|
Posted by James Benson on 10/22/05 22:32
It would be nice to have a php function valid_email or something but
until then i suppose we just make do with what is available, for what I
need I use the following:-
eregi("^[a-z0-9]+([_\\.-][a-z0-9]+)*"
.."@"."([a-z0-9]+([\.-][a-z0-9]+)*)+"."\\.[a-z]{2,}"."$",$email)
Ive never had problems with it but have up to now no need for
multilanguage validation.
What is wrong with that validation anyway?
Richard Lynch wrote:
> Given:
>
> It is unacceptable to reject perfectly valid email addresses, no
> matter how arcane. [Like mine. :-)]
>
> The CORRECT RegEx for validating an email is 3 pages long, and
> performance in PHP would probably not be so good...
>
> In today's Security-conscious world, data validation is a requirement.
>
> The (relatively) recent changes in domain names that allow UTF
> (Unicode?) characters.
>
> Checking MX records is not reliable at all.
>
> Forcing users to respond to email is A) burdensome to real users in
> many cases, and B) no real barrier to halfway intelligent fake users.
>
> ... would it not make sense for there to be a BUILT-IN PHP function of
> a TRUE email syntactic validation?
>
> So at least one KNOWS that the email is a valid construct, before you
> even try (if you try at all) to make sure that a person actually
> checks it at least once in their life.
>
> Currently, email syntax validation is being done in very limited
> fashion, if not outright "wrong" by rejecting what actually ARE valid
> email addresses in about 10,000,000 PHP scripts by users who don't
> have any realistic options to truly "do it right" because who can
> really live with that 3-page Regex in their PHP code?
>
> Yes, in the past, I may have come down squarely on the opposite side
> of this topic, but I've changed my mind.
>
> I believe PHP needs a built-in syntactically CORRECT email validation
> function, vetted and tested by professionals, instead of the mess we
> now have.
>
> PLEASE do not point me to any existing email validation code unless
> you believe it is not only 100% correct and complete with RFC
> definitions of syntactically valid email. Not interested. I've
> already seen them, and been burned by them.
>
[Back to original message]
|