I am just wondering what you would do to validate against an email address, basically I want to know what Regular Expression you would use to check for a valid format. I've seen so many different ways of doing it, some I can definitely say can produce wrong results, but I'm not saying mine is perfect either, basically I want to perfect it.

Here's what I have, I use PHP's function eregi for this, so case is not important.



What I wanted to achieve was the first character of any email address should be a letter if I'm not mistaken, I probably should go back and read the RFC 2822 as this should have been my first stop in understanding how emails are handled and what is accepted and what isn't. Next I allow an alphanumeric words with underscore, dot and hyphen (minus), next comes the @ sign, after it I check again if the first character is a letter or number, after that another alphanumeric word which allows hypens as well, I don't think you can have an underscore in a domain name?, then comes a dot, then only a word with only letters, I'm still wondering whether to include numbers or not, but so far seen no signs of why I should. The last bit is the trickiest to make it work, basically it checks if another dot follows, if so it checks that there's a letter afterwards then a word of only letters, so there must exist at least 2 letters after the dot, if not, no match, it then continuously checks it over an over again with the additional dots.

Which means something like a2z-abc_def@a2z-abc.com.net.co.uk is valid, even if it does not exist, but that's where checking the host comes into play.

It's that end part that worries me a bit though as it can accept a large amount of dots and words over and over again, although I maybe able to find a limit in the RFC's so I will fix that accordingly to it, else it may be a problem. Other than that, after verifying if the email is valid, I would then check against DNS records or Hostname to see if the domain of the email exists, I could query the sever if the user exists but most servers suggest the user does even when they don't so I rather see if the host exists instead.

So what can you suggest to improve it? I know about shortform ways of writing it, but this is how eregi accepts it. I will now go off and read the RFCs on it, might look at the earlier one first before the newest.

Cheers,


MC

you can send them a link to validate their address...
you put the emailaddress in your db in a table that has two fields: the address and a boolean value, default 0 and send them a link like:
yourhost.com/validate?mail=theiremail
and they you just put the boolean on 1

for the reg expression, can't really think of anything better than the one you have
oh yeah, by the way, tnx for the linux boot thingy: i inserted my 1st cd, entered repair on boot and i was given the option to repair my bootloader! hurray! tnx mate

I understand the confirmation email side of things, although this is no membership system but rather just an ordinary form fill out where I want to eliminate any errors. I mean I could do multiple checks on it, splitting it etc, but I wanted a sure fire, basically one liner way of checking it, although now that I've thought about multiple checks, maybe I can look at how many checks I could possibly do to make sure it's valid and then try to build from that and simplify it to just a one liner.

I'm glad you got your linux sorted.

Cheers,


MC

mastercomputers:

so you want to validate email addresses? i would like to advice that you should use Client Side Scripting for that manner. This includes JavaScript and VBScript. This way, the validation will only be done at client, thus eliminating any unnecessary burden to the server and minimize the use for your bandwidth.

where to find the example? click your mouse to:
http://www.hotscript.com/

do a search, enter the keyword "email validation" and select "JavaScript" in the category. easy and simple.

Try PCRE (Perl Compatible Regular Expressions) (preg_*), it's much faster.
And, convert the email address to all lowercase first.

I changed mine a bit and now and also I use preg_match,

it now looks like



I think I will settle on this as the method although I will work out the minimum values, as that's my last resort for this, far from perfect but it does meet most problems I have seen. I will also try and see if I can find any performance difference in converting to lowercase and removing the case insensitive bit, escaping the characters or enclosing them in braces as it's just a small thing for now.

If you look at cryptwizards code, the only problem I can see is on the end \.[a-z0-9\-\.]

which will say blah_this@abc-def.com.au to be valid, but it also allows blah_this@abc-def.....com....au.. to be valid too.

After every dot, it's probably a good idea to check for a letter or number, but not if it's in the first part before the @ sign.

The last bit of an email, usually falls in the line of net, biz, com, org, etc but you can also get com.au, co.uk, etc. I believe there's no dashes in this part so I assume it's safe to leave those out. If there ever was a problem brought to my attention about this I would fix it promptly, but for now, I find my code fitting for it's purpose.

I have thought about client side checking, but I'm still left using the server to verify the rest of the data, so decided to do the whole thing server side, it's all built into my validator class so it's probably best to try and keep the code altogether than to partially split them between client and server. I also have less trust in client checking than server checking, considering that if I did do client side checking, I'd still use the server to verify it again, which means double the effort.

Thanks for the pointers though.

Cheers,


MC

If you were using Perl you could use:



For more about Regular Expressions, visit www.regularexpressions.info. Great Site

Short answer, it's impossible. even if you used RFC's issued 2000+ character regular expression, it would still fail some perfectly valid, deliverable addresses.
As far as checking the host, it can still be thrown off by gobbleDgook@hotmail.com.
In response to the suggestion of using client-side scripts, lots of people (myself included) have them disabled most of the time.
so, the onl way you can truly alidate an e-mail address is to actually send an e-mail to it

Perl Email Syntax Checker




cheers!

shiv

You could always use PHP

Yes I know that this is a Perl & CGI but PHP is considered cgi and server sides like javasxript with a user not haing it enabled will not work while the above will. Plus it takes care of .de.tk.anything with two character tlds.

This post has been edited by Houdini: Mar 21 2006, 12:34 AM