Write For Us
php
email
email-validation
filter-var

Why does PHP filter_var say that this is a valid email address?

Viewed   71 times

I use the filter_var PHP function to validate email address when a user signs up to my site.

I use this code from the post:

$email = filter_var($_POST['email'], FILTER_VALIDATE_EMAIL);

then later I do:

if(!$email) {
  // return to the form 
}
else {
  // send registration info
}

now when I var_dump($email), I get the output:

string(23) "user."name"@example.com"

I would like to know why this does not return false. I think the double quotes are not acceptable, so why does PHP say it’s valid?

 Answers

1

It is a valid email address :

A quoted string may exist as a dot separated entity within the local-part or it may exist when the outermost quotes are the outermost chars of the local-part (e.g. abc."defghi"[email protected] or "abcdefghixyz"@example.com are allowed. abc"defghi"[email protected] is not; neither is abc"def"[email protected]).

Tuesday, November 15, 2022
 
pmandell
 
pmandell
1

Try using your ISP's or company's server as a relay. Use a sending address which exists, so that validation can be done on it, and bounces sent back to it. You may want to setup a separate domain for verification such as verification.example.com. You could then send the validation message from [email protected]. Replace application and example as appropriate.

You may also want to look at https://serverfault.com/questions/241189/email-delivery-management-grievances#241260.

Sunday, December 11, 2022
 
7urkm3n
 
7urkm3n
5

Basically if your mailbox is an IMAP you could reference these functions via PHP http://www.php.net/manual/en/ref.imap.php (if enabled, check your phpinfo()) and read that specific mailbox (http://www.php.net/manual/en/function.imap-open.php). Run a cronjob every 10 minutes maybe (I say 10minutes as I dont see many people doing this), loop thru all the emails (if any), run your logic to verify that email account, send them an email to say its been verified, then delete that email item from your account so you are not creating a massive backlog of emails.

Its risky way of wanting someone to verify but this is probably one way of doing it.

Thursday, December 15, 2022
 
andrey_vlasovskikh
 
andrey_vlasovskikh
5

There is no point. Even if you can verify that the email address is syntactically valid, you'll still need to check that it was not mistyped, and that it actually goes to the person you think it does. The only way to do that is to send them an email and have them click a link to verify.

Therefore, a most basic check (e.g. that they didn't accidentally entered their street address) is usually enough. Something like: it has exactly one @ sign, and at least one . in the part after the @:

[^@]+@[^@]+.[^@]+

You'd probably also want to disallow whitespace -- there are probably valid email addresses with whitespace in them, but I've never seen one, so the odds of this being a user error are on your side.

If you want the full check, have a look at this question.

Update: Here's how you could use any such regex:

import re

if not re.match(r"... regex here ...", email):
  # whatever

Python ?3.4 has re.fullmatch which is preferable to re.match.

Note the r in front of the string; this way, you won't need to escape things twice.

If you have a large number of regexes to check, it might be faster to compile the regex first:

import re

EMAIL_REGEX = re.compile(r"... regex here ...")

if not EMAIL_REGEX.match(email):
  # whatever

Another option is to use the validate_email package, which actually contacts the SMTP server to verify that the address exists. This still doesn't guarantee that it belongs to the right person, though.

Sunday, August 28, 2022
 
thorsten_westheider
 
thorsten_westheider
4

An email address must not exceed 254 characters.

This was accepted by the IETF following submitted erratum. A full diagnosis of any given address is available online. The original version of RFC 3696 described 320 as the maximum length, but John Klensin subsequently accepted an incorrect value, since a Path is defined as

Path = "<" [ A-d-l ":" ] Mailbox ">"

So the Mailbox element (i.e., the email address) has angle brackets around it to form a Path, which a maximum length of 254 characters to restrict the Path length to 256 characters or fewer.

The maximum length specified in RFC 5321 states:

The maximum total length of a reverse-path or forward-path is 256 characters.

RFC 3696 was corrected here.

People should be aware of the errata against RFC 3696 in particular. Three of the canonical examples are in fact invalid addresses.

I've collated a couple hundred test addresses, which you can find at http://www.dominicsayers.com/isemail

Sunday, November 27, 2022
 
james_brewer
 
james_brewer
Only authorized users can answer the search term. Please sign in first, or register a free account.
Not the answer you're looking for? Browse other questions tagged :
php
email
email-validation
filter-var
 
Share
Related Answers
89
 Why does PHP not complain when I treat a null value as an array like this?
89
 How do I check if a users input is a valid IP address or not?
122
 How to check for a duplicate email address in PHP, considering Gmail ([email protected])
115
 Why does PHP create a new instance of a singleton each time the script calling Foo::getInstance() is run?
82
 What characters are allowed in an email address?
213
 How to check for valid email address?
297
 What is the maximum length of a valid email address?
70
 Correctly determine if date string is a valid date in that format
258
 How do I resolve “Please make sure that the file is accessible and that it is a valid assembly or COM component”?
75
 Valid email address regular expression?
Top Answers Related To

php,email,email-validation,filter-var

223
 Change the sender name php mail instead of [email protected]
169
 PHP Mail Headers
51
 php filter var returning a wrong result
64
 Process RECEIVED email attatchment with PHP
74
 validate a .edu or .ac email address
132
 Php/javascript email form and validation
65
 How to send validation email without going into the spam folder?
67
 E-mail verification through e-mail & PHP?
64
 Remove invalid email format in PHP
52
 PHP code to Read Sent Items from an Email Account
Write For Us · Blog · Privacy · Faqs · Terms of Use · Contact us ·