                }
                else{
                    $error = "Please type in your New Password!";
                }

            }
            else{
                $error = "Invalid Password";
            }



        }
        else{
            $error = "Please type in your Password!";
        }



}

}
}
else{
    header("Location: index.php");
}
?>

<html>
<head>
<title>Profile</title>


<script type="text/javascript" language="javascript">
function inputLimiter(e,allow) {
var AllowableCharacters = '';

if (allow == 'UserNameChar'){AllowableCharacters='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';}

var k;

k=document.all?parseInt(e.keyCode): parseInt(e.which);

if (k!=13 && k!=8 && k!=0){

if ((e.ctrlKey==false) && (e.altKey==false)) {

return (AllowableCharacters.indexOf(String.fromCharCode(k))!=-1);

} else {

return true;

}

} else {

return true;

}

}

</script>
</head>
<body>
<div id="container">
<div id="profile">
    <h3 align="center">Profile</h3>
<form action="profile.php" method="POST">
    Username: <input type="text" value="<?php echo ucfirst($username); ?>" readonly="readonly"><br />
    First Name: <input type="text" maxlength="25" id="UserNameChar" onkeypress="return inputLimiter(event,'UserNameChar')" name="fname" value="<?php echo ucfirst($dbfname); ?>"><br />
    Last Name: <input type="text" maxlength="25" id="UserNameChar" onkeypress="return inputLimiter(event,'UserNameChar')" name="lname" value="<?php echo ucfirst($dblname); ?>"><br />
    Email: <input type="text" maxlength="64" name="email" value="<?php echo ucfirst($dbemail); ?>"><br />
    <div id="centerpro"><input type="submit" name="edit" value="Submit"></div>
    <div id="center"><?php echo $success, $proerror; ?></div>
</div>   

    <br />
    <br />
<div id="changepassword">
    <h3 align="center">Change Password</h3>
    Password: <input type="password" maxlength="25" name="password"><br /><br />
    New Password: <input type="password" maxlength="25" name="passwordnew"><br />
    Confirm Password: <input type="password" maxlength="25" name="passwordconf"><br />
    <div id="centerpas"><input type="submit" name="passchange" value="Change Password"></div>
    <div id="center"><?php echo $passsuccess, $error; ?></div>
</form>
</div>
</div>
</body>
</html>

bradgrafelman

        if (validEmail($email)==false){ 
        $proerror = "Enter a Valid Email";

$email is undefined.

Smudly

It always seems to be the dumbest mistakes that I check last.
Next time I'll check the less obvious ones first.

Thanks!