I am using this regex for email validation in php (based on here)
^[_A-Za-z0-9-\\+]+(\\.[_A-Za-z0-9-]+)*#[A-Za-z0-9-]+(\\.[A-Za-z0-9]+)*(\\.[A-Za-z]{2,})$;
My question is how can I validate input that is a list of emails separated by a delimiter.
Let's say delimiter is "," or ";" or ", " or "; ".
I suppose i should add something like that
(\s*(;|,)\s*|\s*$)
but it doesn't work...
Validating an email for real is better done by a module than a short regex. See http://www.ex-parrot.com/pdw/Mail-RFC822-Address.html
But fortunately, php have a validator :
<?php
$email_a = 'joe#example.com';
$email_b = 'bogus';
if (filter_var($email_a, FILTER_VALIDATE_EMAIL)) {
echo "This (email_a) email address is considered valid.";
}
if (filter_var($email_b, FILTER_VALIDATE_EMAIL)) {
echo "This (email_b) email address is considered valid.";
}
?>
See http://php.net/manual/en/filter.examples.validation.php
Dont use regex to validate emails, PHP has a function for this filter_var():
$email = 'joe#example.com';
if (filter_var($email, FILTER_VALIDATE_EMAIL)) {
//valid
}else{
//not
}
You can adapt this code and use explode(',',$email) to validate multiple emails.
At the risk of giving you an answer you can't use if you're only accepting a pure regex solution, for a few reasons I would recommend using explode with your delimiter and proceed to iterate over the array and validate each email in turn:
Your regex and the code handling it will be simplified.
Your regex will only have to handle the general use case of emails and can be a general re-usable operation any time you need to validate an email address. It will also be simple to swap the regexp operation out for a call to a library meant for email validation, or any other custom validator.
It will be easier to handle possible related necessities, like indicating in your output which email failed to validate, or accepting all addresses which validated and discarding those that didn't.
Related
I am getting started with PHP and i've been given a task where I have to basically send e-mails in code. The part of getting the different parts of the e-mails is already done, but now I want to be sure that the given e-mail address is actually an e-mail address.
Question: How can I validate the data inside a string in PHP?
Thanks in advance!
Please don't use regex, use the validation filters that's what they are built for.
Use Preg Match
$regexp = "/^[_a-z0-9-A-Z]+(\.[_a-z0-9-A-Z]+)*#[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$/";
if(!preg_match($regexp, $email)){
$flag = false;
}else{
$flag = true;
}
Looking to create a form validation on email text field.
Have previously used validation to ensure correct email is produced.
But here looking to create a more custom rule which allows only emails ending in the format .ac.uk
Here a user would be able to provide any university/college/instituion as long as the last 6 characters in the string = .ac.uk with the general format for the mail as follows: email#university.ac.uk
Solution preferably in PHP, currently looking at employing a rule using the end part in this statement:
^[_a-z0-9-]+(\.[_a-z0-9-]+)*#[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$
Making this part *(\.[a-z]{2,3}) relate to the .ac.uk
many thanks, much appreciated
Jeanclaude
I would first run the email through filter_var($email, FILTER_VALIDATE_EMAIL) rather than using a simple regex. It's not perfect (I've found a few edge cases that don't validate correctly) but it works well. Once you know it's a valid email address you can simply trust substr($email, -6) == '.ac.uk' and be done with it. Something like:
if (filter_var($email, FILTER_VALIDATE_EMAIL)
&& strtolower(substr(trim($email), -6))) === '.ac.uk') {
// Valid
}
This would be a bit easier if I was able to use PHP 5 unfortunately this is not a viable option?
I am already using RFC 2822 from this stackoverflow thread to validate the e-mail format is valid, granted this is using JS on the form page which is not the best practice.
I will again verify it conforms to this format before saving it but I was wondering if there were any methods that should be used to help prevent SQL injection?
Wrong way - "Never trust user input"!
First be sure the data is in the format you want, then query database.
So first, check if $_POST[email_address] is in a valid email format, e.g. with regex. Only if it is in a valid email format, you query the database.
Code for email regex (PHP):
<?php
$email = "test#test.com";
if(eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*#[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email)) {
echo "Email is valid.";
}
else {
echo "Email in invalid.";
}
?>
use mysql_real_escape_string() on the input after you've validated its an email you should really be using that function on all your inputs that are going into the database.
I'm creating a form in PHP that contains a field called email where the user needs to enter his/her email ID. In order to ensure that the mail ID entered is authentic in terms of syntax (eg. username_123#domain.com is valid) I need to append some kind of validation to it. I find the situation quite nebulous as I don't understand how to check if the mail ID entered contains an # symbol etc. Kindly help. Thanks. :)
Best solution is to just do:
if (filter_var($email, FILTER_VALIDATE_EMAIL)) {
...
}
and let PHP handle the heavy work for you. Otherwise, if you want to be strictly correct and use a regex directly yourself, you'll be stuck with this monstrosity:
(?:[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*|"(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21\x23-\x5b\x5d-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])*")#(?:(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?|\[(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?|[a-z0-9-]*[a-z0-9]:(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21-\x5a\x53-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])+)\])
for strict RFC2822 compliance.
First you need to define valid e-mail.
There are different approaches to this depending on how important is this validation to you.
Some folks use crazy by-the-RFC regexps.
Another extreme is save anything user entered and later try sending confirmation e-mail to that address. No confirmation = bad e-mail.
You'll probably want something in between: make sure there's an # in the middle, for example:
$email_arr = explode('#', $email);
if (sizeof($email_arr) !== 2 || $email_arr[0] == '' || $email_arr[1] == '')
... // definitely not valid
UPD: Marc B nailed it with filter_var($email, FILTER_VALIDATE_EMAIL)
That's probably the best way.
You can use regex to validate the format:
<?php
$email = "someone#example.com"; // or perhaps $_POST['email'];
if(eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*#[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email)) {
echo "Valid email address.";
}
else {
echo "Invalid email address.";
}
?>
http://php.net/manual/en/function.eregi.php
From my own code:
if( !preg_match( "(^[_a-z0-9-]+(\.[_a-z0-9-]+)*#[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$)i", $email))
echo "E-mail address invalid";
A very small number of legitimate addresses may fail, such as anything #example.info, and any email address that uses unusual characters, but for the most part this works nicely.
I want to know that is there a way to know that the email id entered by the user is correct or not!
Like if the user enters email address shows Incorrect email entered! but if the user enters emailid#gmail.com shows Correct email entered!
Please help me out!
Thanks in advance!
Use preg_match function or ereg function and email regular expression
//$checkvalue contains your value to be matched
if (!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*#[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $checkvalue))
{
echo "invalid email address";
}
else{
echo "valid email address";
}
You can check out this thread for a regex and function with a full explaination.
Use regular expression to check if the format of the email provided complies with a standard email format. If you don't know what regular expressions are, do a google search on them, they are a very powerful tool to have for any programmer. Just to get you started check out the preg_match method in PHP. Check out this link:
http://www.php.net/manual/en/function.preg-match.php