Php email validation

[keyboard1333]

Hello All,
I'm looking for a way to validate an email input ($email). Preferably like this -

Code:

if(!validemail) {
echo 'Please enter a valid email<br />';
$check = 'false';
}

I need it to validate all valid emails (I believe emails can have % signs in them and so on)

Thanks, Keyboard1333

[ApacheTech]

Enjoy.

PHP Code:

<?php

/**
Validate an email address.
Provide email address (raw input)
Returns true if the email address has the email 
address format and the domain exists.
*/
function validEmail($email)
{
   $isValid = true;
   $atIndex = strrpos($email, "@");
   if (is_bool($atIndex) && !$atIndex)
   {
      $isValid = false;
   }
   else
   {
      $domain = substr($email, $atIndex+1);
      $local = substr($email, 0, $atIndex);
      $localLen = strlen($local);
      $domainLen = strlen($domain);
      if ($localLen < 1 || $localLen > 64)
      {
         // local part length exceeded
         $isValid = false;
      }
      else if ($domainLen < 1 || $domainLen > 255)
      {
         // domain part length exceeded
         $isValid = false;
      }
      else if ($local[0] == '.' || $local[$localLen-1] == '.')
      {
         // local part starts or ends with '.'
         $isValid = false;
      }
      else if (preg_match('/\\.\\./', $local))
      {
         // local part has two consecutive dots
         $isValid = false;
      }
      else if (!preg_match('/^[A-Za-z0-9\\-\\.]+$/', $domain))
      {
         // character not valid in domain part
         $isValid = false;
      }
      else if (preg_match('/\\.\\./', $domain))
      {
         // domain part has two consecutive dots
         $isValid = false;
      }
      else if
(!preg_match('/^(\\\\.|[A-Za-z0-9!#%&`_=\\/$\'*+?^{}|~.-])+$/',
                 str_replace("\\\\","",$local)))
      {
         // character not valid in local part unless 
         // local part is quoted
         if (!preg_match('/^"(\\\\"|[^"])+"$/',
             str_replace("\\\\","",$local)))
         {
            $isValid = false;
         }
      }
      if ($isValid && !(checkdnsrr($domain,"MX") || checkdnsrr($domain,"A")))
      {
         // domain not found in DNS
         $isValid = false;
      }
   }
   return $isValid;
}

?>

[keyboard1333]

This part's making an error-

Code:

      if ($isValid && !(checkdnsrr($domain,"MX") || 
 ↪checkdnsrr($domain,"A")))

[ApacheTech]

Try:

PHP Code:

if ($isValid && !(checkdnsrr($domain,"MX") || checkdnsrr($domain,"A")))
      { 


Edited in above post.

[keyboard1333]

Thanks, I changed that and it fixed the error.
How do I actually validate with the code? (I never really use functions)

[traq]

why not

PHP Code:

<?php
function checkemail( $email ){
    return filter_var( $email,FILTER_VALIDATE_EMAIL );
}

filter_var uses this regex:

Code:

/^(?!(?:(?:\\x22?\\x5C[\\x00-\\x7E]\\x22?)|(?:\\x22?[^\\x5C\\x22]\\x22?)){255,})(?!(?:(?:\\x22?\\x5C[\\x00-\\x7E]\\x22?)|(?:\\x22?[^\\x5C\\x22]\\x22?)){65,}@)(?:(?:[\\x21\\x23-\\x27\\x2A\\x2B\\x2D\\x2F-\\x39\\x3D\\x3F\\x5E-\\x7E]+)|(?:\\x22(?:[\\x01-\\x08\\x0B\\x0C\\x0E-\\x1F\\x21\\x23-\\x5B\\x5D-\\x7F]|(?:\\x5C[\\x00-\\x7F]))*\\x22))(?:\\.(?:(?:[\\x21\\x23-\\x27\\x2A\\x2B\\x2D\\x2F-\\x39\\x3D\\x3F\\x5E-\\x7E]+)|(?:\\x22(?:[\\x01-\\x08\\x0B\\x0C\\x0E-\\x1F\\x21\\x23-\\x5B\\x5D-\\x7F]|(?:\\x5C[\\x00-\\x7F]))*\\x22)))*@(?:(?:(?!.*[^.]{64,})(?:(?:(?:xn--)?[a-z0-9]+(?:-+[a-z0-9]+)*\\.){1,126}){1,}(?:(?:[a-z][a-z0-9]*)|(?:(?:xn--)[a-z0-9]+))(?:-+[a-z0-9]+)*)|(?:\\[(?:(?:IPv6:(?:(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){7})|(?:(?!(?:.*[a-f0-9][:\\]]){7,})(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,5})?::(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,5})?)))|(?:(?:IPv6:(?:(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){5}:)|(?:(?!(?:.*[a-f0-9]:){5,})(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,3})?::(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,3}:)?)))?(?:(?:25[0-5])|(?:2[0-4][0-9])|(?:1[0-9]{2})|(?:[1-9]?[0-9]))(?:\\.(?:(?:25[0-5])|(?:2[0-4][0-9])|(?:1[0-9]{2})|(?:[1-9]?[0-9]))){3}))\\]))$/iD

which is fairly complete. it doesn't check domain name records as Apache's function does, however, note that just because a domain name exists doesn't mean that the email address does too.

In the end, the only way to confirm that an email really exists is to send an email to it and see if it bounces.

Also consider that many DNS servers (google and opendns included) drop record check requests that they think are automated - so checkdnsrr() actually fails more often than you might think.

[ApacheTech]

That code is from a 12 page guide on how to fully validate emails via PHP. One of the first links in a simple search for "php email address validation".

Usage:

PHP Code:

<?php

if (!validEmail($email)) {
    // Do something if email is not valid.
} else {
    // Do something is email is valid.
}
?>

[djr33]

But as traq pointed out (a little indirectly) there are problems with that script, and clearly it's more work than just using PHP's built in function for it, as shown in his post.

[ApacheTech]

I had no idea there was such a function inbuilt into php, lol. Thank you to Traq for the lesson.

[traq]

That code is from a 12 page guide on how to fully validate emails via PHP. One of the first links in a simple search for "php email address validation".

Right - I'm not saying it won't work, or that it is in any way "bad" (though the DNS record check will probably only get more problematic over time). Just that there are much simpler/quicker ways to get similar results.