How to check email address entered using php? - php

I want to know that is there a way to know that the email id entered by the user is correct or not!
Like if the user enters email address shows Incorrect email entered! but if the user enters emailid#gmail.com shows Correct email entered!
Please help me out!
Thanks in advance!

Use preg_match function or ereg function and email regular expression
//$checkvalue contains your value to be matched
if (!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*#[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $checkvalue))
{
echo "invalid email address";
}
else{
echo "valid email address";
}

You can check out this thread for a regex and function with a full explaination.

Use regular expression to check if the format of the email provided complies with a standard email format. If you don't know what regular expressions are, do a google search on them, they are a very powerful tool to have for any programmer. Just to get you started check out the preg_match method in PHP. Check out this link:
http://www.php.net/manual/en/function.preg-match.php

Related

Controlling the input data in php

I am getting started with PHP and i've been given a task where I have to basically send e-mails in code. The part of getting the different parts of the e-mails is already done, but now I want to be sure that the given e-mail address is actually an e-mail address.
Question: How can I validate the data inside a string in PHP?
Thanks in advance!
Please don't use regex, use the validation filters that's what they are built for.
Use Preg Match
$regexp = "/^[_a-z0-9-A-Z]+(\.[_a-z0-9-A-Z]+)*#[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$/";
if(!preg_match($regexp, $email)){
$flag = false;
}else{
$flag = true;
}

PHP, Validate if user entered an email domain, NOT address

I was looking for this answer, but I was not able to find this exact variation.
I'm looking for the following to validate:
#1) #toysrus.com
#2) #staples.com
#3) #example.com
And the following NOT to validate:
#1) staples.com
#2) Randy#staples.com
#3) #testcom
Basically, I want to force the user to enter a valid email domain, NOT an email address. Any clue how I could go about this?
I guess alternatively ask a user for their website domain name and just append the '#' character to that, but it's more confusing. It would be easier to simply to ask the user, please enter your company email domain name.
Thanks!
You can use the regular expression to match the email domain name.
For example:
$pattern = "^#(\w)+((\.\w+)+)$";
if (preg_match($pattern,$domain))
echo "Domain name right"
"^#" means the string should start with "#"."(\w)+" match at least 1 number or letter."(.\w+)+" match at least 1 domain name,such as ".com" or ".edu.cn". "$" means the end of the string.
This can be done in a multi-stage process
$email = 'something#somedomain.com';
if(filter_var($email, FILTER_VALIDATE_EMAIL)) {
// The email is a valid format so now we check the domain
$domain = explode('#', $email);
if(getmxrr($domain[1])) {
// This is about as far as we can take it.
// The email is valid and the domain has MX records
}
}

Regex validate items with delimiter

I am using this regex for email validation in php (based on here)
^[_A-Za-z0-9-\\+]+(\\.[_A-Za-z0-9-]+)*#[A-Za-z0-9-]+(\\.[A-Za-z0-9]+)*(\\.[A-Za-z]{2,})$;
My question is how can I validate input that is a list of emails separated by a delimiter.
Let's say delimiter is "," or ";" or ", " or "; ".
I suppose i should add something like that
(\s*(;|,)\s*|\s*$)
but it doesn't work...
Validating an email for real is better done by a module than a short regex. See http://www.ex-parrot.com/pdw/Mail-RFC822-Address.html
But fortunately, php have a validator :
<?php
$email_a = 'joe#example.com';
$email_b = 'bogus';
if (filter_var($email_a, FILTER_VALIDATE_EMAIL)) {
echo "This (email_a) email address is considered valid.";
}
if (filter_var($email_b, FILTER_VALIDATE_EMAIL)) {
echo "This (email_b) email address is considered valid.";
}
?>
See http://php.net/manual/en/filter.examples.validation.php
Dont use regex to validate emails, PHP has a function for this filter_var():
$email = 'joe#example.com';
if (filter_var($email, FILTER_VALIDATE_EMAIL)) {
//valid
}else{
//not
}
You can adapt this code and use explode(',',$email) to validate multiple emails.
At the risk of giving you an answer you can't use if you're only accepting a pure regex solution, for a few reasons I would recommend using explode with your delimiter and proceed to iterate over the array and validate each email in turn:
Your regex and the code handling it will be simplified.
Your regex will only have to handle the general use case of emails and can be a general re-usable operation any time you need to validate an email address. It will also be simple to swap the regexp operation out for a call to a library meant for email validation, or any other custom validator.
It will be easier to handle possible related necessities, like indicating in your output which email failed to validate, or accepting all addresses which validated and discarding those that didn't.

How to prevent SQL injection of $_POST e-mail field using PHP 4

This would be a bit easier if I was able to use PHP 5 unfortunately this is not a viable option?
I am already using RFC 2822 from this stackoverflow thread to validate the e-mail format is valid, granted this is using JS on the form page which is not the best practice.
I will again verify it conforms to this format before saving it but I was wondering if there were any methods that should be used to help prevent SQL injection?
Wrong way - "Never trust user input"!
First be sure the data is in the format you want, then query database.
So first, check if $_POST[email_address] is in a valid email format, e.g. with regex. Only if it is in a valid email format, you query the database.
Code for email regex (PHP):
<?php
$email = "test#test.com";
if(eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*#[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email)) {
echo "Email is valid.";
}
else {
echo "Email in invalid.";
}
?>
use mysql_real_escape_string() on the input after you've validated its an email you should really be using that function on all your inputs that are going into the database.

Validating email input in form using PHP

I'm creating a form in PHP that contains a field called email where the user needs to enter his/her email ID. In order to ensure that the mail ID entered is authentic in terms of syntax (eg. username_123#domain.com is valid) I need to append some kind of validation to it. I find the situation quite nebulous as I don't understand how to check if the mail ID entered contains an # symbol etc. Kindly help. Thanks. :)
Best solution is to just do:
if (filter_var($email, FILTER_VALIDATE_EMAIL)) {
...
}
and let PHP handle the heavy work for you. Otherwise, if you want to be strictly correct and use a regex directly yourself, you'll be stuck with this monstrosity:
(?:[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*|"(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21\x23-\x5b\x5d-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])*")#(?:(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?|\[(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?|[a-z0-9-]*[a-z0-9]:(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21-\x5a\x53-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])+)\])
for strict RFC2822 compliance.
First you need to define valid e-mail.
There are different approaches to this depending on how important is this validation to you.
Some folks use crazy by-the-RFC regexps.
Another extreme is save anything user entered and later try sending confirmation e-mail to that address. No confirmation = bad e-mail.
You'll probably want something in between: make sure there's an # in the middle, for example:
$email_arr = explode('#', $email);
if (sizeof($email_arr) !== 2 || $email_arr[0] == '' || $email_arr[1] == '')
... // definitely not valid
UPD: Marc B nailed it with filter_var($email, FILTER_VALIDATE_EMAIL)
That's probably the best way.
You can use regex to validate the format:
<?php
$email = "someone#example.com"; // or perhaps $_POST['email'];
if(eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*#[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email)) {
echo "Valid email address.";
}
else {
echo "Invalid email address.";
}
?>
http://php.net/manual/en/function.eregi.php
From my own code:
if( !preg_match( "(^[_a-z0-9-]+(\.[_a-z0-9-]+)*#[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$)i", $email))
echo "E-mail address invalid";
A very small number of legitimate addresses may fail, such as anything #example.info, and any email address that uses unusual characters, but for the most part this works nicely.

Categories