|
Posted by Mike Willbanks on 12/23/05 02:47
> I ran across this code, and it kind of made me nervous: (as an email
> validator)
>
> if ( !preg_match("/.*\@.*\..*/", $_POST['email']) | preg_match("/(\)/",
> $_POST['email']) )
>
> 1) from bitwise experience with "C", I was not at all comforable with
> !preg_match()
> The manual is not clear about using ! with a non-boolean value.
> When using !($var) is ($var) converted to a boolean value, before
> doing the NOT oper ?
Basically as long as that function does not return false it acts as if
it is valid so therefore it is okay.
Although there is an error after the first preg match the single pipe
should be a double pipe.
> 2) I believe the 2nd use of preg_match was the one that caused a
> REGEX compilation error.
> Warning: preg_match() [function.preg-match]: Compilation failed:
> missing ) at offset 3 in ..
Why would you want to use that regular expression anyhow? It is not
very well tailored. A better one might be:
if(preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/"
, $email)) { ... }
You can also do validation techniques like getting the MX record and
pinging the mail server to see if it actually accepts connections as
well to help you get the integrity of the email address.
Mike
[Back to original message]
|